Podcasts about clamav

In today's episode, learn how an attacker attempted to exploit webmail XSS vulnerablities against us. Sonicwall released a critical patch fixing an already exploited vulnerability in its SMA 1000 appliance. Cisco fixed vulnerabilities in ClamAV and its Meeting Manager REST API. Learn from SANS.edu student Anthony Russo how to take advantage of AI for SOAR. XSS Attempts via E-Mail https://isc.sans.edu/diary/XSS%20Attempts%20via%20E-Mail/31620 An analysis of a recent surge in email-based XSS attack attempts targeting users and organizations. Learn the implications and mitigation techniques. SonicWall PSIRT Advisory: CVE-2025-23006 https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0002 CVE-2025-23006 Details of a critical vulnerability in SonicWall appliances (SNWLID-2025-0002) and what you need to do to secure your systems. Cisco ClamAV Advisory: OLE2 Parsing Vulnerability https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-ole2-H549rphA A DoS vulnerability in the popular open source anti virus engine ClamAV Cisco CMM Privilege Escalation Vulnerability https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cmm-privesc-uy2Vf8pc A patch of a privilege escalation flaw in Cisco s CMM module.

CISA and FBI detail exploit chains used by Chinese hackers to compromise Ivanti Cloud Service Appliances. Energy systems in Central Europe use unencrypted radio signals. A critical SonicWall vulnerability is under active exploitation. The Nnice ransomware strain isn't. Cisco discloses a critical vulnerability in its Meeting Management tool. GhostGPT is a new malicious generative AI chatbot. ClamAV patches critical vulnerabilities in the open-source anti-virus engine. A new report questions the effectiveness of paying ransomware demands. DOGE piggybacks on the United States Digital Service. On our Industry Voices segment, we are joined by Joe Gillespie, Senior Vice President at Booz Allen, discussing Cyber AI. Jen Easterly leaves CISA a legacy of resilience and dedication.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. Industry Voices Today on our Industry Voices segment, we are joined by Joe Gillespie, Senior Vice President at Booz Allen, discussing Cyber AI. Selected Reading FBI/CISA Share Details on Ivanti Exploits Chains: What Network Defenders Need to Know (SecurityWeek) Researchers say new attack could take down the European power grid (Ars Technica) Critical SonicWall Vulnerability Exploited In Attacks Execute Arbitrary OS Commands (Cyber Security News) Nnice Ransomware Attacking Windows Systems With Advanced Encryption Techniques (GB Hackers) Cisco Fixes Critical Vulnerability in Meeting Management (Infosecurity Magazine) New GhostGPT AI Chatbot Facilitates Malware Creation and Phishing (Infosecurity Magazine) Open-Source ClamAV Releases Critical Security Patch Updates – What's Inside! (Cyber Security News) Companies who pay off ransomware attackers rarely get their data back, survey shows (Cybernews) Elon Musk Plays DOGE Ball—and Hits America's Geek Squad (WIRED) Under Trump, US Cyberdefense Loses Its Head (WIRED)  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

This week the guys are chatting about Snap improvements, the new Ryzen 9 9000 chips, and Debian 11 hitting LTS. Then they chat about Tails, Proton VPN, and ClamAV 1.4 all for security. Then Ubuntu prepares for 24.10 with some Easter eggs, and HandBrake fixes some irritating problems. For tips we have Cosmic community projects, Reflector for Arch Mirrors, wl-clipboard, and a one-liner to apply patches from a URL. You can find the show notes at https://bit.ly/3M836zB and see you next week! Host: Jonathan Bennett Co-Hosts: Ken McDonald, Jeff Massie, and Rob Campbell Want access to the video version and exclusive features? Become a member of Club TWiT today! https://twit.tv/clubtwit Club TWiT members can discuss this episode and leave feedback in the Club TWiT Discord.

In this bounty episode, some straightforward bugs were disclosed in GhostCMS and ClamAV, and Portswigger publishes their top 10 list of web hacking techniques from 2023. Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/243.html [00:00:00] Introduction [00:02:15] Ghost CMS Stored XSS Leading to Owner Takeover [CVE-2024-23724] [00:16:07] ClamAV Not So Calm [CVE-2024-20328] [00:21:00] Top 10 web hacking techniques of 2023 [00:44:46] Hacking a Smart Home Device [00:48:15] Cloud cryptography demystified: Amazon Web Services The DAY[0] Podcast episodes are streamed live on Twitch twice a week: -- Mondays at 3:00pm Eastern (Boston) we focus on web and more bug bounty style vulnerabilities -- Tuesdays at 7:00pm Eastern (Boston) we focus on lower-level vulnerabilities and exploits. We are also available on the usual podcast platforms: -- Apple Podcasts: https://podcasts.apple.com/us/podcast/id1484046063 -- Spotify: https://open.spotify.com/show/4NKCxk8aPEuEFuHsEQ9Tdt -- Google Podcasts: https://www.google.com/podcasts?feed=aHR0cHM6Ly9hbmNob3IuZm0vcy9hMTIxYTI0L3BvZGNhc3QvcnNz -- Other audio platforms can be found at https://anchor.fm/dayzerosec You can also join our discord: https://discord.gg/daTxTK9

-- During The Show -- 00:58 Intro Viral videos YouTube Profiling Rich Men North of Richmond - Wikipedia (https://en.wikipedia.org/wiki/Rich_Men_North_of_Richmond) 04:17 Chat Programs, Kid access etc - Semantic Scholar Beeper Kids on platforms Affects of 'screens' Kids & Technology 12:12 Just thanks - Entransic Thanks for the show! 12:30 Soldering Iron? - Charlie Soldering irons peak Pinecil (https://pine64.com/product/pinecil-smart-mini-portable-soldering-iron/) Can take a while to get TS100 and TS101 Runs off 12v Adjustable temp 16:36 News Wire Linux Turns 32, Linux 6.5 - OMG Ubuntu (https://www.omgubuntu.co.uk/2023/08/linux-kernel-6-5-features) Bohdi Linux 9 - Bodhi Linux (https://www.bodhilinux.com/release/7-0-0/) Mageia 9 - Mageia (https://www.mageia.org/en/9/) QEMU 8.1 - Phoronix (https://www.phoronix.com/news/QEMU-8.1-Released) GNU Coreutils 9.4 - Phoronix (https://www.phoronix.com/news/GNU-Coreutils-9.4) ClamAV 1.2 - ClamAV (https://blog.clamav.net/2023/08/clamav-120-feature-version-and-111-102.html) Firefox 117 - Mozilla (https://www.mozilla.org/en-US/firefox/117.0/releasenotes/) Card/IO - Hackaday (https://hackaday.com/2023/08/27/card-io-is-a-credit-card-sized-open-source-ecg-monitor/) Sipeed - CNX Software (https://www.cnx-software.com/2023/08/28/sipeed-unveils-risc-v-tablet-portable-linux-console-and-cluster/) Alibaba's AI Offerings - Insider Intelligence (https://www.insiderintelligence.com/content/alibaba-adopts-open-source-model-ai-offerings-intensifying-competition-china) Stable Chat - Infoq (https://www.infoq.com/news/2023/08/stable-chat/) eSentire LLM Gateway - Dark Reading (https://www.darkreading.com/dr-tech/esentire-labs-open-sources-project-to-monitor-llms) Facebook LLAMA Deceitful - Wired (https://www.wired.com/story/the-myth-of-open-source-ai/) Enterprise Not Using Commercial LLMs - Inside Big Data (https://insidebigdata.com/2023/08/23/survey-more-than-75-of-enterprises-dont-plan-to-use-commercial-llms-in-production-citing-data-privacy-as-primary-concern/) Monti Ransomware Group - Bank Info Security (https://www.bankinfosecurity.com/monti-ransomware-deploying-new-linux-encryptor-a-22904) Linux on Commodore 64 - Github (https://github.com/onnokort/semu-c64) 19:17 Caller - Ryan for Georgia OpenWRT Routers Adding router to existing network Routers do more than routing Double NAT Switching gateways Connect both routers to the modem via a switch 33:09 sharper0746 How would you self host a blog? Hugo (https://gohugo.io/) static site WikiJS (https://js.wiki/) 35:50 Self Host YouTube Tube Archivist (https://www.tubearchivist.com/) Tube Archivist GitHub (https://github.com/tubearchivist/tubearchivist) Nice WebUI Google/YouTube is entangled in everthing Google/YouTube is hard to block YouTube deletes content More private No RBAC Honorable Mentions Invidious (https://invidious.io/) Archivy (https://archivy.github.io) Archive Box (https://archivebox.io/) Searx (https://searx.github.io/searx/) -- The Extra Credit Section -- For links to the articles and material referenced in this week's episode check out this week's page from our podcast dashboard! This Episode's Podcast Dashboard (http://podcast.asknoahshow.com/352) Phone Systems for Ask Noah provided by Voxtelesys (http://www.voxtelesys.com/asknoah) Join us in our dedicated chatroom #GeekLab:linuxdelta.com on Matrix (https://element.linuxdelta.com/#/room/#geeklab:linuxdelta.com) -- Stay In Touch -- Find all the resources for this show on the Ask Noah Dashboard Ask Noah Dashboard (http://www.asknoahshow.com) Need more help than a radio show can offer? Altispeed provides commercial IT services and they're excited to offer you a great deal for listening to the Ask Noah Show. Call today and ask about the discount for listeners of the Ask Noah Show! Altispeed Technologies (http://www.altispeed.com/) Contact Noah live [at] asknoahshow.com -- Twitter -- Noah - Kernellinux (https://twitter.com/kernellinux) Ask Noah Show (https://twitter.com/asknoahshow) Altispeed Technologies (https://twitter.com/altispeed)

Passkeys are finally here to replace your passwords! What are your boundaries when choosing to support or to avoid companies? As always, your questions go to the front of the line! -- During The Show -- 01:30 ZFS Questions - DJ Drive Slot hosting ZFS.rent Niche of a niche Bare Metal Altispeed 08:20 Note Taking - Erik Standard Notes Joplin Technical debt Will the team be more effective? Evaluating/Bolting things on 17:08 NFS Stability - Jacob SystemD vs AutoFS Fstab Tuning NFS Noah's NFS Arguments 127.0.0.1:/path/to/data /local/mount/point nfs auto,nofail,noatime,nolock,intr,tcp,actimeo=1800 0 0 22:05 AOSP Projects & Tensions - Sunjam There are 10 parts to every story Open Source remains unaffected Pit tour story 27:00 News Wire Linux 6.4 RC1 lkml (https://lkml.org/lkml/2023/5/7/206) GCC 12.3 GNU (https://gcc.gnu.org/pipermail/gcc/2023-May/241261.html) ClamAV 1.1.0 ClamAV (https://blog.clamav.net/2023/05/clamav-110-released.html) QT Creator 10.0.1 Qt IO (https://www.qt.io/blog/qt-creator-10.0.1-released) Parrot OS 5.3 Twitter (https://twitter.com/ParrotSec/status/1655603543464726529) Cloud Tencent (https://mirrors.cloud.tencent.com/parrot/iso/current/) CIQ Mountain DBTA (https://www.dbta.com/Editorial/News-Flashes/CIQ-Mountain-Launch-Enables-Rocky-Linux-Users-to-Securely-Manage-Solutions-Throughout-the-Software-Lifecycle-158535.aspx) Bazel Docker Plugin Security Week (https://www.securityweek.com/google-releases-open-source-bazel-plugin-for-container-image-security/) Unlocking Pixels Disabled Fitzsim (https://www.fitzsim.org/blog/?p=545) Monocle AR Spectrum (https://spectrum.ieee.org/augmented-reality-eyepieces) DIY-Thermocam V3 EE News Europe (https://www.eenewseurope.com/en/diy-open-source-thermal-camera/) Focus Ir14 Kfocus (https://kfocus.org/spec/spec-ir14.html) Tidelift Survey Devops (https://devops.com/survey-most-open-source-software-maintainers-want-to-get-paid/) Mattermost & AI Open Source For U (https://www.opensourceforu.com/2023/05/mattermost-empowers-open-source-collaboration-using-generative-ai/) UC Berkley LLaMA Alternative The Insane App (https://www.theinsaneapp.com/2023/05/open-llama.html) 29:50 Google Passkeys Part of the FIDO2 WebAuthn Standard Cryptographic keys How passkeys work Google already pushed out passkeys Passkey works on Linux Google's implementation doesn't work on Linux Couldn't get bluetooth working Doesn't work on google workplace High value target threat modeling Bio-metrics are bad Miserable experience on phones ARS Technica (https://arstechnica.com/information-technology/2023/05/passwordless-google-accounts-are-easier-and-more-secure-than-passwords-heres-why/) Google Passkeys (https://g.co/passkeys) Google.com (myaccount.google.com/signinoptions/passkeys) www.passkeys.io/ Bonus Content SQRL (https://www.grc.com/sqrl/sqrl.htm) 40:24 Boycotting/Supporting Companies Mullvad was raided No data was provided to authorities Where is the line? Private VPNs serve a small community Don't shoot your own foot Don't you want your VPN to be raided? Why are you using a VPN? Mullvad (https://mullvad.net/en/blog/2023/4/20/mullvad-vpn-was-subject-to-a-search-warrant-customer-data-not-compromised/) 49:26 Nett Warrior System Next Generation Hub (NGH) Heavily modified phones Loaded NSA Android Android Tactical Tool Kit (ATAK) The Register (https://www.theregister.com/2023/05/08/us_army_usb/?td=rt-3a) EFF (https://www.eff.org/deeplinks/2023/05/kids-online-safety-act-still-huge-danger-our-rights-online) 52:40 Announcements Red Hat Summit - May 22-24 SELF June 9-11 SELF Matrix Space (https://matrix.to/#/#self:linuxdelta.com) Noah's Booth -- The Extra Credit Section -- For links to the articles and material referenced in this week's episode check out this week's page from our podcast dashboard! This Episode's Podcast Dashboard (http://podcast.asknoahshow.com/336) Phone Systems for Ask Noah provided by Voxtelesys (http://www.voxtelesys.com/asknoah) Join us in our dedicated chatroom #GeekLab:linuxdelta.com on Matrix (https://element.linuxdelta.com/#/room/#geeklab:linuxdelta.com) -- Stay In Touch -- Find all the resources for this show on the Ask Noah Dashboard Ask Noah Dashboard (http://www.asknoahshow.com) Need more help than a radio show can offer? Altispeed provides commercial IT services and they're excited to offer you a great deal for listening to the Ask Noah Show. Call today and ask about the discount for listeners of the Ask Noah Show! Altispeed Technologies (http://www.altispeed.com/) Contact Noah live [at] asknoahshow.com -- Twitter -- Noah - Kernellinux (https://twitter.com/kernellinux) Ask Noah Show (https://twitter.com/asknoahshow) Altispeed Technologies (https://twitter.com/altispeed)

Coming up in this episode 1. Plasma's Kind of Hot Right Now 2. Brush your passwords 3. Browser Watch! 4. A little feedback 5. And a little FOCUS 0:00 Cold Open 1:33 Akademy Awards 3:22 Plasma 5.27 24:33 Your Last Pass... Word 47:05 Browser Watch! 55:36 The Mailbag 1:05:35 Community Focus: Vashinator 1:08:08 App Focus: ClamAV 1:20:24 Next Time: EndlessOS History 1:22:25 Stinger Watch this episode on Youtube (https://youtu.be/L3haDDxBJU0) https://youtu.be/L3haDDxBJU0 Banter Akademy videos are online (https://tube.kockatoo.org/c/akademy/videos?s=1) Plasma 5.27 is ❤ (https://kde.org/announcements/plasma/5/5.27.0/) Nick from The Linux Experiment did a video that goes over some highlights (https://youtu.be/onPUaAKoGIM). Jupiter Broadcasting covered it in Linux Action News too. (https://linuxactionnews.com/280) The question of why isn't KDE Plasma the main DE for a main distro comes around every once and a while (https://www.reddit.com/r/linux/comments/x8m0bt/comment/injemm2/?utm_source=share&utm_medium=web2x&context=3). Announcements Give us a sub on YouTube (https://linuxuserspace.show/youtube) and TILvids (https://tilvids.com/a/linuxuserspace). You can watch us live on Twitch (https://linuxuserspace.show/twitch) the day after an episode drops. If you like what we're doing here, make sure to send us a buck over at https://patreon.com/linuxuserspace Password hygiene is all the rage LastPass Blog announcement of the security incident (https://blog.lastpass.com/2022/12/notice-of-recent-security-incident/) We talked a lot about password managers in episode 11 (https://www.linuxuserspace.show/311). Mozilla's pitch (https://blog.mozilla.org/en/privacy-security/privacy-security-tips/your-childs-name-makes-a-horrible-password/). Brian Krebs has this to say (https://krebsonsecurity.com/password-dos-and-donts/). You can check your passwords against Have I Been Pwned (https://haveibeenpwned.com/Passwords). If you use Bitwarden/Vaultwarden, you can use the reports (https://bitwarden.com/help/reports/) to check exposed, reused, and weak passwords. More Announcements Want to have a topic covered or have some feedback? - send us an email, contact@linuxuserspace.show Browser Watch Gnome Web has a new UI (https://thisweek.gnome.org/posts/2023/02/twig-83/#web) for handling permissions. We pitched Gnome Web a couple of episodes ago (https://www.linuxuserspace.show/315). Version 110, Firefox (https://www.mozilla.org/en-US/firefox/110.0/releasenotes/) got the addition to import bookmarks, passwords and history from Opera, Opera GX, and Vivaldi. Vivaldi makes improvements to their Window Panel (https://vivaldi.com/blog/vivaldi-5-7-on-desktop/). Brave does HTTPS everywhere (https://brave.com/privacy-updates/22-https-by-default/). Microsoft Edge adds Adobe Acrobat (https://www.bleepingcomputer.com/news/microsoft/microsoft-edge-will-switch-to-adobe-acrobats-pdf-rendering-engine/). Feedback "ee" "dee", gotcha

Thanks for tuning in to YusufOnSecurity, the cyber-security podcast for everyday defender from analyst to the C-Suites, in plain english.When a vulnerability is discovered, reported ang  assigned a score called a CVE its impacts must be understood beyond the CVE number.  A common method information security specialists use for this process is the [Common Vulnerability Scoring System (CVSS)](https://www.first.org/cvss/).  That is the topic of this week episode.In addition, we will recap other  trending  security news  includes:Atlasian data leak was caused by an employee's stolen credentialCisco issued a fix for ClamAV - https://sec.cloudapps.cisco.com: ClamAV HFS+ Partition Scanning Buffer Overflow Vulnerability Affecting Cisco Products: February 2023- https://cve.mitre.org: CVE-2023-20032- https://www.first.org: CVSS Specification DocumentBe sure to subscribe! If you like the content. Follow me @iayusuf or read my blog at https://yusufonsecurity.comYou will find a list of all previous episodes in there too.

Rust-Freunde aufgepasst! In der letzten Newsfolge für dieses Jahr besprechen wir die neue Linux-Kernelversion 6.1 und werfen einen Blick auf ein neues Dateisystem ComposeFS. In Proxmox 7.3 und Proxmox Backup Server 2.3 gibt es einige kleinere neue Features, während Uyuni und openSUSE Funktionen einstreichen. Von Asahi Linux und Forgejo gibt es spannende News. Zuletzt tauchen zwei alte Bekannte wieder auf: ClamAV, erstmalig in Version 1.0, und SCO mit einem neuen alten Prozess gegen IBM und Red Hat. Linux 6.1 https://linuxnews.de/2022/12/12/linux-6-1-mit-initialem-rust-code-freigegeben/ https://www.phoronix.com/news/Linux-Splitlock-Hurts-Gaming https://www.phoronix.com/news/Linux-6.2-Arm-SoC-Updates Red Hat ComposeFS: https://www.heise.de/news/Und-wieder-mal-ein-neues-Dateisystem-fuer-Linux-Red-Hat-startet-ComposeFS-7361557.html Uyuni 2022.11 Release Notes: https://www.uyuni-project.org/doc/2022.11/release-notes-uyuni-server.html#_version_2022_11 Bugs https://lists.opensuse.org/archives/list/announce@lists.uyuni-project.org/thread/ZGMN2RLLLADZKYZI2PCPVQEP2KT3M2VY/ https://lists.opensuse.org/archives/list/announce@lists.uyuni-project.org/thread/C4H5RSOST43NUNXJS37B2I6DST4YBFJB/ https://lists.opensuse.org/archives/list/announce@lists.uyuni-project.org/thread/K5FY2MRWKOBGJUJN776KRXZ6RSYTXARC/ https://lists.opensuse.org/archives/list/announce@lists.uyuni-project.org/thread/5NJO7ZBHWPXQG43GS56W4AMNFSUCZAAN/ Proxmox 7.3 Heise-Artikel: https://www.heise.de/news/Linux-fuer-Virtualisierung-und-Container-Proxmox-VE-7-3-mit-neuem-ZFS-dRAID-7356922.html Release Notes: https://forum.proxmox.com/threads/proxmox-ve-7-3-released.118390/ Proxmox Backup Server 2.3 Proxmox-Pressemitteilung: https://www.proxmox.com/de/news/pressemitteilungen/proxmox-backup-server-2-3 Release Notes: https://pbs.proxmox.com/wiki/index.php/Roadmap#Proxmox_Backup_Server_2.3 openSUSE schränkt Support für alte x86_64-CPUs ein: https://www.golem.de/news/linux-opensuse-setzt-neueres-x86-mikroarchitektur-level-um-2211-170100.html Asahi Linux M2 GPU-Update https://vt.social/@lina/109407736296055313 https://asahilinux.org/2022/11/tales-of-the-m1-gpu/ https://www.golem.de/news/asahi-linux-rust-magie-macht-linux-treiber-fuer-apple-gpu-moeglich-2211-170130.html https://social.treehouse.systems/@AsahiLinux/109388169079044547 Forgejo Download-Seite: https://forgejo.org/download/ Quellcode-Repositories: https://codeberg.org/forgejo ClamAV 1.0: https://www.golem.de/news/malware-clamav-erscheint-nach-20-jahren-in-version-1-0-2211-170135.html https://linuxnews.de/2022/12/01/anti-virus-clamav-erreicht-nach-20-jahren-v1-0/ SCO vs. IBM geht vielleicht in die nächste Runde https://www.heise.de/news/SCO-v-IBM-Unendlicher-Rechtsstreit-wandert-nach-New-York-7359586.html https://www.heise.de/ct/artikel/SCO-vs-Linux-Die-unendliche-Geschichte-302076.html Kurznews TUXEDO OS 2-Vorschau: https://linuxnews.de/2022/11/24/tuxedo-os-2-als-vorschau/ Grml 2022.11 erschienen: https://linuxnews.de/2022/12/01/grml-2022-11-ehrt-sven-guckes/ Raspberry Pi Supply Chain Issues Beginning To Ease Up https://www.phoronix.com/news/Raspberry-Pi-Recovering-In-2023 Tooltipps jo: https://github.com/jpmens/jo k9s: https://k9scli.io/ wl-clipboard: https://github.com/bugaevc/wl-clipboard

Rust-Freunde aufgepasst! In der letzten Newsfolge für dieses Jahr besprechen wir die neue Linux-Kernelversion 6.1 und werfen einen Blick auf ein neues Dateisystem ComposeFS. In Proxmox 7.3 und Proxmox Backup Server 2.3 gibt es einige kleinere neue Features, während Uyuni und openSUSE Funktionen einstreichen. Von Asahi Linux und Forgejo gibt es spannende News. Zuletzt tauchen zwei alte Bekannte wieder auf: ClamAV, erstmalig in Version 1.0, und SCO mit einem neuen alten Prozess gegen IBM und Red Hat. Linux 6.1 https://linuxnews.de/2022/12/12/linux-6-1-mit-initialem-rust-code-freigegeben/ https://www.phoronix.com/news/Linux-Splitlock-Hurts-Gaming https://www.phoronix.com/news/Linux-6.2-Arm-SoC-Updates Red Hat ComposeFS: https://www.heise.de/news/Und-wieder-mal-ein-neues-Dateisystem-fuer-Linux-Red-Hat-startet-ComposeFS-7361557.html Uyuni 2022.11 Release Notes: https://www.uyuni-project.org/doc/2022.11/release-notes-uyuni-server.html#_version_2022_11 Bugs https://lists.opensuse.org/archives/list/announce@lists.uyuni-project.org/thread/ZGMN2RLLLADZKYZI2PCPVQEP2KT3M2VY/ https://lists.opensuse.org/archives/list/announce@lists.uyuni-project.org/thread/C4H5RSOST43NUNXJS37B2I6DST4YBFJB/ https://lists.opensuse.org/archives/list/announce@lists.uyuni-project.org/thread/K5FY2MRWKOBGJUJN776KRXZ6RSYTXARC/ https://lists.opensuse.org/archives/list/announce@lists.uyuni-project.org/thread/5NJO7ZBHWPXQG43GS56W4AMNFSUCZAAN/ Proxmox 7.3 Heise-Artikel: https://www.heise.de/news/Linux-fuer-Virtualisierung-und-Container-Proxmox-VE-7-3-mit-neuem-ZFS-dRAID-7356922.html Release Notes: https://forum.proxmox.com/threads/proxmox-ve-7-3-released.118390/ Proxmox Backup Server 2.3 Proxmox-Pressemitteilung: https://www.proxmox.com/de/news/pressemitteilungen/proxmox-backup-server-2-3 Release Notes: https://pbs.proxmox.com/wiki/index.php/Roadmap#Proxmox_Backup_Server_2.3 openSUSE schränkt Support für alte x86_64-CPUs ein: https://www.golem.de/news/linux-opensuse-setzt-neueres-x86-mikroarchitektur-level-um-2211-170100.html Asahi Linux M2 GPU-Update https://vt.social/@lina/109407736296055313 https://asahilinux.org/2022/11/tales-of-the-m1-gpu/ https://www.golem.de/news/asahi-linux-rust-magie-macht-linux-treiber-fuer-apple-gpu-moeglich-2211-170130.html https://social.treehouse.systems/@AsahiLinux/109388169079044547 Forgejo Download-Seite: https://forgejo.org/download/ Quellcode-Repositories: https://codeberg.org/forgejo ClamAV 1.0: https://www.golem.de/news/malware-clamav-erscheint-nach-20-jahren-in-version-1-0-2211-170135.html https://linuxnews.de/2022/12/01/anti-virus-clamav-erreicht-nach-20-jahren-v1-0/ SCO vs. IBM geht vielleicht in die nächste Runde https://www.heise.de/news/SCO-v-IBM-Unendlicher-Rechtsstreit-wandert-nach-New-York-7359586.html https://www.heise.de/ct/artikel/SCO-vs-Linux-Die-unendliche-Geschichte-302076.html Kurznews TUXEDO OS 2-Vorschau: https://linuxnews.de/2022/11/24/tuxedo-os-2-als-vorschau/ Grml 2022.11 erschienen: https://linuxnews.de/2022/12/01/grml-2022-11-ehrt-sven-guckes/ Raspberry Pi Supply Chain Issues Beginning To Ease Up https://www.phoronix.com/news/Raspberry-Pi-Recovering-In-2023 Tooltipps jo: https://github.com/jpmens/jo k9s: https://k9scli.io/ wl-clipboard: https://github.com/bugaevc/wl-clipboard

Episode SummaryThis week is super simple. There are four programs everyone should have.  3 of which you can use on both your laptop and phone, and one that's desktop only (ClamAV).So, when you're done listening to today's episode, you're going to want to download and use these.Pro-Tip: Always activate your VPN if you're out and about. You can't trust every public Wi-FI spot that's out there. And while many are legit, it's just as easy to activate your VPN before connecting to any of them on your phone.Resources Mentioned In Today's ShowSignal

Do you purchase technology with the expectation that it's consumable or disposable? Noah and Steve talk about considerations to make sure you get the best bang for your buck! -- During The Show -- 01:26 Laptop suggestion? - Bri Apple is not an option Struggle to recommend HP Dell is great! Latitude Line Noah's Dell Latitude 7330 Buy second hand Dell Latitude 7490 (https://www.ebay.com/itm/384872907927?epid=10056615806&hash=item599c368497:g:VbgAAOSw0Stic-1w&amdata=enc%3AAQAHAAAA4MQVH%2Bv6uzEFBd6EZb%2B97zb9ecLMT0wwjtblim1kNmuacpeemZqobIMAKqjVSFF7EaaZbt2viDWGqmeCVDmfjc4p6ZnAXB%2FprhAt6IFX3xrSqo1F8uBS3bydbVBefVOXBJ8cg9lMrAmhj2Yw00JAMll8Sa183yMRRSTcFvVoXYScAFVDh7ja5w1b8fpAMr%2F7vu%2BWibTB9ygjKyWmGee7j3NvEAAYb5TLHgbl%2FsTdM%2FVJwc0JcdYfhntlTjy2s6fqFFOawvP%2Ft%2B8g1Ovw8zqIrnxAJPzP3zGEdpxq%2Bf9febzo%7Ctkp%3ABFBMyrXenZ1h#readMoreDesc) Reach out to System76 07:40 Sip phone recommendation? - Charlie Fanvil X3U Yealink maybe better than Grandstream UniFi Switches TP Link Switches 12:20 Network Jitters? - Andy What are jitters Smoke Ping LibreNMS 15:30 Note Taking App? - Kevin Standard Notes Open Source in a slimy way HedgeDoc 17:30 News Wire Coreboot Joins OSFF Phoronix (https://www.phoronix.com/news/Coreboot-Open-Source-Firmware) Linux Foundation Partnership HPC Wire (https://www.hpcwire.com/off-the-wire/linux-foundation-announces-partnership-with-rancher-government-solutions/) openSUSE and Older 64 Bit Processors Open Suse (https://news.opensuse.org/2022/11/28/tw-to-roll-out-mitigation-plan-advance-microarchitecture/) Orange Pi's Arch Future Its Foss (https://news.itsfoss.com/orange-pi-os-arch/) Wine 7.22 Gaming On Linux (https://www.gamingonlinux.com/2022/11/wine-722-out-now-with-more-32bit-on-64bit-work/) Stratis 3.4 Phoronix (https://www.phoronix.com/news/Stratis-3.4-Released) LibreOffice 7.4.3 9 to 5 Linux (https://9to5linux.com/libreoffice-7-4-3-open-source-office-suite-released-with-100-bug-fixes-download-now) QT Creator 9 9 to 5 Linux (https://9to5linux.com/qt-creator-9-released-with-experimental-squish-support-c-and-qml-improvements) Proton 7.0-5 Neo Win (https://www.neowin.net/news/valves-proton-70-5-release-brings-support-for-14-more-games-to-linux-and-steamos/) Alpine 3.17 Alpine Linux (https://alpinelinux.org/posts/Alpine-3.17.0-released.html) Tails 5.7 9 to 5 Linux (https://9to5linux.com/debian-based-tails-5-7-anonymous-os-adds-new-metadata-cleaner-tool-latest-tor-updates) ClamAV 1.0 LTS ClamAV (https://blog.clamav.net/2022/11/clamav-100-lts-released.html) KataOS Available Open Source For U (https://www.opensourceforu.com/2022/11/secure-ml-operating-system-kataos-is-now-open-source/) Stable Diffusion 2.0 Open Source For U (https://www.opensourceforu.com/2022/11/stable-diffusion-2-0-is-now-available-as-open-source-software/) 19:00 Moorebot Moorebot (https://www.moorebot.com/pages/moorebot-scout) FHD camera with night vision 4WD Mecanum Omni-directional wheels WiFi-enabled IoT mode, connected worldwide, encrypted data with high security Voice control with Alexa and Google Video streaming to Alexa or Google screen devices Scratch programing UART Port 23:55 Cooler Master orb-x (Workstation Pod) Cooler Master Orb-x (https://arstechnica.com/gadgets/2022/12/pc-workstation-crams-monitors-chair-speakers-into-one-ostentatious-orb/) 28:00 Speed Testing Open Speed Test (https://openspeedtest.com/) Self Hostable Iperf (https://iperf.fr/) 30:50 Eufi (Owned by Anker) Cloud Authentication Promised everything is local - its not Push notification and stills are cloud based Images stored on open AWS bucket 35:05 Sustainable Technology Router Incident Sophos was repairable Sophos is just x86 computer Mine Test Open Source Just works Better than minecraft Cross platform Sustainable vs Power Consumption Challenge Coin Stories Email in with how you used Linux to server someone -- The Extra Credit Section -- For links to the articles and material referenced in this week's episode check out this week's page from our podcast dashboard! This Episode's Podcast Dashboard (http://podcast.asknoahshow.com/315) Phone Systems for Ask Noah provided by Voxtelesys (http://www.voxtelesys.com/asknoah) Join us in our dedicated chatroom #GeekLab:linuxdelta.com on Matrix (https://element.linuxdelta.com/#/room/#geeklab:linuxdelta.com) -- Stay In Touch -- Find all the resources for this show on the Ask Noah Dashboard Ask Noah Dashboard (http://www.asknoahshow.com) Need more help than a radio show can offer? Altispeed provides commercial IT services and they're excited to offer you a great deal for listening to the Ask Noah Show. Call today and ask about the discount for listeners of the Ask Noah Show! Altispeed Technologies (http://www.altispeed.com/) Contact Noah live [at] asknoahshow.com -- Twitter -- Noah - Kernellinux (https://twitter.com/kernellinux) Ask Noah Show (https://twitter.com/asknoahshow) Altispeed Technologies (https://twitter.com/altispeed)

Old school Ubuntu has a new cool, Google calls out Google, and some IoT news you can use.

Old school Ubuntu has a new cool, Google calls out Google, and some IoT news you can use.

This is the second week of our storage round table. Join the crew as they talk storage, configuration, and considerations. If you missed part one, make sure to check out https://podcast.asknoahshow.com/313. -- During The Show -- 01:41 Steve's Script Problem Thank You Thank You for all the feedback! Bash and set +x/-x 04:28 Altispeed Runbooks - Kevin ITIL Definition (https://www.techtarget.com/searchnetworking/definition/run-book) Read the Docs Runbooks (https://runbook.readthedocs.io/en/stable/) Started with non technical things Its a manual process Altispeed's Git Hub (https://gitlab.com/altispeed) 07:48 What To Do With Repurposed Hardware? - Emmanuel Old hardware is not power efficient Point of Presence Server Backup Server Lab gopher(https://labgopher.com/) 11:50 Should I Reuse Old HDDs? - Ebal Use Mirrored Zvols Back Up 14:11 Measuring Internet Speed - Keith Don't use speedtest.net Speed of Me (https://speedof.me/) Test My Net (https://testmy.net/) 17:15 ZFS Drive Health - Sleuth ZFS can be setup to alert L2arc failure is not a huge problem ZIL should not get big 21:40 News Wire Coreboot Joins OSFF Phoronix (https://www.phoronix.com/news/Coreboot-Open-Source-Firmware) Linux Foundation Partnership HPC Wire (https://www.hpcwire.com/off-the-wire/linux-foundation-announces-partnership-with-rancher-government-solutions/) openSUSE and Older 64 Bit Processors Open Suse (https://news.opensuse.org/2022/11/28/tw-to-roll-out-mitigation-plan-advance-microarchitecture/) Orange Pi's Arch Future Its Foss (https://news.itsfoss.com/orange-pi-os-arch/) Wine 7.22 Gaming On Linux (https://www.gamingonlinux.com/2022/11/wine-722-out-now-with-more-32bit-on-64bit-work/) Stratis 3.4 Phoronix (https://www.phoronix.com/news/Stratis-3.4-Released) LibreOffice 7.4.3 9 to 5 Linux (https://9to5linux.com/libreoffice-7-4-3-open-source-office-suite-released-with-100-bug-fixes-download-now) QT Creator 9 9 to 5 Linux (https://9to5linux.com/qt-creator-9-released-with-experimental-squish-support-c-and-qml-improvements) Proton 7.0-5 Neo Win (https://www.neowin.net/news/valves-proton-70-5-release-brings-support-for-14-more-games-to-linux-and-steamos/) Alpine 3.17 Alpine Linux (https://alpinelinux.org/posts/Alpine-3.17.0-released.html) Tails 5.7 9 to 5 Linux (https://9to5linux.com/debian-based-tails-5-7-anonymous-os-adds-new-metadata-cleaner-tool-latest-tor-updates) ClamAV 1.0 LTS ClamAV (https://blog.clamav.net/2022/11/clamav-100-lts-released.html) KataOS Available Open Source For U (https://www.opensourceforu.com/2022/11/secure-ml-operating-system-kataos-is-now-open-source/) Stable Diffusion 2.0 Open Source For U (https://www.opensourceforu.com/2022/11/stable-diffusion-2-0-is-now-available-as-open-source-software/) 23:02 Storage Round Table Part 2 Round Table Guests Kenny from Altispeed Peter from Altispeed Steve Ovens from Red Hat & ANS Patrick from Springs Church Cohesity failure 45 Drives Less Money Better Support ZFS 45 Drives Scripts (https://github.com/45Drives/scripts) 45 Drives Cockpit Modules (https://github.com/45Drives?q=cockpit&type=all&language=&sort=) Setup Raid Z Configuration for your use case How important is your data L2arc & ZIL JBOD and Mac Setting up accounts/access control Have a data pipeline Samba, NFS, SystemD Connecting servers Encryption Competing with Cloud Transfer Speed Spider Oak (https://spideroak.com/) GPG Encrypt Locally Don't use software RAID Use a kernel with ZFS baked in -- The Extra Credit Section -- For links to the articles and material referenced in this week's episode check out this week's page from our podcast dashboard! This Episode's Podcast Dashboard (http://podcast.asknoahshow.com/314) Phone Systems for Ask Noah provided by Voxtelesys (http://www.voxtelesys.com/asknoah) Join us in our dedicated chatroom #GeekLab:linuxdelta.com on Matrix (https://element.linuxdelta.com/#/room/#geeklab:linuxdelta.com) -- Stay In Touch -- Find all the resources for this show on the Ask Noah Dashboard Ask Noah Dashboard (http://www.asknoahshow.com) Need more help than a radio show can offer? Altispeed provides commercial IT services and they're excited to offer you a great deal for listening to the Ask Noah Show. Call today and ask about the discount for listeners of the Ask Noah Show! Altispeed Technologies (http://www.altispeed.com/) Contact Noah live [at] asknoahshow.com -- Twitter -- Noah - Kernellinux (https://twitter.com/kernellinux) Ask Noah Show (https://twitter.com/asknoahshow) Altispeed Technologies (https://twitter.com/altispeed)

Coming up in this episode 1. We're diskless 2. We take a LEAF out of the history book 3. We climb the Alpine mountain 4. Pick a very small editor 5. And we don our hoodies Youtube Link (https://www.youtube.com/watch?v=2W4NiS70bDU) Support us on Patreon! (https://www.patreon.com/linuxuserspace) 0:00 Cold Open 1:30 No Disks for You! 10:35 1997, LRP 11:43 2000, No More Money 13:09 2001, LRP Struggles 13:59 2003, LRP Put to Rest + LEAF and GNAP 14:58 2004, GNAP v0.5 15:04 2005, A Linux Powered Integrated Network Engine 16:18 2006, Alpine 1.4 | 2007, Alpine 1.5 and 1.6 16:37 2008, Alpine 2.0 Added Busybox 16:54 2009, Alpine 1.8 and 1.9 17:13 2010, Alpine 1.10 and 2.0 18:05 2011, Alpine 2.2 and 2.3 18:28 2012, Alpine 2.4 and 2.5 18:51 2013, Alpine and the Container Renaissance 20:11 2014, Alpine 3.0 and musl libc 20:43 2015, Alpine 3.2, 3.3 and Some Restructuring 21:19 2016, Alpine 3.4, 3.5 and OpenSSL 21:55 2017, Alpine 3.6, 3.7 and PostmarketOS 22:39 2018, Alpine 3.8 and Raspberry Pi 3 Support 23:01 2019, Alpine 3.9, 3.10 and 3.11 24:08 2020, Alpine 3.12 and the Last LEAF 24:28 2021, Alpine 3.13, 3.14 and 3.15 25:10 2022, Alpine 3.16 and the End of the History 26:45 What is Alpine, Really? 41:34 Our Thoughts on Alpine 1:04:07 Next Time! More Text Ed and a New Distro 1:13:58 Stinger Banter Disks! They're dead, Jim. Dan's 3TB Seagate - not noted for reliability but was reliable. Leo's 240GB Adata SU630 Announcements Give us a sub on YouTube (https://linuxuserspace.show/youtube) You can watch us live on Twitch (https://linuxuserspace.show/twitch) the day after an episode drops. If you like what we're doing here, make sure to send us a buck over at https://patreon.com/linuxuserspace Alpine Linux the History Back in 1997, Dave Cineage created the Linux Router Project, or LRP. (https://web.archive.org/web/19981212030604/http://www.linuxrouter.org/) The Linux Embedded Appliance Framework, or LEAF project was started (https://web.archive.org/web/20010702160257/http://sourceforge.net/news/?group_id=13751) Oxygen (https://web.archive.org/web/20010702153509/http://sourceforge.net/forum/forum.php?forum_id=47922) EigerStein (https://web.archive.org/web/20011101024349/http://leaf.sourceforge.net:80/content.php?menu=9&page_id=2) The Linux Router Project was done (https://web.archive.org/web/20060421174527/http://www.linuxrouter.org/) The LEAF project was still there (https://lwn.net/Articles/37894/) August of 2005, Natanael Copa, while working (https://www.youtube.com/watch?v=W5n_5Idlxvo) for a non-profit company on VPNs and firewalls, announced (https://web.archive.org/web/20110615024325/http://osdir.com/ml/linux.leaf.devel/2005-08/msg00039.html) a new distribution on the linux.leaf.devel mailing list. Alpine originally stood for (https://web.archive.org/web/20100508011627/http://www.alpinelinux.org/wiki/About) A Linux Powered Integrated Network Engine. The earlier versions are a little cloudy, but we see (https://web.archive.org/web/20081013232448/http://wiki.alpinelinux.org/w/index.php?title=Main_Page) Alpine 1.4 being developed in 2006, 1.5 in 2007, Alpine 1.6 released on April 30th of 2007 and the switch to development of 1.7 in the days after. Alpine 2.0, the then development branch, first commit "added busybox" (https://gitlab.alpinelinux.org/alpine/aports/-/commit/645531103b2ee8ef54d53a58eca3b52f7d3fb9ac) Alpine 1.9 (https://web.archive.org/web/20091103100326/http://wiki.alpinelinux.org/w/index.php?title=Release_Notes_for_Alpine_1.9.0) - OpenRC shipped and able to install on hard disks. A new website is launched (https://web.archive.org/web/20101212021228/http://alpinelinux.org/wiki/Main_Page) Alpine Linux 2.0 is released (https://web.archive.org/web/20100821094210/http://www.alpinelinux.org/wiki/Release_Notes_for_Alpine_2.0.0) The team announced the Alpine Linux Forum. (https://web.archive.org/web/20160531153546/http://www.alpinelinux.org:80/posts/Alpine-Linux-forums.html) Alpine 3.0 is released, and uClibc is dropped (https://alpinelinux.org/posts/Alpine-3.0.0-released.html) in favor of musl libc. Alpine 3.2 is released (https://alpinelinux.org/posts/Alpine-3.2.0-released.html) and included the MATE desktop. Alpine 3.3 is released (https://alpinelinux.org/posts/Alpine-3.3.0-released.html) with big renames of the editions that already existed. Alpine 3.4 is released (https://alpinelinux.org/posts/Alpine-3.4.0-released.html) with support for running within VM's, better DNS support and running on the Linux Kernel's Long Term Support release 4.4. Alpine 3.5 is released (https://alpinelinux.org/posts/Alpine-3.5.0-released.html) and this marks the first version to drop OpenSSL for LibreSSL. Alpine 3.6 is released (https://alpinelinux.org/posts/Alpine-3.6.0-released.html) with support for 64-bit PowerPC and IBM z Systems. Alpine 3.7 is released (https://alpinelinux.org/posts/Alpine-3.7.0-released.html) and now supports EFI and GRUB. Alpine 3.8 is released (https://alpinelinux.org/posts/Alpine-3.8.0-released.html) a bit behind schedule and marks the only release of the year. Alpine 3.9 is released (https://alpinelinux.org/posts/Alpine-3.9.0-released.html) improved GRUB support, initial support for the newish ARMv7 and the switch back to OpenSSL. Alpine 3.10 is released (https://alpinelinux.org/posts/Alpine-3.10.0-released.html) with lightdm for login and display management, which shows a renewed interest in running Alpine on the desktop. Alpine 3.11 is released (https://alpinelinux.org/posts/Alpine-3.11.0-released.html) with Raspberry Pi 4 support, initial Gnome and KDE Plasma support and the addition of Vulkan, DXVK and the Rust programming language. Alpine 3.12 is released (https://alpinelinux.org/posts/Alpine-3.12.0-released.html) with support for the D programming language. Alpine and others just do it better, so LEAF sees (https://en.wikipedia.org/wiki/LEAF_Project) its last stable release at 7.0.1 Alpine 3.13 is released (https://alpinelinux.org/posts/Alpine-3.13.0-released.html) and comes with official cloud images for services like AWS, cloud-init and better wifi support on the software side. Alpine 3.14 is released (https://alpinelinux.org/posts/Alpine-3.14.0-released.html) with fail2ban taking a back seat to sshguard because it... failed... to ban... and ClamAV is now community supported. Alpine 3.15 is released (https://alpinelinux.org/posts/Alpine-3.15.0-released.html) with kernel module compression using gzip, Gnome 41 and Plasma 5.23 land, and disk encryption is now supported right in the installer. Alpine 3.16 is released (https://alpinelinux.org/posts/Alpine-3.16.0-released.html) as the last release of this history with better NVMe support, adding SSH keys at boot, a new admin user creation process and a new setup-desktop script for desktop environment installation. More Announcements Want to have a topic covered or have some feedback? - send us an email, contact@linuxuserspace.show Alpine Linux Links Alpine Linux Web Page (https://www.alpinelinux.org) Alpine Wiki (https://wiki.alpinelinux.org/) Alpine user handbook (https://docs.alpinelinux.org/) Alpine Linux on Twitter (https://twitter.com/alpinelinux) Alpine Downloads (https://www.alpinelinux.org/downloads/) Alpine Linux Wikipedia page (https://en.wikipedia.org/wiki/Alpine_Linux) Housekeeping Catch these and other great topics as they unfold on our Subreddit or our News channel on Discord. * Linux User Space subreddit (https://linuxuserspace.show/reddit) * Linux User Space Discord Server (https://linuxuserspace.show/discord) * Linux User Space Telegram (https://linuxuserspace.show/telegram) * Linux User Space Matrix (https://linuxuserspace.show/matrix) * Linux User Space Twitch (https://linuxuserspace.show/twitch) * Linux User Space Mastodon (https://linuxuserspace.show/mastodon) * Linux User Space Twitter (https://linuxuserspace.show/twitter) Next Time We will discuss GNU Nano (https://nano-editor.org) and the history. We also hope to have a couple of topics and some feedback. Come back in two weeks for more Linux User Space Stay tuned and interact with us on Twitter, Mastodon, Telegram, Matrix, Discord whatever. Give us your suggestions on our subreddit r/LinuxUserSpace Join the conversation. Talk to us, and give us more ideas. All the links in the show notes and on linuxuserspace.show. We would like to acknowledge our top patrons. Thank you for your support! Producer Bruno John Dave Co-Producer Johnny Sravan Tim Contributor Advait CubicleNate Eduardo S. Jill and Steve LiNuXsys666 Nicholas Paul sleepyeyesvince

Ubuntu get's pwned again at Pwn2Own Vancouver 2022, plus we look at security updates for the Linux kernel, RSyslog, ClamAV, Apport and more.

Timestamps 0:00 Cold Open 1:39 Dan's Social Soapbox 11:17 A Little More on NixOS 23:14 Nate on Audacity 25:02 Viruses, Trojans and Malware, Oh my! 42:22 Peering Through the Steam 55:45 Leo's Crazy About Chromium 1:09:28 Housekeeping 1:15:23 App Focus: Apostrophe 1:27:32 Next Time: MX Linux 1:30:55 Stinger Coming up in this episode 1. Dan hops up on the Soapbox. 2. We expand on nothing. 3. Is Linux vulnerable? 4. We peer through the Steam. 5. Microsoft is buying a snow storm. 7. Leo is crazy about Chromium? 8. Our plug prys with a crowbar. 9. We mind our p's and q's. Banter - Dan's Social Soapbox Recent Linux After Dark episode (https://linuxafterdark.net/linux-after-dark-episode-09/) Danielle Fore's tweet (https://twitter.com/DaniElainaFore/status/1481701441337102336?s=20) that inspired my soapbox moment. Our episode last season on toxicity (https://www.linuxuserspace.show/04) And a follow-up where we interviewed Stuart Langridge (https://www.linuxuserspace.show/06) Just be excellent to one another! NixOS feedback Reddit thread (https://www.reddit.com/r/NixOS/comments/s7hgio/nixos_history_and_our_experience_nix_null_nada/) that contains a great follow-upfrom Jon Ringer the release manager. Unfortunately it was after we recorded this episode. DO READ. Nix in a professional setting (https://medium.com/att-israel/how-nix-shell-saved-our-teams-sanity-a22fe6668d0e) More about Nix in a professional setting (https://twitter.com/mitchellh/status/1346136404682625024?t=pfPrCy4QZlrpo3f4vgG03g&s=19) Using Nix as a professional by Marty Henderson (https://nalth.is/using-nix-as-a-professional/) NixOS commercial support services (https://nixos.org/community/commercial-support.html) This article came out after our show (https://blog.wesleyac.com/posts/the-curse-of-nixos) Built With Nix (https://builtwithnix.org/) Flakes! (https://www.tweag.io/blog/2020-05-25-flakes/) Roadmap and release cycle (https://discourse.nixos.org/t/nix-release-schedule-and-roadmap/14204/16) request for comment (RFC) (https://github.com/NixOS/rfcsDa) Linux is VULNERABLE!!11!1ONE1! Crowdstrike (https://www.crowdstrike.com/blog/linux-targeted-malware-increased-by-35-percent-in-2021/) Intezer, last year, reported (https://www.intezer.com/blog/cloud-security/2020-set-record-for-new-linux-malware-families/) ClamAV is the answer? (https://www.clamav.net/) It is really geared more toward mail gateways as is Amavis (https://www.ijs.si/software/amavisd/) Microsoft Defender? (https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/microsoft-defender-endpoint-linux?view=o365-worldwide) That isn't really ready for the desktop yet. Possibly Sophos (https://www.sophos.com/en-us/support/documentation/sophos-anti-virus-for-linux) Norton 360 can mine (https://www.pcgamer.com/you-can-now-mine-cryptocurrency-with-your-antivirus-software-wait-what/) NortonLifeLock group aquired Avira Antivirus (https://techcrunch.com/2020/12/07/nortonlifelock-acquires-avira-in-360m-all-cash-deal-8-months-after-avira-was-acquired-for-180m/) Avira (https://www.avira.com/en/blog/avira-unveils-extended-features-with-avira-crypto-game-booster-and-breach-monitor) Steamdeck making huge progress ahead of general release Battleye Anti-Cheat support was rolled out (https://store.steampowered.com/news/group/4145017/view/3104663180636096966) Easy Anti-Cheat is supported (https://store.steampowered.com/news/group/4145017/view/3137321254689909033) If you reserved a spot, watch your email! (https://www.gamingonlinux.com/2022/01/steam-deck-launches-february-25/) cloud saves in Steam will sync between PC and Steam Deck (https://steamcommunity.com/groups/steamworks/announcements/detail/3142949576401813670) Microsoft acquires Blizzard Microsoft acquires Blizzard (https://news.microsoft.com/2022/01/18/microsoft-to-acquire-activision-blizzard-to-bring-the-joy-and-community-of-gaming-to-everyone-across-every-device/) Forza 4 (https://www.protondb.com/app/1293830) Forza 5 (https://www.protondb.com/app/1551360) Scrolling in Chromium THE won't fix Bug (https://bugs.chromium.org/p/chromium/issues/detail?id=521211) Housekeeping Crowbar Kernel Panic (https://crowbarkernelpanic.fireside.fm) Linux User Space subreddit (https://reddit.com/r/LinuxUserSpace/) Email us - contact@linuxuserspace.show Linux User Space Discord Server (https://linuxuserspace.show/discord) Our Matrix room (https://linuxuserspace.show/matrix) Support us at Patreon (https://patreon.com/linuxuserspace) Join us on Telegram (https://linuxuserspace.show/telegram) Follow us on Twitter (https://twitter.com/LinuxUserSpace) Watch us on YouTube (https://linuxuserspace.show/youtube) Check out our website (https://linuxuserspace.show) App Focus Apostrophe Apostrophe (https://apps.gnome.org/app/org.gnome.gitlab.somas.Apostrophe/) Next Time We wrap up our thoughts on NixOS MX Linux (https://mxlinux.org) Join us in two weeks when we return to the Linux User Space Stay tuned on Twitter, Telegram, Matrix, Discord whatever. Give us your suggestions on our new subreddit r/LinuxUserSpace Join the conversation. Talk to us, and give us more ideas. We would like to acknowledge our top patrons. Thank you for your support! Contributor Nicholas CubicleNate LiNuXsys666 Jill and Steve WalrusZ sleepyeyesvince Paul Curtis Matt W. Co-Producer Donnie Johnny Producer Bruno John Josh

Coming up in this episode 1. We interrupt you for a public service 2. Mozilla Watch 3. The Tenacity of Audacity 4. We make waves with our app Preshow Traefik (https://traefik.io/) Ubuntu 20.10 PSA Ubuntu (and flavors) 20.10 is EOL July 22nd 2021 (https://lists.ubuntu.com/archives/ubuntu-announce/2021-June/000269.html) Update ASAP to 21.04 Mozilla Watch Firefox 90 released (https://9to5linux.com/mozilla-firefox-90-is-now-available-for-download-removes-built-in-ftp-support) DNS over HTTPS Now the Default in Canada (https://blog.mozilla.org/en/mozilla/news/firefox-by-default-dns-over-https-rollout-in-canada/) The TRR Program (https://blog.mozilla.org/netpolicy/2019/12/09/trusted-recursive-resolvers-protecting-your-privacy-with-policy-technology/) Audacity Policy clarification (https://github.com/audacity/audacity/discussions/1225) Debian Bug (https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990737) Twitter thread from Hubert Figuière addressing spyware concerns (https://twitter.com/hfiguiere/status/1412450364444622854?s=19) Maintainer of Tenacity fork steps down (https://github.com/tenacityteam/tenacity/issues/99) arsTechnica article (https://arstechnica.com/gadgets/2021/07/no-open-source-audacity-audio-editor-is-not-spyware/) Audacity Available as AppImage as of 3.0.3 RC1 (https://github.com/audacity/audacity/releases) Feedback - Security diff (https://www.lifewire.com/compare-two-text-files-linux-3861434) Microsoft Defender for Linux (https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/microsoft-defender-endpoint-linux?view=o365-worldwide) Sophos for Linux (https://www.sophos.com/en-us/support/documentation/sophos-anti-virus-for-linux.aspx) clamAV (https://www.clamav.net/) Housekeeping Email us (mailto:contact@linuxuserspace.show) Open Source Voices (https://www.opensourcevoices.org) Discord Server (https://discord.gg/qXKxHcV) Matrix Room (https://matrix.to/#/#linuxuserspace:matrix.org?via=matrix.org) Support us at Patreon (https://patreon.com/linuxuserspace) Join us on Telegram (https://linuxuserspace.show/telegram) Follow us on Twitter (https://twitter.com/LinuxUserSpace) Check out Linux User Space (https://linuxuserspace.show) on the web App Focus Gnome Sound Recorder, kwave This episode's apps: * Gnome Sound Recorder (https://wiki.gnome.org/Design/Apps/SoundRecorder) * kwave (https://apps.kde.org/kwave/) Next Time We discuss topics and Feedback that impact your User Space Our distro is KaOS (https://kaosx.us/) Join us in two weeks when we return to the Linux User Space Stay tuned on Twitter, Telegram, Matrix, Discord whatever. Join the conversation. Talk to us, and give us more ideas for what'll go in Season 2. We would like to acknowledge our top patrons. Thank you for your support! Contributor Nicholas Co-Producer Donnie Producer Bruno John

You should never host your own email, so we’ve gone and done just that. What we learned trying to build an email server in 2021. Plus our take on Ubuntu 21.04, become a master of your schedule with our pick, and a Garage Sale update.

4月8日の情報セキュリティーニュース　＃29 1.「Aruba Instant」に複数の深刻な脆弱性 2.「ClamAV」にセキュリティアップデート - 脆弱性4件を修正 3.施設予約申込書に電話番号記載ミス、誤FAXで判明 - 名古屋市 4.グループ従業員のID管理サーバがランサム被害 - 共英製鋼 5.制御システム監視制御ソフト「ScadaBR」に脆弱性 6.「ほくせんカード」利用者を狙うフィッシング攻撃 雑談 紹介　2019～2020 年 制御システムセキュリティアセスメント報告書 各組織の対策状況②：ネットワーク対策と監視 外からのリモート接続を許可している組織においてセキュリティ対策が不十分なケースが見られた ＃サイバーセキュリティ ＃情報セキュリティ

Welcome!   This week I am spending a bit of time discussing The huge hack on SolarWinds Orion Software and why we will be feeling the repercussions for years -- and yes it could have been prevented.  Then we will talk a little bit more about Election fallout and how this hack might have something to do with it.  Then Fire-Eye hack and New and Improved (well -- another variation) of Ransomware and More so be sure to Listen in. For more tech tips, news, and updates, visit - CraigPeterson.com. --- Tech Articles Craig Thinks You Should Read: Gaming Over the Holidays? 7 Important Security Tips Looking at Using a Contact-Tracing App? Contact-Tracing Apps Still Expose Users to Security, Privacy Issues Cyber Actors Target K-12 Distance Learning Education to Cause Disruptions and Steal Data Knowing What the Enemy Knows Is Key to Proper Defense Major Cybersecurity Vendor FireEye Breach -- Fallout Yet to Be Felt New AdWare Silently Modifies Search Results Ransomware gangs are getting faster at encrypting networks. That will make it  harder to stop --- Automated Machine-Generated Transcript: Craig Peterson: [00:00:00] In case you didn't hear, we have had a massive hack. We're going to be talking about that and what it means to you. What it means to the federal government. What it means to organizations that are using SolarWinds. Oh my Hi everybody. Craig Peterson here. Had a great discussion this week with Mr. Matt Gagnon Wednesday morning, as we usually do, and we're going to continue that now. Let's get into it in a little bit more depth. You probably heard me pounding on that table and it was just unbelievable because the bottom line here is these particular hacks were effective because these supposedly "Professional Security People" did not follow the basics. They didn't have the software configured according to the manufacturer of the software's specifications. So number one, read the directions. Number two, they didn't use the most basic of security controls that are out there. You've got to watch these domains, capabilities, practices, processes. That's what we are always talking about in the cybersecurity business. They were not monitoring outbound connections. They didn't stop the call home stuff. What I keep telling you guys, the easiest way to stop the spread of some of this nasty software is to use Cisco Umbrella. It's just that simple. Cisco Umbrella for just regular people is free. How could you get better than that? When you get into the business level, which you cannot buy on their website. You can buy some very good stuff from the Umbrella website, from Cisco then you get a lot more features and fine-tuning and granularity and stuff. If they had just been using Cisco Umbrella, that probably would have stopped the call home. That's what it does. Okay. These are professional organizations that got hit here. Professional organizations. We do not allow Willy nilly, outbound connections. Some of these pieces of software pretend that they are a web browser and they just want to go to this website. If you're allowing your employees on your network to go Willy nilly, wherever they want online, you got some problems. If you're just filtering for instance, Oh I'm not going to let them go to porn sites or something. Violence sites or Netflix to watch TV movies all day long. Instead of working, that's not good enough. That might help to keep them paying attention a little bit more to their work. I've found frankly, much of the time, they spend trying to figure out how to get around those filters.  We catch people doing that all of the time. You have to talk to them and explain why the most dangerous parts of the internet, from a security standpoint, are the parts of the internet where you are going to have some of that nasty content that they might be looking at for. Once they understand that, usually they wake up and smarten up, et cetera, et cetera. But if that's all you're filtering for. How are you going to know that there is a piece of Chinese back door software on your network, that's trying to get out? How are you going to know that there's a Russian back door trying to get out? Or there is a hacker that's in your network who is exfiltrating all of your data and then they're going to hold your data. Not quite hostage to where it used to be, but they're going to extort you and say, Hey, if you don't pay up, we're going to release all of this intellectual property to the internet. The right way to do it is you only allow outbound connections to places they have to go for work. We have a company, our client, just as an example, who is in the Department of Defense space. They are a subcontractor and they deal with parts for airplane engines, certain parts.  As such, they have all kinds of federal regulations and those regulations mean that they can't have data that gets stolen, that gets exfiltrated, right? That's the whole idea. They're supposed to be secure. So what do we do in a case like that? The people that work there can only get two websites that are approved. There websites of their suppliers. Their websites of their clients and that is all. They cannot go anywhere else. Why? Because part of the problem here is what just happened this week. What happened this week with this massive order? This has only happened five times before in all of history. We'll talk about that, as well. What is this order? What happened is they tried to go out to some other websites. Let's say they got infected, and their computer had some nasty-ware on there that was trying to call home. Just do its ET thing, call home.  It tries to get out of the network using what looks to be an innocent little web connection. It gets there normally. But if we block everything except the website that they absolutely have to go to, that software is not gonna be able to get out of their network, is it? This is not rocket science. Yet we've got 18,000 organizations that look like they got hit in this massive cyber attack. Massive. There's a company out there called SolarWinds. Now, SolarWinds we have used in the past. We stopped using them because of some of their practices.  We just couldn't, in good conscience use them. Knowing what they were doing and how they were doing it. But SolarWinds has this network management software. They have sold it to government agencies, massive companies, 499 of the Fortune 500 companies use SolarWinds. They have this network management product called Orion.  Apparently, they like any other good little software vendor-provided updates. The updates between March and June 2020 apparently had a little extra payload. Now, the way these actors, the bad guys got this payload into SolarWinds software really shows that it was a Nation-State. Now of course the media is out there saying Russia, which is what they usually do. You'd think it was probably more likely to be China. But you know what we'll probably never know because these people were very sophisticated. They basically reversed engineered a one-way hash function called SHA-1 which you should not be using anymore. It was thought to be relatively safe. They combined that with another vulnerability in a web server and in some software that supports the web server and is supported by the web server and bam they're in. SolarWinds sent out updates to their clients. Those updates included updates and went to government agencies, all, but one Fortune 500 company, and over 22,000 managed services providers. Now, we're going to talk about MSPs some more, and we've talked about them in the past. This is a big deal. Most businesses don't do the information technology function themselves. They might have somebody that's in charge of it, but that person is the person who goes out and tries to find somebody to take care of the systems or do an audit or whatever it might be that they're trying to do. That makes sense, I think. So that's what they're trying to do. But do they really know what they should do? What they shouldn't do? What should be done? What shouldn't be done? That's a subject that we'll take up a little bit later. This compromised software was distributed as a software update to SolarWinds customers by SolarWinds. It turned out that their software had this payload in it that now allowed an as yet unknown bad guy to get into the networks. Now there's a statement that was filed with the securities and exchange commission. I'm looking at it right now by SolarWinds corporation and talking about the Orion products. They say that SolarWinds believes that the Orion products downloaded, implemented, or updated during the relevant period, starting in March this year, contained the vulnerability. Orion products download implemented before the relevant period and not updated, did not contain the vulnerability. It goes on and on. It says SolarWinds values of privacy and security of its over 300,000 customers. I can't believe that this would happen. So not only was SolarWinds caught up in this but so were many of their customers and you will find it interesting to know who some of their customers are because they have also been in the news lately for different reasons. This is just fascinating. The biggest hack in recent history, and one, that's going to have consequences for years, literally years. Make sure you visit me online. Craig peterson.com. We've established that there was a hack. We've established that the media thinks Russia did it and so do many security consultants. We're not absolutely sure. We probably never will be. What is this hack doing? How is SolarWinds tied into Dominion? This hack has been absolutely scary as heck. One of the congressmen who got a briefing on Tuesday about what had been going on. Called this absolutely terrifying. Now that is a terrifying statement to make and the accusations are that Russian government hackers are responsible for this. Now we've seen since March this software by SolarWinds called Orion, which was in place in 18,000 organizations, was compromised.  Once it was in the network, it gave bad guys access to that network. Coming out this week on Thursday, we found that the feds have, in fact, said that yes, we were affected by this. Now affected, what does that mean? Ultimately, the pros and cons to this. The list of affected US government agencies and entities include the Commerce Department, the Department of Homeland Security, the Pentagon, the Treasury Department, the US postal service, and the National Institutes of Health. Isn't that amazing actually it is institutes, right? This is a long list of suspected Russian hacks into the US as well as many of our allies and other nations out there. This is very scary to hear that because Russia has been using hackers, they have been using bots, and they have had other means to try and influence elections in the United States and elsewhere. Before this latest election, we had the Democrats saying our election that elected President Trump there was influenced was hacked by the Russians. And of course, as you know of investigations for four years, they never really found that Trump was colluding with Russia. I think the focus was absolutely wrong in those investigations. It should have been on what happened with our elections? How safe is our election software? How about the hardware? How about the mechanisms that are in place? The federal government does have guidelines for this election vote tabulating software and hardware. They have error rates that are allowed just like they have so many mouse parts that can be in peanut butter. They have error rates that are far lower than are being reported, right now. Oh, thousands of times more ballots were rejected than were allowed by law. But nothing is happening. Nothing happened. They investigated one person, one, man, basically President Trump. A number of other people were caught up in this investigation as they laid traps for people. We did not do a major investigation into these systems. To me, that is absolutely inexcusable. Now we're seeing some other evidence that is something that I think we should be paying some attention to and that ties right into this hack of SolarWinds. As I mentioned, all but one, of the Fortune 500 companies use their software. 18,000 different organizations installed the version of SolarWinds Orion products that were in fact known to not just be vulnerable, but have built into them hacking tools, which is just astounding to me. Are we going to look into this now? Because looking right on this is from the Gateway Pundit.com. They went to dominion voting software. You can go to the homepage. They probably removed it by now, but it was there when I had a quick look on their website. This emergency directive 21 dot 01. Very rare. Only has been issued five times in the last five years is saying remove all of this. Yet Dominion Voting is apparently a customer of SolarWinds and Dominion Voting brags about how they use SolarWinds. That is scary, very scary to me. Let's talk about what it does mean. It does mean that our friends Dominion Voting, who has been accused of having terrible software, all the way through having major backdoors in their software. Our friends over Dominion Voting could well, have been completely compromised by that is SolarWinds attack. Completely compromised. We don't know if they were but we do know that they were using it and they are the ones with our voting machines. This goes back to what I talked about last week, where I think there is only one solution to being able to be confident about votes. Obviously, it's too late now to deal with all of the potential voter fraud, software errors, hardware failures that have occurred in past elections. It really is too late based on the evidence I've seen, to quote Attorney General Barr. But how about the future? How about we do an investigation into these companies that are providing us with the hardware and software. Or better yet, my solution is we have ballots printed. Those ballots have serial numbers on them with a very good check sum. All we do with those ballots is we scan them on regular commercial, industrial scanners that keep pictures of those votes. So we have a hard copy that we can go to at any time of the votes.  We can analyze them. We can compare it to the vote counts, et cetera. We take those pictures now and we run them through very inexpensive software. Very inexpensive, under a thousand dollars to buy a license for some of the software. What that software does is it looks at the images that were taken by these scanners. And it goes ahead and tallies votes.  If we use two or three different software packages, they should pretty much agree. Our error rate should be less than one in a hundred thousand or maybe even a million. Should be pretty darn low. Then we hand tabulate a few of these just to double-check, make sure everything is all right. We now have hard counts. People add up the counts and as always, you have election observers from the two major parties and the minor parties they're watching this whole process. I am for absolute transparency here. I think all of those images of the votes should also be made available to anyone who wants to download them. This is the age of the internet. Why are we not making the images of the votes available for anyone who wants to look at them? Private individuals can tally the votes and come up with what should have happened, what the count should be. You expect a little bit of variance, but absolute transparency. People add up those votes. It's all audited. There are cameras running, webcams 24 seven watching the voting machines. Watching the election workers. Streaming to anyone who cares to look. Now we have absolute transparency. Now we can believe the vote. That I think is the only way we can handle this. We're going to run through some checklists here about what gamers should be doing. If you're giving a video game or one of these consoles to maybe some of your kids. I don't dunno. Maybe your husband, maybe they are kids. We're all kids. What should they be looking for this year? We are talking about this massive hack we've been talking about, and we're going to get into some other stuff right now.  I wanted to mention one more thing. When we were just talking about this major hack may have been Russia, maybe China. Sometimes it's really hard to tell who it is. If these are good hackers and these are by the way were very good hackers. SolarWinds I just can't hold them a hundred percent responsible for this hack because part of the problem was people not reading directions, not doing just the very basic practices that are established in the industry for trying to keep things safe. So keep that in mind as well. But it is a huge problem. It's something we all have to pay a little bit of attention to. I had a great question this week when I was on the radio, I was asked, Hey, please tell me that there are people in our government who are trying to do the same type of thing to other governments. And you might've heard about what is it? I would call a person hack, right? This is what is called in the industry a honeypot. You probably heard about US Representative Eric Swalwell. He is a California politician, which makes a lot of sense. He has been in office since 2013 and he is also on a very. Interesting committee. When we are talking about Representative Swalwell, his committee assignment includes him being on the Select Committee on Intelligence. Okay. Ranking member of its central intelligence agency subcommittee. He also retained his seat on the United States House Committee on science space and technology according to Wikipedia. This is very scary because he fell for the oldest trick in the book. It also tells us just the links China will go to in order to hack our people, our country. Don't worry, we're going to tie all of this into our hackers. Okay. He, as well as another politician from California. Yes indeed sitting us Senator she had a driver, I think it was for about 20 years who was a Chinese spy. Eric Swalwell had this girlfriend and apparently, this happened when he was just a mayor before he had moved up to the house. Then, of course, moved into the intelligence committee. A lady who became his girlfriend was doing everything you might expect of a honeypot, a Chinese lady who was trying to get information out of him. I don't know what information he got she got out of him. He had a lot of information. Now. If this were to happen to a Republican, of course, just by default, the morals of a Republican would be well.  I really messed up. I'm sorry. I resign. At least resign from the intelligence committee, but I resign from Congress. That has happened before. Much different response. It's just amazing to watch from a Democrat and Republican. Nancy Pelosi should have removed him from his very sensitive government positions. This guy has demonstrated that he can't keep his well, you know what I mean, and not reliable when it comes to secrets. Why hasn't the FBI said, I don't care what you say, Ms. Pelosi, we want this Congressman removed? The big question is how did we find out about this? What ended up happening that brought us to the point where we realized that Eric Swalwell was a major security risk and was on the select intelligence committee? On oversight committees. Okay. It's scary, isn't it? This ties into this whole hacking agenda. It looks like we might have been hacking, as well. I'd be shocked if we weren't. We have teams, red teams, in every branch of government, basically, that hack. That's what they do. They're hacking in order to see what weaknesses we have. But this has been barely reported at all. This also happened last week. A major leak of official records from the Chinese communist party. Many of these Chinese communist party higher-ups are living and working in other countries, including the United States, Australia, United Kingdom of course, and this list that's been uncovered has about 2 million members of the Chinese communist party. Now, remember these people have sworn an oath to do everything they can to protect and build up the communist party. Okay. This database lists names, party positions, dates of birth, national identification numbers, ethnicity, telephone numbers of these members. Now. Australia Sky News on Sunday reported that the database quote "lifts the lid" on how the party operates under president and chairman Xi Jinping. The leak shows that the party branches are embedded in some of the world's biggest companies and even inside government agencies. Communist party branches have been set up inside Western companies, allowing the infiltration of those companies by CCP members who if called on are answerable directly to the communist party. To the chairman, the president himself. So apparently along with the personal identifying details of almost 2 million communist party members, there are also details of 79,000 communist party branches. Many of them inside companies. Now there was some analysis done of this member, we've only had it for what about a week now, but the analysis has been done so far has been interesting, cause that's revealed that both Pfizer and AstraZeneca, both companies who have vaccines for this COVID virus both of these companies together employed 123 party loyalists. There were more than 600 party members across 19 branches working at British banks, HSBC and standard chartered. In 2016, in addition, the Daily Mail's reporting that firms with the defense industry interests, like Airbus, Boeing, and Rolls Royce employed hundreds of party members. Now, when I found interesting is the response by the US media and the response by some of these companies. It's been reported that some of these companies, when they were alerted to the Chinese party membership of some of their people said "we're not interested in the political parties that our employees belong to." Which is just shocking. We're not talking about basic parties here. We're talking about what effectively is an enemy of the United States and frankly, we're also looking at this hack as a declaration of war by Russia, by China. China's done this before, too. In fact, we think they were behind another major hack you've heard of just a few years ago. The PS five and Xbox series X apparently are almost impossible to get. Best Buy just can't get restock. But assuming you got one, what are some of the tips that you need to know? If you are playing games or your kids or grandkids are. Video games, I've never gotten into them, but it's probably my generation. Back when I was a teenager, we had these text-based games that we would play sometimes. You're sitting in there on a teletype and you're typing into this computer over 110 bod modem. Oh, my gosh. It was fun, so you were in a twisty maze of tunnels? I can't remember the exact wording and then you'd go left or right. And I never spent a whole lot of time on those things. Because I basically considered it a waste of time.  I've played like Mario cart a couple of times when we got it for the kids and that's probably the extent of it. I've played with some of these video games that Apple has released now as part of their arcade product. I am shocked at how good they are. How good the. Resolution is. And the movement of the phone itself can be read by the game. Your phone is your controller. So if you play games on these video devices or on a PC of some sort or even a Mac. You're not too worried about availability because the software is easy, right? It doesn't cost much to duplicate that software. Probably doesn't even cost a penny, nowadays for the guys to download the game to someone. Of course, there are other charges and stuff involved, but it's just so easy to do. So we're going to have a lot of them this year. Many of the people who are playing these games are the younger millennial generation, the Z generation, and both of them really have issues when it comes to security. I mentioned this before in talking with my youngest son, about two weeks ago, about security. He just didn't seem to care. Now, we had given him a really good firewall router and a wifi system built into it. All kinds of processing that was going on. It was a Cisco device. Cisco firewall. It was analyzing everything coming into his network, everything going out from his network. It does a very good job of it.  It had a limit of, I think, it was 250 megabits worth of data flowing through it. He said megabytes, and I'd have to look at the specs on it. Actually, I do think it's two hundred and 50 megabits and that particular device was great. You're cruising the web. You have software of a machine gets infected, trying to get out. It'll shut it down just as all of this. His roommate, who calls himself a gamer, didn't like that at all. So he ordered a gigabit network coming in.  It's a gigabit over RF cable modem, which is crazy. Cause you're not going to get it and we had previously explained, Hey, listen. Your biggest problem is going to be latency turnaround. It's not going to be the bandwidth.  We showed him these statistics that our router had gathered that he never used more than 10 megabits of the worth of bandwidth, which is, pretty normal. I've read some studies on it and 10 megabits, 20 megabits. That's the max that is used by these video games. He knew better, cause he's in his twenties, and he's a professional gamer, almost. Not that he makes money from it, but he's a professional gamer and he has been talking in the gaming community. So rule number one is they don't need as much bandwidth as they think they need. What they need is a, basically a jitter-free line so that they can talk to their friends without any problems while they're playing the games. They need a very quick turnaround, so the round trip time needs to be fast. I brought up with my son, Hey, listen. You realize that he went out and upgraded the line and then ripped out, while you were gone, the firewall.  He put in a better one than handles a gigabit and of course, yeah, no better. The wifi that he has in the house that his friend purchased as his roommate, does not provide gigabit over the Wi-FI. It just doesn't happen. It can't happen on any of this consumer stuff when you get right down to it and you look at it hard, right? Many companies are lying to us. They publish these specs. They give all of this data and it is so misleading. I said, this is a problem now because you have security at the bottom of the pile, when it comes to your network now.  Anything that gets onto his machine is going to get onto yours. The firewall was actually a zero-trust basis and would not allow his friend's gaming computer to access his computer or anything else on the network that it wasn't explicitly allowed to access. And you do you know what he told me? He said he doesn't care. Now. I don't know. So if this is your dad and you've been doing internet cybersecurity for 30 years, and you're just getting carried away type thing that you get from an under 30 five-year-old son. I've got kids that are actually that age too. There certainly is a difference, a major difference.  I don't know what it is, but the stats that I've seen in the studies I've read are showing that these younger millennials and generation Z, which this of our kids is right on that cusp, don't care about cybersecurity. Part of the reason is that they just have given up. Now, I've been fighting it for over 30 years. I haven't given up yet, but they have, it's just a fact of life. Just like you have to be on social media and you have to post these pictures of your wonderful life. It's just crazy. Here are seven tips and I got these from dark reading, a great website, but obviously, I'm going to comment on them a much different way than Dark Reading's approach to it. But I really liked these points. Number one, we've got to make sure our kids and ourselves understand that personal information needs to be kept personal. Now, I know every one of us in this country has had our data stolen. It's guaranteed. It hasn't all been stolen and it's from a snapshot in time. For instance, the Equifax hack. Yes, indeed. That's pretty much everybody in this country, Canada, much of Europe's personal information. Our salaries, our home addresses, our social security numbers. Everything was stolen, but that's years ago. By the way, that was probably done by the Chinese communist party. Remember that they're socialists. We talked about this last week. They steal stuff. That's what they do because they just can't compete. They don't like competition. They want to sit on their hands for the most part. Now, China's done some interesting things. With trying to combine the ability to have some free trade with the government-controlled economy, right? They're not just like we are. Not capitalists, they are not communist there. There's never, ever even with the Soviet Union and what happened in Venezuela and Cuba, they have never actually achieved pure communism. We don't have pure capitalism here either. Don't let them share personal information, make sure they realize that every little bit of information they share, they may be sharing with a hacker. Someone that's going to break in. We had break-ins in our neighborhood. This was probably about five years ago. A bunch of break-ins bunch of stuff stolen. Our house at that time was never broken into. It turned out that it was a kid from the neighborhood whose family had moved out and he knew things about people in the neighborhood and when they worked and when they were taking vacations. So he came back in and he started stealing from the houses, he'd break into them and steal stuff. In some cases, apparently, kids had given him codes to be able to enter houses. It's amazing. It reminds us again of another, a best practice. That we should be exercised in business and you need to exercise in your home as well.  That is when someone leaves a job. What do you do? You shut down their accounts, do it all automatically. That's the way it should work. You archived their data so they can't get back in. Now we've seen instances where network people who had been doing network work at a business left and stole just tons of things, shut down networks, change passwords because that hadn't happened. And in this case, It's a good idea to change the code on your door lock pretty frequently. Keep track of who has what code, right? Doesn't that make sense to you?  Then on top of that, with these fancier new ones where you can use the Bluetooth, the cell phone To program it. So you just bring the phone close to the door and it automatically unlocks, it gets more complicated. It's easy to set up, but we've got to make sure we erase them. So number one, don't share personal information. The next one, obvious as heck. We talk about it all the time but take care of your home network. Don't do what my son did and put in a cheap router. My son's roommate did make sure it's secured using multi-factor authentication. Now there are some ways around some of this, so that's why I recommend you do not use texting for multi-factor authentication. Use something like DUO or 1password or Last Pass or Google Authenticator. It's really going to help. Stay away from chats. Now, this is difficult because much of the social stuff that goes on with gaming is over chats that are built into these games. So just be careful when they're in chats because it is used by these honeypots and others to get personal information. Kids don't realize, Hey, listen, dad is a high up in this company and I probably shouldn't be talking about that because honeypot to go after our kids, to get at us. Avoid third party stores, apps, turn off Universal Plug And Play. (UPNP) If you still have it on your network and beware of scams when playing online. So some good tips for the kids. This latest declaration of war as it's been called may be bad enough for government agencies and bigger companies, and 22,000 managed services providers. But man ransomware. Then follow up to our last hour, DNI, the Director of National Intelligence Ratcliffe was supposed to have come out with a report as of yesterday about the elections and about foreign interference. Because of disagreement within the National Intelligence Community, it did not get released, at least not yet. It should be out fairly soon. The big talk and the disagreement between various people who are in the organization, one of those jobs for life things, right? The deep state as President Trump has called it. Is that how much involvement did China really have? How much involvement did Russia have?  I strongly suspect. Russia had a lot of involvement here in hacking. In fact, even our voting machines, as we talked about in the last hour because of the SolarWinds hack. How about China? They're saying it looks like it could be a major influence and have had a big impact on the election, in a number of ways, but we're not going to get into that right now. Those big hacks have been very successful against larger companies all, but one, of the Fortune 500 apparently was affected and some 22,000 managed services providers countrywide use it according to SolarWinds, about 18,000 businesses. Were using the affected or infected, depending on how you want to look at this, but using the affected software. That's a real big deal, frankly. How about you and me? What does it mean to us as business people, as home users, et cetera? I want you guys to understand this a little better, so I'm going to explain it and I appreciate all the comments I've had about how much you guys appreciate me doing a little deeper dive into this far deeper than most anyone else can. You get these guys on the radio that just talk about absolute fluff in technology. Mainly because they don't know any better. I've just been doing this for too long. One of these commentators, a lady who's had her own radio show for years. Just amuses me to know she was a marketer for years before she got on the radio. Maybe that's why she's a lot more successful on the radio than I am, but I'm much more successful in tech than she is. You as a regular end-user, you're probably not badly affected by this hack, this SolarWinds hack, and all of the subsequent hacks that happened. It's probably not a huge deal for you because your home computers were not running this Orion software from SolarWinds, and you're probably not using any of the other software that's out there. I'm continually reminding everybody and I'm covering this as well in my Windows Hardening Course, which's coming up soon. When I was recording this week, it made me think about this a little bit, that you and I, as home users know better than to buy things like Norton and try and use them or some of these other antivirus products, because in this day and age with Windows 10, just not considering anything else in the network, but just the computer itself, you are probably best off using Windows Defender and making sure your computer stays up to date. You also know if you want to spend a couple of bucks. There is some other good stuff out there that's going to help and one of those is Malwarebytes. In fact, I'm going to try and include a link to some of them Malwarebytes stuff this week. Malwarebytes is another good little piece of software to have, and how much I like Umbrella. You'll find that online, of course, umbrella.com and you can get the free version. You can get the paid version. If you are a business, you need to talk to a reseller, like me, and have them set you up with the business version. Those three things are going to go a very long way. Obviously, you need to lock down Windows and harden it. That's why we're doing this whole little course coming up here soon. If you are a business now you might be in some trouble. I have been saying now for three, four years, as well as the FBI has been saying this and I covered it in some of the FBI InfraGard webinars that I hosted. If you're an MSP, if you're a managed services provider or break-fix shop, in other words, if you take care of other peoples and more particularly businesses computers, you are a major target. You have to pull up your socks. Now, the Department of Defense with this cybersecurity maturity thing that they've come out with CMMC. They have made it very obvious because he specifically says it that if you are a managed services provider, you have to meet the requirements that the Department of Defense is putting on to their customers or their suppliers. I think that makes a lot of sense. If you are a managed services provider, you probably have pretty much, if not completely full access to your customer's computers and networks. So if you have a customer, that deals with the Portsmouth Naval shipyard, for instance, that is a Federal Government DOD facility and if those DOD contractors that are out there on base have to meet certain requirements for cybersecurity, you would expect that you as a managed services provider have to meet those same requirements. The answer is yes, absolutely you do. We're talking about some serious policies and procedures, some serious hardware to help make sure everything's working right. Some serious monitoring of the hardware and the software and the alerts. It's a lot of work. We've talked about it before. Basically, if you have less than 200 people, you probably can't afford it. There is no easy button when it comes to the NIST 800-171 or the CMMC standards. So you turn to one organization, that's a managed service security services provider and you expect that they are going to be able to take care of you. I don't think that's unreasonable. What should you be doing? How can you have these guys take care of you? The answer is almost none of them can. No, they'll say so. They'll put a nice little logo up on their site and, Oh my gosh, aren't we just, Mr. Wonderful, Mrs. Wonderful. In reality, many of these companies know the buzz words. They know the key phrases, but they are not up to snuff when it comes to doing security or including their own security. So they'll go to other vendors. They go to distributors, try and get some help. This goes back to how I started out here, talking about these tech shows, where the host really knows very little about the actual technology. You want someone that understands. If you want a good meal, you're going to go to one of these celebrity chefs. They know the business and they know the business from the start to the end. You're not going to go to a fry cook for Wendy's, in order to get a great meal. Now, you might get a decent meal. So the Department of Defense is now pushing all of these standards down to the MSSP's. This is why we are actually a Master Managed Security Services provider. We provide security services through and for these Managed Services Providers, I think that just makes a whole lot of sense, but these companies have access to other businesses. Computer networks have been under attack forever and this now proves my point I've been trying to make for years. Which is the SolarWinds attack was directed at 22,000 companies that call themselves Managed Services Providers. Why? Because that's where the money is, that's where the access, the keys to the kingdom are for so many companies and so many government agencies are these managed services provider. Now, this is difficult because I promise this week to get something out about selecting a managed services provider.  I have something, if you want a copy of it, make sure you email me ME@craigpeterson.com because I got a little checklist that I put together. It's one of these generic ones. I'm not trying to say, Hey, you got to hire me. You know how that goes? Where they put out an RFP, requests for proposal and there's only one company in the whole world that could possibly meet all of those specific requirements. Been in business for 30.6 years, is located within two miles of us, et cetera, et cetera. No, that's not what this is. This is a real nice generic list that you can use to help evaluate anyone out there that is going to be helping you out with your security. So whoever it was, the Russians, most likely knew what they were doing. So they got not only the 22,000 managed services providers that got them in their site, but they also got all of these government agencies, and all, but one, of the Fortune 500 is right there in their sites. They are not stupid. This was a very difficult hack and they pulled it off. They would have been continuing to pull it off, frankly, for a very long time. So if you outsource your IT, which you have to do, because that's the only easy way to get some real talent part-time, which is what most small businesses need. They don't need necessarily full-time on their staff, but they need full-time attention. and you got to pay attention. Drop me an email. me@craigpeterson.com. I'll be sure to get it back to you. Ransomware is no longer just the domain of basic hackers or even NationStates. Like what we saw with this massive SolarWinds hacks and targeting managed services provider. It is now changing ransomware in a big way. What is behind the headlines and really helping people to try and understand it a little bit better?  I've always been told I'm good at and something I do enjoy doing. I guess that's a good thing, right? For you guys, as well as for me. Ransomware has been evolving over the years. We've talked about it here on the show before, but the idea behind ransomware that those people who aren't familiar with has changed from really one idea, now, to two core ideas. So the first idea is the one you may be familiar with which is they get some malware on your computer. However, it might be, they might be sending an email phishing email, trying to trick you into clicking on something and then installing some software. It might be via a worm or a remote hack, right? It could be a little virus that gets in, but the idea behind ransomware is that it gets on your machine and then it phones home. Some of this stuff is very fancy. You can go onto the dark web and you can find ransomware for cheap money. You can even buy ransomware as a service. So what you do is you send out the ransomware to email addresses, right? The ones you've bought or stolen or harvested from the internet. Another reason, by the way, you should never have your email addresses up on a website where it's easy for software to grab. Ransomware as a service does everything. Some of these companies, my gosh, you pay them either a fixed fee or a fixed fee plus a percentage of your take and they'll run the whole gamut for you. They'll provide tech support for people who get ransomware. Here's what will happen. That person clicked on that email. They installed that software that got the virus. There was a drive-by worm, whatever it might be and in the background now starts encrypting all of the major files. It looks for things like word docs and Excel spreadsheets, et cetera and it encrypts them all.  It calls home first, nowadays, for instructions and tells the bad guys, "Hey, here's the key I'm using to do the encryption." It gets really fancy today. We'll get into that one in a minute. Then it pops up on your screen. "Hey, all your files are encrypted. You got ransomware to contact us." It gives you an email address or something else to contact them with.  It has a big takeaway. It says, "Hey, you've only got so many hours to contact us, or the ransom goes up and goes up" To try and get you to move, and then you will pay via Bitcoin. Almost always. Which, by the way, has been driving up the value of Bitcoin. Because people have been buying it in order to pay ransoms. So that's what we're used to. The newer ransomware does things a little bit differently. So it gets onto your machine in much the same way. But the next step that it takes once it's on your machine, is it starts looking at files and finding files and usually it'll wait because what it's doing at that point now is it's pumping, poking a hole out of your network, back to the main controller for the ransomware guys. So it gets on your machine. It grabs the names of some of the files. It then connects back to home. It calls home. Once it's called home, it sends the names of your files and then it sits there. Now the ransomware guys are pretty busy actually. Cause so many people to fall for this stuff and haven't done what they needed to do to keep the ransomware out. The ransomware guys, usually within a few days, will then remote control your computer and they'll poke around and they'll find, Oh wow, here's client lists. Oh my gosh, personal information. I can sell that for as much as $20 a record. That's a lot of money, right? Especially for someone in Eastern Europe, which is where most of these things come from. Then what will happen is they will look around some more and they'll start trying to spread laterally, East, West, inside your network. So now they're inside your network and they say, Oh my gosh, there's 20, 30, 40, 50 machines in here.  It'll try and infect these other machines using the same or different techniques where it tries to spread like a worm, or a little virus, going around inside your network. And then it says, Oh my gosh, this is a medical office. Oh my gosh, this is a Department of Defense manufacturer.  It's. Oh, wow. Wow. When they got all of these records, all of these data. They might find things like also bank account numbers and transfer numbers, ACH accounts. All of this stuff. That's what it's looking for. Now. It's doing all of this in the background. You don't realize what's happening. Your computers just work in a way at this point that is probably not even slow.  Then the next step that they take is they decide, okay, what are we going to do? You know what? I think that we can extort money from this person if we pull these files. So they'll grab a bunch of files. They don't remove them from your computer. They just make a copy of them from the computer, from your file server or wherever they are in your network. It may be all of your files and may just be a few of them. Once they're done with that, they will either encrypt everything and hold for normal ransom or not. If they hold you for normal ransom, the same normal stuff applies a little red screen comes up. Oh, you've got ransomware. We can help you fix it. Contact us, give us a copy of this number. Take a picture of the screen and then off you go buying Bitcoin and paying them off. Remembering because you listened to this show that the Department of Justice may come after you if you pay the ransom for supporting terrorists and terrorist demands, but that's a separate issue. Now you get your key to decrypt and according to the FBI, about half of the time, you'll get all your files back. Okay. So far that all sounds pretty normal, but the next part is what they've been doing more recently, which is. Okay guys, thanks for paying that, by the way. We are a different company. We're a different group of bad guys, and we have copies of some of your files and unless you pay us. We're going to release those files out on the internet, the dark web, or maybe the regular web put them up in a paste bin or wherever they might want to put them. Pastebin is a website that hosts these files, zip files, and other things with all kinds of information in it. That is obviously sensitive because why would you pay extortion otherwise? So that's what they do. Secondarily, they try and get you to pay them to not release your data. Okay. So in many cases, you have paid twice, you paid once to decrypt the data you paid a second time in order to gain access to that data. Or excuse me, just stop other people from gaining access to your data. Does that make sense to you guys? That's what they've been doing. Now we've got a new scale that these ransomware guys have. They are really catching up quickly with the Nation States that we've been talking about earlier. These are called advanced persistent threat groups.  Just the regular gangs now have stepped it up. You can get this show and many others via podcast. Just go to my website, Craig peterson.com. Ransomware has gone from being opportunistic over to the other side, where they may spend months or even years on a network and a business and a government. So we're going to talk about the East-West spread of ransomware. We've had a major hack this week that has affected federal government agencies, all but one of the Fortune 500 agencies. It's affected 22,000 of these managed services providers potentially at least 18,000 organizations are confirmed with being affected by this. We're thinking it's Russia, but who knows? You cannot really tell. In the last segment, we went through the major changes in ransomware over the years. As I mentioned, the intro, opportunism, that's been the name of the game. They just send out a lot of feelers. They do a lot of scanning and they find somebody that is just vulnerable. That's the bottom line. They want vulnerable businesses. Once they find a vulnerable business, they move to the next step. That next step in the past has been just encrypting everything so that you and I really have no way to respond to it. It has gotten fancier. These advanced persistent threats are what the name implies. They're an advanced attack method. They're persistent. In other words, once they're on a network or on a machine, they stay there and there is a threat because of these ransomware groups, such as DAPL, painter, and revival. Have gotten on to the networks have been very targeted at what networks are trying to get onto. They want networks of businesses and these cyber-criminal hackers find vulnerabilities on the networks as they move around inside the network. That's what East to West is moving around inside finding other vulnerabilities. They often spend months laying the groundwork to compromise the systems with ransomware before finally unleashing the attack and encrypting the network. They've found that phase two, which was let's get on the network. Let's find the valuable files. Let's hold them for ransom. That just takes a long time. If they've stolen people's credentials, if they've stolen, social security, numbers, bank, account numbers, credit card numbers, et cetera. It takes a long time to sell them and get their money back. So they really aren't trying and to speed things up, frankly, spending months on a network isn't unheard of and it's become more and more common. These threat groups will hide for even years before they are detected, if they're detected at all, their goal is surveillance of the network. Finding all of the weaknesses and then stealing sensitive data, rather than just making money right off the bat with ransomware. These groups are making millions of dollars per attack. It's become so effective that many businesses if you look at their filings with the security and exchange commissions, are buying Bitcoin in preparation for a ransom. Isn't that something, in other words, they expect a ransom to happen. So they're just buying Bitcoin. So they have it to pay if it happens. Okay. So the there's been this transition from being opportunistic. Into the types of threats, we've seen from NationStates here for years. It is much more profitable for these bad guys to completely cover an organization with ransomware. Now, remember that's not necessarily the primary target, but it's also a really good cover for them because now you're trying to deal with the ransomware threat. So what do you do if you have ransomware? The best thing is don't get it in the first place. We've gone over that quite a few times here on the show, but the basics: Make sure you're running windows defender, Make sure that you are using Umbrella, so they have a hard time calling home. Make sure you go on to the next stage as well. Maybe add Malwarebytes. You also have to protect that network. I am a Cisco reseller and we have techs that are fire jumper certified. We know what happens. We can come in afterward and do clean up. This, unfortunately, is how we pick up most of our customers. Or we can go in beforehand and help to protect you because you want to stop them from getting in. The regular email filters just aren't enough. So we run it through just all kinds of tasks. We had an email from one of our clients here just about a week ago saying, Oh, I got this email. It seems to be fishing. How did that get through? Yeah, we stopped a thousand of those. It's types of emails and one snuck through. Nothing's perfect.  We've got to remember that as well. So if it does get in someone bringing in a thumb drive from home or using the VPN into the office, that hasn't been properly protected. Most of them aren't, by the way, everybody that gets in, what do you do then? Hopefully, you have a good backup. You're probably going to have to wipe all of your machines. Depending on the threat involved, that might be pretty difficult because they can get into different parts of the machine that you just can't get them out of. The next evolution of ransomware is that these groups gain more experience with these successful attacks. That time where they're taking between that initial compromise could be months or even years, that amount of time will become much shorter. Meaning there's less time to potentially detect this suspicious activity before it's too late. We know from what Talos has been reporting, as well as others, that the compromise timeframe where they poke around inside your network is nowadays somewhere between three and five days. So you have a few days to catch them in your network. Now, if you don't notice them, well it's probably a little bit too late, but again, hopefully, have good backups. Having good backups means, by the way, the three, two, one principle on backups. It means that you need to be testing them as well. Make sure you can restore your business from backup and you might even want to do what we've done for our bigger clients, a one a multi-national where we had backup hardware there at their facilities. So if something were to happen, let's say that there was a fire in the front part of their building, where their main data center was, we could transfer all operations to the back part of the building, where we had our own servers sitting there that could take over at an instant notice. Then we also have servers in the cloud that have all of their data. In an attempt to keep them up to date in almost real-time so they can stay in business. That's what you need to do. If you're going to survive ransomware. Now there are also normal things. Make sure you're applying security patches to everything. Make sure you are using multiple network segments that can not communicate with each other. So for instance, your building control systems should be on a completely different network than your office workers' computers, and those computers should be on a completely different network than this server. They should be going through a firewall to get to the server and an internal one. You should have multiple layers of firewalls.  In this company, I'm thinking of, this multi-national, we have seven layers of firewalls that you have to pass through in some cases, depending on where you are. That helps keep them out. Okay. The security patches you got to do, you've got to patch all of your internet of things devices. You cannot let people bring personal devices in. It just goes on and on. These are the types of controls, the best practices that we need to have. All right. You've probably heard of contact-tracing apps. Who knows what's going to happen with that virus over the next year or two years or what viruses might be coming after that. We're going to talk about the safety of the apps themselves. One of the big things that have been pushed in many parts of the world is contact tracing. Some states require us if we go to a restaurant to give our name, right? To give our phone number for contact. If there was someone at the restaurant who calls up the restaurant and says, "yeah, Hey, I came down with COVID-19 symptoms", then the restaurant's supposed to call up everybody who was there at the restaurant. Now, how effective is that? I really don't know. It's people, I would not want to give my information to people. I think we should just assume that we're living in a world with viruses and we should take precautions. If I was in the groups, one of the groups that were very susceptible to the virus. I think I would take a lot more precautions and frankly, isn't that the way it should be. If you are susceptible, then maybe you should lockdown. Not shut down - locked down, everybody else. We've never done anything quite this way before. You find typhoid Mary, and she gets quarantined, not everybody else. That's always the way we've done it. And it just makes a lot of sense. One of the proposals that have come out that they're saying, Hey, this is going to help us in the today and into the future, are these contact tracing apps?  I'm looking at an article right now that was over on dark reading saying that they tested nearly 100 contact tracing apps. Now, these are apps that are on your smartphone that might use Bluetooth for proximity detection to another phone. They might use some other technologies. I've seen some that actually start to squeal and make noise. If you get close to somebody else that's running one of these apps. So that, okay, I'm within the one-meter limit. Of the nearly a hundred they tested, they found 40% had significant security issues. Either using GPS locations or Bluetooth proximity detection in order to determine your potential exposure to somebody else. Now, these are mostly apps that are not using this new Apple and Google exposure notifications protocol.  I found that kind of interesting Apple has been very good at trying to preserve our privacy. In fact, there's a huge fight already going on between Facebook and Apple. If you have the latest version of iOS, you can go into the app store, look at an app, and I would challenge you to do that. If you've got your phone right now, iOS phone, and you're up to date, open up the app store search for the Facebook app.  Then once you're on the Facebook app page, scroll down a little bit and it'll have a section in there on security that goes on for pages and pages. Yeah. More button. Okay. Read more of what it is that Facebook is doing with your data. So Facebook's pretty upset about that saying this is going to hurt small businesses who need to micro-target, and they're not wrong about that. Apple is saying, Hey, we're trying to preserve the privacy and security of people who use Apple equipment, which I absolutely do agree with. Well, a company known as Guardsquare, which is a mobile security firm analyzed 75 contact tracing apps, 52 Android apps, and 43 iOS apps and found that 40% did not use the Apple Google protocol that Apple and Google worked together on this to come out with. The bottom line here, what is it is going to be safe? How can we protect user privacy? This protocol is designed to protect it. Most of those applications used GPS system data too. Figure out your location of other people and linked it to the phone numbers or in some cases, passport identifiers. Now, GPS can be fairly accurate, but if you want it really accurate, you have to add to some other data that is transmitted by all major airports, because there's a variance. The density of the atmosphere, which can vary depending on whether it's raining, how much water is in the air, snow, and other things. They transmit variances that can be used in conjunction with GPS to get an actual, accurate location. Once you get into a building or have you ever been inside a big city and found all of a sudden your GPS data is just terrible. Your automatic map stuff just isn't working, right? Those big buildings are blocking the signals from some of the satellites that you are depending on. That's what they have found with these apps. Many of them are trying to use GPS. They are gathering that and keeping the information and selling the information, which is a bad thing. It's not terribly accurate. Okay. So first off don't use these apps at all. If you're in one of the risk groups, You are also now relying on other people to have the same app or the same protocol being used in order for your app to do any good at all, because they are combining the data from everyone that's self-reporting in an area to figure out if there's potential exposure. If they're not self-reporting, if they don't have that same app, you're not going to get any information. So in June, Guardsquare looked at 17 different Android apps and found only one that fully encrypted and obfuscated data. They have done a survey here in the last month and it has gotten a little bit better, but of those 95 apps, they found 32 Android apps and 25 iOS apps actually use the official API of the exposure notification system created by Apple and Google. So bottom line, don't use these contract contact tracing apps. They're not useful. They're not useful, if not enough, people are using them. Then to top it off, they are not encrypting the data and anonymizing the data. FireEye, man, this is the company that found out about that SolarWinds breach that we spent the first hour talking about today. FireEye is a security research company.  Part of what you should be doing and is required to do is to have red team blue team exercises.  What that means is you have people who are attacking your network, and then you have people who are defending the network. So you have a team of people whose goal is to break in and another team whose goal is to defend. You might remember. I talked to him about a company that hadn't been hired to do this out. Where was it? Missouri or something. They tried to break into the courthouse that they had been hired to test.  Then there was a dispute over turf and everything else, and these guys went to jail and they had to go to court. The whole thing was quite the mass. Okay. That's a red team- blue team type strategy. We don't do physical incursions ourselves. It's just a little bit too risky for us.  It takes more people more time, but we do the type of Computer incursions and FireEye has red team tools that are used to break in. That is a problem because FireEye was compromised as part of this SolarWinds hack. Their tools were stolen. These are the FireEye red team tools that are used by their security teams to break into businesses. This is the gift that's going to keep on giving. You might remember the NSA was broken into and their red team tools were stolen. The tools they use to monitor foreign governments and officials hack into computers. Well, this is a real problem. Okay. Many of these red team tools that were stolen from FireEye have already been released to the community and there's even an open-source virtual machine called commandoVM. Just absolutely unreal. Apparently, none of the red team tools that were stolen by the attacker contain zero-day exploits and they apply well-known methods to break in. In other words, if you had been patching your systems, taking care of it, unlike what happened with so many companies out there. Right? Home Depot, what happened to them? The TJX community of businesses, Equifax on and on Who did not keep up with best practices or even patches you might be okay. But if you are more of a security guy, like I am they have released hundreds of countermeasures that you can use, including things like Open IOC, Yara, Snort, ClamAV, all tools that we use here as well. There's a whole FireEye git hub repository. Git Hub is where people can distribute software and things. It's usually used by the open-source community and they've got directions and what you can do and everything else. So I think FireEye has responded extremely well to this. It's going to hurt their business. No doubt. It's going to hurt a lot of other businesses. No doubt, but I really like what they have done and you can look it all up online. If you want a little more information. Just email me ME@craigpeterson.com and it might be time for me to put together with other, a little course, Oh, maybe a big course on how to use these tools to test your own security as well as to defend your security. That's it for today. Thanks for joining me. Make sure you join me online as well. craigpeterson.com. --- More stories and tech updates at: www.craigpeterson.com Don't miss an episode from Craig. Subscribe and give us a rating: www.craigpeterson.com/itunes Follow me on Twitter for the latest in tech at: www.twitter.com/craigpeterson For questions, call or text: 855-385-5553

In this Weeks TechtalkRadio Show, Andy Taylor, Shawn DeWeerd, Justin Lemme and Broadway. We get the update on Broadway after his positive test for Covid-19 a couple of weeks ago. Good to report he is doing much better. Shawn talks about the changes in College and University Sports due to the pandemic as many institutions get back to work. We learn about the audio tricks employed to enhance the games on web and broadcast. Chromebooks are continuing to be in demand due to distanced learning, the crew talks about building your own chromebook and recommendations on the marketplace. Windows Update have been frequent, the crew talks about some of those problems of the updates like rebooting during a television broadcast. Updates have also affected Malwarebytes and Shawn and Broadway share the experiences with this. Comcast will no longer be offering Symantec Anti-Virus and now Andy must deal with either continuing with Symantec or another choice. Justin and Shawn both recommend Eset while John likes the free open source version of Clam. Shawn shares a site for finding open source software AlternativeTo.Net Justin tells us about his hunt for the X-Box Series X, there has been some confusion regarding the X-Box One X which is still on store shelves. He tells about the differences. Shawn tells us about a console made by Bud Light which raised money for Charity. Justin talks about his hunt for the RTX3080 Graphics card and using the website https://www.nowinstock.net Justin talks about people blowing vape smoke into the Xbox Series X and Microsoft surprised to have to notify users not to do this. Smoking around a computer is not a good idea, Andy tells the story of repairing a computer from a smoker. Andy talks about repairing a laptop which had a problem starting up into Windows 7. After looking at the system and examination of the system BIOS, the internal battery had failed and needed to be replaced. This can be a problem with older laptops. Andy found a company in the process which sells batteries and other cool education products. The company is called XUMP. Hulu has raised their prices for Live Local TV Options, Broadway talks about his looking for an option. The crew loves Disney Plus and The Mandalorian. Justin and Shawn talk about the Making of the Mandalorian and how groundbreaking the visual and mechanical effects are with filming. Andy gives us his thoughts of the Movie Clouds. The show wraps up with a discussion of deliveries following Black Friday and Cyber Monday, Justin recommends Amazon Garage for those with a MyQ Garage from Chamberlin. Andy lets you know about ordering from Big box Stores and picking up from them or using services like shipping to UPSStore, FedEx or even in some cases your neighborhood Walgreen’s Connect with us on our Social Media sites. Facebook @techtalkers Twitter @TechtalkRadio Instagram techtalkradio Web: TechtalkRadio.Com Subscribe and Like on Spreaker!

In a week when too many security updates are never enough, we cover the biggest one of them all for a while, BootHole, with an interview between Joe McManus and Alex Murray for some behind-the-scenes and in-depth coverage, plus we also look briefly at the other 100-odd CVEs for the week in FFmpeg, OpenJDK, LibVNCServer, ClamAV and more.

This week we welcome back Vineetha Kamath, Ubuntu Security Certifications Manager, to discuss the recent release of FIPS modules for Ubuntu 18.04 LTS and we look at security updates for Bind, ClamAV, QEMU, the Linux kernel and more.

Security updates for Firefox, QEMU, Linux kernel, ClamAV and more, plus we discuss our recommended reading list for getting into infosec and farewell long-time member of the Ubuntu Security Team / community Tyler Hicks.

After a weeks break we are back to look at updates for ClamAV, GnuTLS, nginx, Samba and more, plus we briefly discuss the current 20.04 Mid-Cycle Roadmap Review sprint for the Ubuntu Security Team

This week we look at security updates for the Linux kernel, SDL 2, ClamAV and more, plus Alex and Joe talk security and performance trade-offs, snaps and OWASP Top 10 Cloud Security recommendations, and finally Alex covers some recent concerns about the security of the Snap Store.

Jake and Michael discuss all the latest Laravel releases, tutorials, and happenings in the community.

Flashpoint Editorial Director Mike Mimoso talks to director of research Vitali Kremez about the recent leak of the TreasureHunter point-of-sale malware and builder source code, as well as the MaxiDed bulletproof hosting provider takedown.  Both events figure to have some impact on cybercrime activity.  The TreasureHunter is somewhat unique because rarely is source code for the malware payload and configuration leaked alongside its builder. This could simplify matters somewhat for criminals on the underground who wish to build variants of TreasureHunter. Flashpoint worked in collaboration with Cisco Talos on this disclosure and Talos provided updated Snort rules and ClamAV signatures to the public.  The MaxiDed takedown puts a huge dent in the underground cybercrime infrastructure hosting world. Known for hosting numerous nefarious groups' infrastructure, including Carbanak and others, MaxiDed is an example of the need for continued international cooperation among law enforcement and private sector researchers. 

Looking at Lumina Desktop 2.0, 2 months of KPTI development in SmartOS, OpenBSD email service, an interview with Ryan Zezeski, NomadBSD released, and John Carmack's programming retreat with OpenBSD. This episode was brought to you by Headlines Looking at Lumina Desktop 2.0 (https://www.trueos.org/blog/looking-lumina-desktop-2-0/) A few weeks ago I sat down with Lead Developer Ken Moore of the TrueOS Project to get answers to some of the most frequently asked questions about Lumina Desktop from the open source community. Here is what he said on Lumina Desktop 2.0. Do you have a question for Ken and the rest of the team over at the TrueOS Project? Make sure to read the interview and comment below. We are glad to answer your questions! Ken: Lumina Desktop 2.0 is a significant overhaul compared to Lumina 1.x. Almost every single subsystem of the desktop has been streamlined, resulting in a nearly-total conversion in many important areas. With Lumina Desktop 2.0 we will finally achieve our long-term goal of turning Lumina into a complete, end-to-end management system for the graphical session and removing all the current runtime dependencies from Lumina 1.x (Fluxbox, xscreensaver, compton/xcompmgr). The functionality from those utilities is now provided by Lumina Desktop itself. Going along with the session management changes, we have compressed the entire desktop into a single, multi-threaded binary. This means that if any rogue script or tool starts trying to muck about with the memory used by the desktop (probably even more relevant now than when we started working on this), the entire desktop session will close/crash rather than allowing targeted application crashes to bypass the session security mechanisms. By the same token, this also prevents “man-in-the-middle” type of attacks because the desktop does not use any sort of external messaging system to communicate (looking at you dbus). This also gives a large performance boost to Lumina Desktop The entire system for how a user's settings get saved and loaded has been completely redone, making it a “layered” settings system which allows the default settings (Lumina) to get transparently replaced by system settings (OS/Distributor/SysAdmin) which can get replaced by individual user settings. This results in the actual changes in the user setting files to be kept to a minimum and allows for a smooth transition between updates to the OS or Desktop. This also provides the ability to “restrict” a user's desktop session (based on a system config file) to the default system settings and read-only user sessions for certain business applications. The entire graphical interface has been written in QML in order to fully-utilize hardware-based GPU acceleration with OpenGL while the backend logic and management systems are still written entirely in C++. This results in blazing fast performance on the backend systems (myriad multi-threaded C++ objects) as well as a smooth and responsive graphical interface with all the bells and whistles (drag and drop, compositing, shading, etc). Q: Are there future plans to implement something like Lumina in a MAC Jail? While I have never tried out Lumina in a MAC jail, I do not see anything on that page which should stop it from running in one right now. Lumina is already designed to be run as an unpriviledged user and is very smart about probing the system to find out what is/not available before showing anything to the user. The only thing that comes to mind is that you might need to open up some other system devices so that X11 itself can draw to the display (graphical environment setup is a bit different than CLI environment). Q: I look forward to these changes. I know the last time I used it when I would scroll I would get flashes like the refresh rate was not high enough. It will be nice to have a fast system as well as I know with the more changes Linux is becoming slower. Not once it has loaded but in the loading process. I will do another download when these changes come out and install again and maybe stay this time. If I recall correctly, one of the very first versions of Lumina (pre-1.0) would occasionally flicker. If that is still happening, you might want to verify that you are using the proper video driver for your hardware and/or enable the compositor within the Lumina settings. Q: Why was enlightenment project not considered for TrueOS? It is BSD licensed and is written in C. This was a common question about 4(?) years ago with the first release of the Lumina desktop and it basically boiled down to long-term support and reliability of the underlying toolkit. Some of the things we had to consider were: cross-platform/cross-architecture support, dependency reliability and support framework (Qt5 > EFL), and runtime requirements and dependency tracking (Qt5 is lighter than the EFL). That plus the fact that the EFL specifically states that it is linux-focused and the BSD's are just an afterthought (especially at the time we were doing the evaluation). Q: I have two questions. 1) The default layout of Unity(menu bar with actual menu entries on top and icon dock on the side) is one of the few things I liked about my first voyage into non-Windows systems, and have been missing since moving on to other distros(and now also other non-Linux systems). However in 1.4.0 screenshots on Lumina's site, the OSX-like layout has the menu attached to the window. Will 2.0 be able to have the menus on the bar? 2) Is there any timeline for a public release, or are you taking a “when it's ready” approach? In Lumina you can already put panels on the left/right side of the screen and give you something like the layout of the Unity desktop. The embedded menu system is not available in Lumina because that is not a specification supported by X11 and the window manager standards at the present time. The way that functionality is currently run on Linux is a hacky-bypass of the display system which only really works with the GTK3 and Qt5 toolkits, resulting in very odd overall desktop behavior in mixed environments where some apps use other graphical toolkits. We are targetting the 18.06 STABLE release of TrueOS for Lumina 2, but that is just a guideline and if necessary we will push back the release date to allow for additional testing/fixing as needed. A long two months (https://blog.cooperi.net/a-long-two-months) IllumOS/SmartOS developer Alex Wilson describes the journey of developing KPTI for IllumOS > On Monday (January 1st) I had the day off work for New Year's day, as is usual in most of the western world, so I slept in late. Lou and her friend decided to go to the wax museum and see several tourist attractions around SF, and I decided to pass the day at home reading. That afternoon, work chat started talking about a Tumblr post by pythonsweetness about an Intel hardware security bug. At the time I definitely did not suspect that this was going to occupy most of my working life for the next (almost) two months. Like many people who work on system security, I had read Anders Fogh's post about a "Negative Result" in speculative execution research in July of 2017. At the time I thought it was an interesting writeup and I remember being glad that researchers were looking into this area. I sent the post to Bryan and asked him about his thoughts on it at the time, to which he replied saying that "it would be shocking if they left a way to directly leak out memory in the speculative execution". None of us seriously thought that there would be low-hanging fruit down that research path, but we also felt it was important that there was someone doing work in the area who was committed to public disclosure. At first, after reading the blog post on Monday, we thought (or hoped) that the bug might "just" be a KASLR bypass and wouldn't require a lot of urgency. We tried to reach out to Intel at work to get more information but were met with silence. (We wouldn't hear back from them until after the disclosure was already made public.) The speculation on Tuesday intensified, until finally on Wednesday morning I arrived at the office to find links to late Tuesday night tweets revealing exploits that allowed arbitrary kernel memory reads. Wednesday was not a happy day. Intel finally responded to our emails -- after they had already initiated public disclosure. We all spent a lot of time reading. An arbitrary kernel memory read (an info leak) is not that uncommon as far as bugs go, but for the most part they tend to be fairly easy to fix. The thing that makes the Meltdown and Spectre bugs particularly notable is that in order to mitigate them, a large amount of change is required in very deep low-level parts of the kernel. The kind of deep parts of the kernel where there are 20-year old errata workarounds that were single-line changes that you have to be very careful to not accidentally undo; the kind of parts where, as they say, mortals fear to tread. On Friday we saw the patches Matthew Dillon put together for DragonFlyBSD for the first time. These were the first patches for KPTI that were very straightforward to read and understand, and applied to a BSD-derived kernel that was similar to those I'm accustomed to working on. To mitigate Meltdown (and partially one of the Spectre variants), you have to make sure that speculative execution cannot reach any sensitive data from a user context. This basically means that the pages the kernel uses for anything potentially sensitive have to be unmapped when we are running user code. Traditionally, CPUs that were built to run a multi-user, UNIX-like OS did this by default (SPARC is an example of such a CPU which has completely separate address spaces for the kernel and userland). However, x86 descends from a single-address-space microcontroller that has grown up avoiding backwards-incompatible changes, and has never really introduced a clean notion of multiple address spaces (segmentation is the closest feature really, and it was thrown out for 64-bit AMD64). Instead, operating systems for x86 have generally wound up (at least in the post-AMD64 era) with flat address space models where the kernel text and data is always present in the page table no matter whether you're in user or kernel mode. The kernel mappings simply have the "supervisor" bit set on them so that user code can't directly access them. The mitigation is basically to stop doing this: to stop mapping the kernel text, data and other memory into the page table while we're running in userland. Unfortunately, the x86 design does not make this easy. In order to be able to take interrupts or traps, the CPU has to have a number of structures mapped in the current page table at all times. There is also no ability to tell an x86 CPU that you want it to switch page tables when an interrupt occurs. So, the code that we jump to when we take an interrupt, as well as space for a stack to push context onto have to be available in both page tables. And finally, of course, we need to be able to figure out somehow what the other page table we should switch to is when we enter the kernel. When we looked at the patches for Linux (and also the DragonFlyBSD patches at the time) on Friday and started asking questions, it became pretty evident that the initial work done by both was done under time constraints. Both had left the full kernel text mapped in both page tables, and the Linux trampoline design seemed over-complex. I started talking over some ideas with Robert Mustacchi about ways to fix these and who we should talk to, and reached out to some of my old workmates from the University of Queensland who were involved with OpenBSD. It seemed to me that the OpenBSD developers would care about these issues even more than we did, and would want to work out how to do the mitigation right. I ended up sending an email to Philip Guenther on Friday afternoon, and on Saturday morning I drove an hour or so to meet up with him for coffee to talk page tables and interrupt trampolines. We wound up spending a good 6 hours at the coffee shop, and I came back with several pages of notes and a half-decent idea of the shape of the work to come. One detail we missed that day was the interaction of per-CPU structures with per-process page tables. Much of the interrupt trampoline work is most easily done by using per-CPU structures in memory (and you definitely want a per-CPU stack!). If you combine that with per-process page tables, however, you have a problem: if you leave all the per-CPU areas mapped in all the processes, you will leak information (via Meltdown) about the state of one process to a different one when taking interrupts. In particular, you will leak things like %rip, which ruins all the work being done with PIE and ASLR pretty quickly. So, there are two options: you can either allocate the per-CPU structures per-process (so you end up with $NCPUS * $NPROCS of them); or you can make the page tables per-CPU. OpenBSD, like Linux and the other implementations so far, decided to go down the road of per-CPU per-process pages to solve this issue. For illumos, we took the other route. In illumos, it turned out that we already had per-CPU page tables. Robert and I re-discovered this on the Sunday of that week. We use them for 32-bit processes due to having full P>V PAE support in our kernel (which is, as it turns out, relatively uncommon amongst open-source OS). The logic to deal with creating and managing them and updating them was all already written, and after reading the code we concluded we could basically make a few small changes and re-use all of it. So we did. By the end of that second week, we had a prototype that could get to userland. But, when working on this kind of kernel change we have a rule of thumb we use: after the first 70% of the patch is done and we can boot again, now it's time for the second 70%. In fact it turned out to be more like the second 200% for us -- a tedious long tail of bugs to solve that ended up necessitating some changes in the design as well. At first we borrowed the method that Matt Dillon used for DragonFlyBSD, by putting the temporary "stack" space and state data for the interrupt trampolines into an extra page tacked onto the end of *%gs (in illumos the structure that lives there is the cpu_t). If you read the existing logic in interrupt handlers for dealing with %gs though, you will quickly notice that the corner cases start to build up. There are a bunch of situations where the kernel temporarily alters %gs, and some of the ways to mess it up have security consequences that end up being worse than the bug we're trying to fix. As it turns out, there are no less than 3 different ways that ISRs use to try to get to having the right cpu_t in %gs on illumos, as it turns out, and they are all subtly different. Trying to tell which you should use when requires a bunch of test logic that in turn requires branches and changes to the CPU state, which is difficult to do in a trampoline where you're trying to avoid altering that state as much as possible until you've got the real stack online to push things into. I kept in touch with Philip Guenther and Mike Larkin from the OpenBSD project throughout the weeks that followed. In one of the discussions we had, we talked about the NMI/MCE handlers and the fact that their handling currently on OpenBSD neglected some nasty corner-cases around interrupting an existing trap handler. A big part of the solution to those issues was to use a feature called IST, which allows you to unconditionally change stacks when you take an interrupt. Traditionally, x86 only changes the stack pointer (%rsp on AMD64) while taking an interrupt when there is a privilege level change. If you take an interrupt while already in the kernel, the CPU does not change the stack pointer, and simply pushes the interrupt stack frame onto the stack you're already using. IST makes the change of stack pointer unconditional. If used unwisely, this is a bad idea: if you stay on that stack and turn interrupts back on, you could take another interrupt and clobber the frame you're already in. However, in it I saw a possible way to simplify the KPTI trampoline logic and avoid having to deal with %gs. A few weeks into the project, John Levon joined us at work. He had previously worked on a bunch of Xen-related stuff as well as other parts of the kernel very close to where we were, so he quickly got up to speed with the KPTI work as well. He and I drafted out a "crazy idea" on the whiteboard one afternoon where we would use IST for all interrupts on the system, and put the "stack" they used in the KPTI page on the end of the cpu_t. Then, they could easily use stack-relative addresses to get the page table to change to, then pivot their stack to the real kernel stack memory, and throw away (almost) all the conditional logic. A few days later, we had convinced each other that this was the way to go. Two of the most annoying x86 issues we had to work around were related to the SYSENTER instruction. This instruction is used to make "fast" system calls in 32-bit userland. It has a couple of unfortunate properties: firstly, it doesn't save or restore RFLAGS, so the kernel code has to take care of this (and be very careful not to clobber any of it before saving or after restoring it). Secondly, if you execute SYSENTER with the TF ("trap"/single-step flag) set by a debugger, the resulting debug trap's frame points at kernel code instead of the user code where it actually happened. The first one requires some careful gymnastics on the entry and return trampolines specifically for SYSENTER, while the second is a nasty case that is incidentally made easier by using IST. With IST, we can simply make the debug trap trampoline check for whether we took the trap in another trampoline's code, and reset %cr3 and the destination stack. This works for single-stepping into any of the handlers, not just the one for SYSENTER. To make debugging easier, we decided that traps like the debug/single-step trap (as well as faults like page faults, #GP, etc.) would push their interrupt frame in a different part of the KPTI state page to normal interrupts. We applied this change to all the traps that can interrupt another trampoline (based on the instructions we used). These "paranoid" traps also set a flag in the KPTI struct to mark it busy (and jump to the double-fault handler if it is), to work around some bugs where double-faults are not correctly generated. It's been a long and busy two months, with lots of time spent building, testing, and validating the code. We've run it on as many kinds of machines as we could get our hands on, to try to make sure we catch issues. The time we've spent on this has been validated several times in the process by finding bugs that could have been nasty in production. One great example: our patches on Westmere-EP Xeons were causing busy machines to throw a lot of L0 I-cache parity errors. This seemed very mysterious at first, and it took us a few times seeing it to believe that it was actually our fault. This was actually caused by the accidental activation of a CPU errata for Westmere (B52, "Memory Aliasing of Code Pages May Cause Unpredictable System Behaviour") -- it turned out we had made a typo and put the "cacheable" flag into a variable named flags instead of attrs where it belonged when setting up the page tables. This was causing performance degradation on other machines, but on Westmere it causes cache parity errors as well. This is a great example of the surprising consequences that small mistakes in this kind of code can end up having. In the end, I'm glad that that erratum existed, otherwise it may have been a long time before we caught that bug. As of this week, Mike and Philip have committed the OpenBSD patches for KPTI to their repository, and the patches for illumos are out for review. It's a nice kind of symmetry that the two projects who started on the work together after the public disclosure at the same time are both almost ready to ship at the same time at the other end. I'm feeling hopeful, and looking forward to further future collaborations like this with our cousins, the BSDs. The IllumOS work has since landed, on March 12th (https://github.com/joyent/illumos-joyent/commit/d85fbfe15cf9925f83722b6d62da49d549af615c) *** OpenBSD Email Service (https://github.com/vedetta-com/caesonia) Features Efficient: configured to run on min. 512MB RAM and 20GB SSD, a KVM (cloud) VPS for around $2.50/mo 15GB+ uncompressed Maildir, rivals top free-email providers (grow by upgrading SSD) Email messages are gzip compressed, at least 1/3 more space with level 6 default Server side full text search (headers and body) can be enabled (to use the extra space) Mobile data friendly: IMAPS connections are compressed Subaddress (+tag) support, to filter and monitor email addresses Virtual domains, aliases, and credentials in files, Berkeley DB, or SQLite3 Naive Bayes rspamd filtering with supervised learning: the lowest false positive spam detection rates Carefree automated Spam/ and Trash/ cleaning service (default: older than 30 days) Automated quota management, gently assists when over quota Easy backup MX setup: using the same configuration, install in minutes on a different host Worry-free automated master/master replication with backup MX, prevents accidental loss of email messages Resilient: the backup MX can be used as primary, even when the primary is not down, both perfect replicas Flexible: switching roles is easy, making the process of changing VPS hosts a breeze (no downtime) DMARC (with DKIM and SPF) email-validation system, to detect and prevent email spoofing Daily (spartan) stats, to keep track of things Your sieve scripts and managesieve configuration, let's get started Considerations By design, email message headers need to be public, for exchanges to happen. The body of the message can be encrypted by the user, if desired. Moreover, there is no way to prevent the host from having access to the virtual machine. Therefore, full disk encryption (at rest) may not be necessary. Given our low memory requirements, and the single-purpose concept of email service, Roundcube or other web-based IMAP email clients should be on a different VPS. Antivirus software users (usually) have the service running on their devices. ClamAV can easily be incorporated into this configuration, if affected by the types of malware it protects against, but will require around 1GB additional RAM (or another VPS). Every email message is important, if properly delivered, for Bayes classification. At least 200 ham and 200 spam messages are required to learn what one considers junk. By default (change to use case), a rspamd score above 50% will send the message to Spam/. Moving messages in and out of Spam/ changes this score. After 95%, the message is flagged as "seen" and can be safely ignored. Spamd is effective at greylisting and stopping high volume spam, if it becomes a problem. It will be an option when IPv6 is supported, along with bgp-spamd. System mail is delivered to an alias mapped to a virtual user served by the service. This way, messages are guaranteed to be delivered via encrypted connection. It is not possible for real users to alias, nor mail an external mail address with the default configuration. e.g. puffy@mercury.example.com is wheel, with an alias mapped to (virtual) puffy@example.com, and user (puffy) can be different for each. Interview - Ryan Zezeski - rpz@joyent.com (mailto:rpz@joyent.com) / @rzezeski (https://twitter.com/rzezeski) News Roundup John Carmack's programming retreat to hermit coding with OpenBSD (https://www.facebook.com/permalink.php?story_fbid=2110408722526967&id=100006735798590) After a several year gap, I finally took another week-long programming retreat, where I could work in hermit mode, away from the normal press of work. My wife has been generously offering it to me the last few years, but I'm generally bad at taking vacations from work. As a change of pace from my current Oculus work, I wanted to write some from-scratch-in-C++ neural network implementations, and I wanted to do it with a strictly base OpenBSD system. Someone remarked that is a pretty random pairing, but it worked out ok. Despite not having actually used it, I have always been fond of the idea of OpenBSD — a relatively minimal and opinionated system with a cohesive vision and an emphasis on quality and craftsmanship. Linux is a lot of things, but cohesive isn't one of them. I'm not a Unix geek. I get around ok, but I am most comfortable developing in Visual Studio on Windows. I thought a week of full immersion work in the old school Unix style would be interesting, even if it meant working at a slower pace. It was sort of an adventure in retro computing — this was fvwm and vi. Not vim, actual BSD vi. In the end, I didn't really explore the system all that much, with 95% of my time in just the basic vi / make / gdb operations. I appreciated the good man pages, as I tried to do everything within the self contained system, without resorting to internet searches. Seeing references to 30+ year old things like Tektronix terminals was amusing. I was a little surprised that the C++ support wasn't very good. G++ didn't support C++11, and LLVM C++ didn't play nicely with gdb. Gdb crashed on me a lot as well, I suspect due to C++ issues. I know you can get more recent versions through ports, but I stuck with using the base system. In hindsight, I should have just gone full retro and done everything in ANSI C. I do have plenty of days where, like many older programmers, I think “Maybe C++ isn't as much of a net positive as we assume...”. There is still much that I like, but it isn't a hardship for me to build small projects in plain C. Maybe next time I do this I will try to go full emacs, another major culture that I don't have much exposure to. I have a decent overview understanding of most machine learning algorithms, and I have done some linear classifier and decision tree work, but for some reason I have avoided neural networks. On some level, I suspect that Deep Learning being so trendy tweaked a little bit of contrarian in me, and I still have a little bit of a reflexive bias against “throw everything at the NN and let it sort it out!” In the spirit of my retro theme, I had printed out several of Yann LeCun's old papers and was considering doing everything completely off line, as if I was actually in a mountain cabin somewhere, but I wound up watching a lot of the Stanford CS231N lectures on YouTube, and found them really valuable. Watching lecture videos is something that I very rarely do — it is normally hard for me to feel the time is justified, but on retreat it was great! I don't think I have anything particularly insightful to add about neural networks, but it was a very productive week for me, solidifying “book knowledge” into real experience. I used a common pattern for me: get first results with hacky code, then write a brand new and clean implementation with the lessons learned, so they both exist and can be cross checked. I initially got backprop wrong both times, comparison with numerical differentiation was critical! It is interesting that things still train even when various parts are pretty wrong — as long as the sign is right most of the time, progress is often made. I was pretty happy with my multi-layer neural net code; it wound up in a form that I can just drop it into future efforts. Yes, for anything serious I should use an established library, but there are a lot of times when just having a single .cpp and .h file that you wrote ever line of is convenient. My conv net code just got to the hacky but working phase, I could have used another day or two to make a clean and flexible implementation. One thing I found interesting was that when testing on MNIST with my initial NN before adding any convolutions, I was getting significantly better results than the non-convolutional NN reported for comparison in LeCun ‘98 — right around 2% error on the test set with a single 100 node hidden layer, versus 3% for both wider and deeper nets back then. I attribute this to the modern best practices —ReLU, Softmax, and better initialization. This is one of the most fascinating things about NN work — it is all so simple, and the breakthrough advances are often things that can be expressed with just a few lines of code. It feels like there are some similarities with ray tracing in the graphics world, where you can implement a physically based light transport ray tracer quite quickly, and produce state of the art images if you have the data and enough runtime patience. I got a much better gut-level understanding of overtraining / generalization / regularization by exploring a bunch of training parameters. On the last night before I had to head home, I froze the architecture and just played with hyperparameters. “Training!” Is definitely worse than “Compiling!” for staying focused. Now I get to keep my eyes open for a work opportunity to use the new skills! I am dreading what my email and workspace are going to look like when I get into the office tomorrow. Stack-register Checking (https://undeadly.org/cgi?action=article;sid=20180310000858) Recently, Theo de Raadt (deraadt@) described a new type of mitigation he has been working on together with Stefan Kempf (stefan@): How about we add another new permission! This is not a hardware permission, but a software permission. It is opportunistically enforced by the kernel. The permission is MAP_STACK. If you want to use memory as a stack, you must mmap it with that flag bit. The kernel does so automatically for the stack region of a process's stack. Two other types of stack occur: thread stacks, and alternate signal stacks. Those are handled in clever ways. When a system call happens, we check if the stack-pointer register points to such a page. If it doesn't, the program is killed. We have tightened the ABI. You may no longer point your stack register at non-stack memory. You'll be killed. This checking code is MI, so it works for all platforms. For more detail, see Theo's original message (https://marc.info/?l=openbsd-tech&m=152035796722258&w=2). This is now available in snapshots, and people are finding the first problems in the ports tree already. So far, few issues have been uncovered, but as Theo points out, more testing is necessary: Fairly good results. A total of 4 problems have been found so far. go, SBCL, and two cases in src/regress which failed the new page-alignment requirement. The SBCL and go ones were found at buildtime, since they use themselves to complete build. But more page-alignment violations may be found in ports at runtime. This is something I worry about a bit. So please everyone out there can help: Use snapshots which contain the stack-check diff, update to new packages, and test all possible packages. Really need a lot of testing for this, so please help out. So, everybody, install the latest snapshot and try all your favorite ports. This is the time to report issues you find, so there is a good chance this additional security feature is present in 6.3 (and works with third party software from packages). NomadBSD 1.0 has been released (https://freeshell.de/~mk/projects/nomadbsd.html) NomadBSD is a live system for flash drives, based on FreeBSD® 11.1 (amd64) Change Log The setup process has been improved. Support for optional geli encryption of the home partition has been added Auto-detection of NVIDIA graphics cards and their corresponding driver has been added. (Thanks to holgerw and lme from BSDForen.de) An rc script to start the GEOM disk scheduler on the root device has been added. More software has been added: accessibility/redshift (starts automatically) audio/cantata audio/musicpd audio/ncmpc ftp/filezilla games/bsdtris mail/neomutt math/galculator net-p2p/transmission-qt5 security/fpm2 sysutils/bsdstats x11/metalock x11/xbindkeys Several smaller improvements and bugfixes. Screenshots https://freeshell.de/~mk/projects/nomadbsd-ss1.png https://freeshell.de/~mk/projects/nomadbsd-ss2.png https://freeshell.de/~mk/projects/nomadbsd-ss3.png https://freeshell.de/~mk/projects/nomadbsd-ss4.png https://freeshell.de/~mk/projects/nomadbsd-ss5.png https://freeshell.de/~mk/projects/nomadbsd-ss6.png Beastie Bits KnoxBug - Nagios (http://knoxbug.org/2018-03-27) vBSDcon videos landing (https://www.youtube.com/playlist?list=PLfJr0tWo35bc9FG_reSki2S5S0G8imqB4) AsiaBSDCon 2017 videos (https://www.youtube.com/playlist?list=PLnTFqpZk5ebBTyXedudGm6CwedJGsE2Py) DragonFlyBSD Adds New "Ptr_Restrict" Security Option (https://www.phoronix.com/scan.php?page=news_item&px=DragonFlyBSD-Ptr-Restrict) A Dexter needs your help (https://twitter.com/michaeldexter/status/975603855407788032) Mike Larkin at bhyvecon 2018: OpenBSD vmm(4) update (https://undeadly.org/cgi?action=article;sid=20180309064801) [HEADS UP] - OFED/RDMA stack update (https://lists.freebsd.org/pipermail/freebsd-arch/2018-March/018900.html) *** Feedback/Questions Ron - Interview someone using DragonflyBSD (http://dpaste.com/3BM6GSW#wrap) Brad - Gaming and all (http://dpaste.com/3X4ZZK2#wrap) Mohammad - Sockets vs TCP (http://dpaste.com/0PJMKRD#wrap) Paul - All or at least most of Bryan Cantrill's Talks (http://dpaste.com/2WXVR1X#wrap) ***

In today's continuation of last week's episode I'm continuing a discussion on using free tools to triage Windows systems - be they infected or just acting suspicious. Specifically, those tools include: FTK Imager - does a dandy job of creating memory dumps and/or full disk backups of a live system. You can also make a portable version by installing FTK Imager on a machine, then copying the C:Program FileswhereverFTK Imagerlives to a USB drive. FTK on the go! Redline grabs a full forensics pack of data from a machine and helps you pick apart memory strings, network connections, event logs, URL history, etc. The tool helps you dig deep into the timeline of a machine and figure out "What the heck has this machine been doing from time X to Y?" DumpIt does quick n' dirty memory dumps of machines. Volatility allow you to, in a relatively low number of commands, determine if a machine has been up to no good. One of my favorite features is extracting malware right out of the memory image and analyzing it on a separate Linux VM with something like ClamAV.

The BlackHat/DEFCON recovery episode. This one may be a touch rough, with some great gems. We discuss why music in 1994 was so terrible, including a BWT rendition of some classic Ace of Bass. The FIRST tool is discussed in some detail, how using our IDA Pro plug-in saves time a reduces duplication of effort. A vital topic in this EP is Matt’s post “On Conveying Doubt” how can intel professionals couch our findings in the appropriate amount of certainty. We discuss Warren’s amazing shorts ad nauseam (thanks Sammi for the submission!!) and also talk about ClamAV 0.99.3 release and what you’ll find inside. Main topic - what is the value in the mega-cons? Are they getting too big? Has the value increased, decreased, or just changed with growth?

This week, we'll be talking to Henning Brauer about OpenNTPD and its recently revived portable version. After that, we'll be discussing different ways to securely tunnel your traffic: specifically OpenVPN, IPSEC, SSH and Tor. All that and the latest news, coming up on BSD Now - the place to B.. SD. This episode was brought to you by Headlines Strange timer bug in FreeBSD 11 (https://lists.freebsd.org/pipermail/freebsd-current/2015-February/054295.html) Peter Wemm (http://www.bsdnow.tv/episodes/2014_09_24-beastly_infrastructure) wrote in to the FreeBSD -CURRENT mailing list with an interesting observation Running the latest development code in the infrastructure, the clock would stop keeping time after 24 days of uptime This meant things like cron and sleep would break, TCP/IP wouldn't time out or resend packets, a lot of things would break A workaround until it was fixed was to reboot every 24 days, but this is BSD we're talking about - uptime is our game An initial proposal was adding a CFLAG to the build options which makes makes signed arithmetic wrap Peter disagreed and gave some background (https://lists.freebsd.org/pipermail/freebsd-current/2015-February/054320.html), offering a different patch to fix (https://lists.freebsd.org/pipermail/svn-src-head/2015-February/067827.html) the issue and detect it early (https://lists.freebsd.org/pipermail/svn-src-head/2015-February/067828.html) if it happens again Ultimately, the problem was traced back to an issue with a recent clang import It only affected -CURRENT, not -RELEASE or -STABLE, but was definitely a bizarre bug to track down *** An OpenBSD mail server (http://technoquarter.blogspot.com/p/series.html) There's been a recent influx of blog posts about building a BSD mail server for some reason In this fancy series of posts, the author sets up OpenSMTPD in its native OpenBSD home, whereas previous posts have been aimed at FreeBSD and Linux In addition to the usual steps, this one also covers DKIMproxy, ClamAV for scanning attachments, Dovecot for IMAP and also multiple choices of spam filtering: spamd or SpamAssassin It also shows you how to set up Roundcube for building a web interface, using the new in-base httpd That means this is more of a "complete solution" - right down to what the end users see The series is split up into categories so it's very easy to follow along step-by-step *** How DragonFlyBSD uses git (http://lists.dragonflybsd.org/pipermail/users/2015-January/207421.html) DragonFlyBSD, along with PCBSD and EdgeBSD, uses git as its version control system for the system source code In a series (http://lists.dragonflybsd.org/pipermail/users/2015-January/207422.html) of posts (http://lists.dragonflybsd.org/pipermail/users/2015-January/207424.html), Matthew Dillon (the project lead) details their internal setup They're using vanilla git over ssh, with the developers' accounts set to git-only (no shell access) The maintainers of the server are the only ones with shell access available He also details how a cron job syncs from the master to a public box that anyone can check out code from It would be interesting to hear about how other BSD projects manage their master source repository *** Why not try PCBSD? (http://www.itwire.com/business-it-news/open-source/66900-fed-up-with-systemd-and-linux?-why-not-try-pc-bsd) ITwire, another more mainstream tech site, published a recent article about switching to PCBSD They interview a guy named Kris that we've never heard of before In the article, they touch on how easy it can potentially be for Linux users looking to switch over to the BSD side - lots of applications are exactly the same "With the growing adoption of systemd, dissatisfaction with Linux has reached proportions not seen in recent years, to the extent that people have started talking of switching to FreeBSD." If you have some friends who complain to you about systemd all the time, this might be a good article to show them *** Interview - Henning Brauer - henning@openbsd.org (mailto:henning@openbsd.org) / @henningbrauer (https://twitter.com/henningbrauer) OpenNTPD (http://openntpd.org/) and its portable variant News Roundup Authenticated time in OpenNTPD (https://www.marc.info/?l=openbsd-tech&m=142356166731390&w=2) We recorded that interview with Henning just a few days ago, and it looks like part of it may be outdated already While at the hackathon, some developers came up with an alternate way (https://www.marc.info/?l=openbsd-cvs&m=142355043928397&w=2) to get authenticated NTP responses You can now add an HTTPS URL to your ntpd.conf in addition to the time server pool OpenNTPD will query it (over TLS, with CA verification) and look at the date sent in the HTTPS header It's not intended to be a direct time source, just a constraint to keep things within reason If you receive regular NTP packets that are way off from the TLS packet, those will be discarded and the server(s) marked as invalid Henning (https://www.marc.info/?l=openbsd-tech&m=142363215730069&w=2) and Theo (https://www.marc.info/?l=openbsd-tech&m=142363400330522&w=2) also weigh in to give some of the backstory on the idea Lots more detail can be found in Reyk's email explaining the new feature (and it's optional of course) *** NetBSD at Open Source Conference 2015 Oita and Hamanako (https://mail-index.netbsd.org/netbsd-advocacy/2015/02/08/msg000678.html) It's been a while since we've featured one of these trip reports, but the Japanese NetBSD users group is still doing them This time the conferences were in Oita and Hamanako (https://mail-index.netbsd.org/netbsd-advocacy/2015/02/11/msg000679.html), Japan Machines running NetBSD included the CubieBoard2 Allwinner A20, Raspberry Pi and Banana Pi, Sharp NetWalker and a couple Zaurus devices As always, they took lots of pictures from the event of NetBSD on all these weird machines *** Poudriere in a jail (http://www.tobeannounced.org/2015/02/poudriere-in-a-jail/) A common question we get about our poudriere tutorial (http://www.bsdnow.tv/tutorials/poudriere) is "how do I run it in a jail?" - this blog post is about exactly that It takes you through the networking setup, zpool setup, nginx setup, making the jail and finally poking the right holes in the jail to allow poudriere to work its magic *** Bruteblock, another way to stop bruteforce (http://easyos.net/articles/bsd/freebsd/bruteblock_protection_against_bruteforce_attacks_in_ssh) We've mentioned a few different ways to stop ssh bruteforce attempts in the past: fail2ban, denyhosts, or even just with pf's built-in rate limiting Bruteblock is a similar tool, but it's not just for ssh logins - it can do a number of other services It can also work directly with IPFW, which is a plus if you're using that as your firewall Add a few lines to your syslog.conf and bruteblock will get executed automatically The rest of the article takes you through the different settings you can configure for blocking *** New iwm(4) driver and cross-polination (https://www.marc.info/?l=openbsd-cvs&m=142325218626853&w=2) The OpenBSD guys recently imported a new "iwm" driver for newer Intel 7260 wireless cards (commonly found in Thinkpads) NetBSD wasted no time in porting it over (https://mail-index.netbsd.org/source-changes/2015/02/07/msg062979.html), giving a bit of interesting backstory According to Antti Kantee (http://www.bsdnow.tv/episodes/2013_10_23-a_brief_intorduction), "it was created for OpenBSD by writing and porting a NetBSD driver which was developed in a rump kernel in Linux userspace" Both projects would appreciate further testing if you have the hardware and can provide useful bug reports Maybe FreeBSD and DragonFly will port it over too, or come up with something that's partially based on the code *** PCBSD current images (http://blog.pcbsd.org/2015/02/pc-bsd-11-0-current-images-now-available/) The first PCBSD -CURRENT images should be available this weekend This image will be tagged 11.0-CURRENTFEB2015, with planned monthly updates For the more adventurous this will allow testing both FreeBSD and PCBSD bleeding edge *** Feedback/Questions Antonio writes in (http://slexy.org/view/s2E4NbJwzs) Richard writes in (http://slexy.org/view/s2FkxcSYKy) Charlie writes in (http://slexy.org/view/s217EgA1JC) Ben writes in (http://slexy.org/view/s21vlCbGDt) *** Mailing List Gold A systematic effort (https://lists.gnu.org/archive/html/emacs-devel/2015-02/msg00360.html) GCC's lunch (https://lists.gnu.org/archive/html/emacs-devel/2015-02/msg00457.html) Hopes and dreams (https://marc.info/?l=openbsd-cvs&m=142331891908776&w=2) *** Discussion Comparison of ways to securely tunnel your traffic OpenVPN (https://openvpn.net/index.php/open-source.html), OpenBSD IKED (http://www.openiked.org/), FreeBSD IPSEC (https://www.freebsd.org/doc/handbook/ipsec.html), OpenSSH (http://www.openssh.com/), Tor (https://www.torproject.org/) ***

This week, Dave and Gunnar talk about Le PRISM, Slashdot Gunnarbait, OpenStack Security Guide, the Indie Web, a petabyte of tax data, and an interview with the creator of CommaFeed. Subscribe via RSS or iTunes. Welcome to Texas, Gunnar. Le PRISM: France Has A PRISM-Like Program With Millions Of Trillions Of Metadata Elements PRISM & Big Data: Big Data and Analytics: The Hero or the Villain? PRISM Break: EFF’s list of free, open, secure alternatives to proprietary software Gunnarbait: NSA Backdoors In Open Source and Open Standards: What Are the Odds? The OpenStack Security Guide is up! When almost every networking vendor works togeter on the OpenDaylight project, they have to tell the DOJ Why Automakers Should Stop the Infotainment Arms Race LibreOffice Accelerates Open Source Spreadsheets, Thanks to AMD El Reg encounters mObi: R2-D2 for retailers Microsoft to shut down TechNet subscription service Red Hat Developer Tools & Services are available Red Hat is Developer Wonderland Young Coders at PyOhio 2013 Akron LUG August 1: Teaching your kids to code with Scratch on Raspberry Pi by Lauren Egts Intuit runs RH Storage, could his 1PB this year Linux Journal white paper: Using an Open Source Framework to Catch the Bad Guy by Red Hat superstar Mark St. Laurent The Alamo Drafthouse Ticketbot An Open Source Project We Like: CommaFeed from Jérémie Panzer PC Magazine 4 out of 5 star review! Eric Mill’s definitive guide to owning your online identity Why you should look at IndieWebCamp PermitRootLogin forced-commands-only is basically magic Term of the week: The Purdie Shuffle Made famous by Bernard “Pretty” Purdie Dave wants to learn whatever he’s teaching: Led Zeppelin’s “Fool in the Rain” from the 1979 album In Through the Out Door John Bonham’s isolated drum track and awesome article discussing other Purdie Shuffle variations by Steely Dan and Death Cab for Cutie Toto’s “Rosanna” from the 1982 album Toto IV Toto drummer Jeff Porcaro (RIP) on the Rosanna shuffle Bonus link: Mother of All Funk Chords featuring Bernard “Pretty” Purdie and a dude with a mullet playing the theremin at 2:43 Cutting Room Floor A Citizen’s Guide to Open Government, E-Government, and Government 2.0 Avira says farewell to Linux German antivirus company Avira is discontinuing its Linux products in order to focus more on developing its Mac OS X and Windows lines. The company says small businesses and consumer systems “almost exclusively rely upon Windows or Mac operating systems” and that “Linux installations have been declining steadily for years.” Sign that the Linux desktop is declining, or that the Linux desktop doesn’t need commercial antivirus since it has AIDE, Tripwire, and ClamAV? Pi-Rex – Bark Activated Door Opening System with Raspberry Pi New Breed of Banking Malware Hijacks Text Messages Tricks people to install a 3rd party app on their phones to intercept SMS messages and forward them LinkedIn, Twitter, and banks use SMS for 2 factor authentication SMS transmission alternatives which may aid in two factor authentication A Standard for the Transmission of IP Datagrams on Avian Carriers 256 milligram MTU! Lauren asked Dave if it mattered if you used an African or European swallow IP over Avian Carriers with Quality of Service Adaptation of RFC 1149 for IPv6 Doubling down on Markdown for science Prior art: Superman intvented 3D printing in 1964 A New Way to Heal Broken Bones: 3D-Printed Casts MindMup: Open source browser based mind mapping Where the Egts family went on vacation two years ago: The National Museum of Computing History (TNMOC) in Bletchley Park We Give Thanks The authors of the OpenStack Security Guide Jérémie Panzer for all his work on CommaFeed and taking the time to let us interview him Jason Hibbets for the Citizen’s Guide tip Adam Clater for the IP over Avian Carrier tips

ole Day, IE7, Firefox 2.0, openSUSE, Visa, Mastercard, AllofMP3, Music for Masses, Sun's Project Blackbox, scrybe, Ethereal, Smoothwall, ClamAV, oXygen XML editor, Firefox Web Developer Extension, iShowU, CamStudio, TCPView, Wireshark, Snapz Pro, Pinpoint

ole Day, IE7, Firefox 2.0, openSUSE, Visa, Mastercard, AllofMP3, Music for Masses, Sun's Project Blackbox, scrybe, Ethereal, Smoothwall, ClamAV, oXygen XML editor, Firefox Web Developer Extension, iShowU, CamStudio, TCPView, Wireshark, Snapz Pro, Pinpoint