POPULARITY
4 episodes with Haswell
7 episodes with Haswell
3 episodes with Haswell
5 episodes with Haswell
2 episodes with Haswell
2 episodes with Haswell
4 episodes with Haswell
3 episodes with Haswell
3 episodes with Haswell
Chris Haswell interviews Fern Sakamoto and Ana Sofia Hofmeyr haswell247@gmail.com, lostincitations@gmail.com
Wild Deer ended up in Haswell & damaged Sam's home(we chat to him), Ducks on Lana's lawn "fighting", Paul's Uber mishap, Kylie Minogue update & loads more here!
Christi Haswell "apologized" during the Sheridan County Commissioner's meeting on Tuesday. Let's say it wasn't actually an apology. The WEA lobbyist is actually a satanist. Totally not kidding. Sen. Hicks, Steinmetz and Boner announce they are running for Senate leadership.
Chris speaks with Dr. Paul Elliot from Homerton College, Cambridge University. haswell247@gmail.com, pe206@cam.ac.uk, lostincitations@gmail.com,
Modern Woodworkers Association Podcast - Conversations Among Woodworkers
Hague Haswell and Vic Tesolin return to answer the 5 Questions. Based on their answers, you can tell that these guys have spent way too much time together. Is it a very fun and insightful episode. Check it out!Hague Haswellmelbournetool.com@melbournetoolcompany on InstagramMelbourne Tool Company on YouTubeVic Tesolinvictesolinwoodworks.com@vic_tesolin_woodworks on InstagramVic Tesolin Woodworks on YouTubeTexas Woodworking Festival - Tickets on SaleMWA Podcast - Patreon Page@mwa_podcast on InstagramHosts' Contact Info:Kyle Barton@barton.kyle & @bbcustomtools on Instagrambbcustomtools.comOn Youtube under BB Custom Tools & Kyle BartonSean Wisniewski@Seanw78 on most social mediaMark Hicksjointeffort.netJointeffort.net/mwa@markbuildsit on InstagramOn Youtube under Plate 11 / Joint EffortBrian Obst@obstwoodworks on Instagram
On this week's episode of the ShopNotes Podcast, Phil and Logan host special guests Vic Tesolin and Hague Haswell to talk about Melbourne Tool Company. You can find out more about them at https://melbournetool.com/ Subscribe to Woodsmith to receive tips, plans, projects, and techniques both in print, and in video. It's all at www.woodsmith.com. Follow us at https://www.facebook.com/woodsmithmagazine/ https://www.woodsmith.com
In this episode, I am joined by Dr. Amy Davis from University of Hull and Helen Haswell from Queens University, Belfast to discuss a special issue of 'Alphaville' they co-edited on Disney at 100 years. We discuss their fandoms, their research areas, and preview the eight articles in the special issue. This was a very fun visit and video of it is available at https://youtu.be/tzrFUoa6CBQ?si=VLJ6ekUK6bbia40K. The special issue can be accessed at https://www.alphavillejournal.com/Issue27.html. You can reach Dr. Amy Davis at a.davis@hull.ac.uk and Dr. Helen Haswell at h.haswell@qub.ac.uk. Thank you and I hope you enjoy! Being a Fan of Disney: The Book is available on Amazon in Kindle, Paperback, Hardback, and Audible versions at https://a.co/d/j03Qev3. This has been a passion project of mine for a long time and I am very happy that it is now available for others to read! I hope you enjoy and please engage with the book and activities on www.SharedPerspectives.org. I also want to announce a new project I am working on 'The Perspectives Files' that is available by episodes on Kindle Vella. This is a way for me to write about the importance of people's perspectives and the research that I do in a fun and entertaining way. Please visit Kindle Vella to read this young adult novel as it is being produced and let me know your thoughts on the story. You may also recognize some of the characters in the book from Being a Fan of Disney: The Podcast! You can follow along the class, podcast, Take 1 episodes, and interviews/visits by subscribing to the show wherever you get your podcasts, following me on Instagram and Threads @cody.havard, by joining the Facebook public group @BeingaFanofDisney, and by visiting www.SharedPerspectives.org. Thank you, and… Please come along with us on our adventure!
Brought to you by Diesel David and Main Street Warriors Atlanta natives, Kip and Terri Haswell opened the doors of Seniors Helping Seniors Northwest Atlanta on June 1, 2023. They hire an often-overlooked workforce of active adults, who are looking for meaningful work while also supplementing their income, to come alongside and care for their less active senior counterparts. They serve Cobb, […] The post Terri Haswell with Seniors Helping Seniors and Robin Reid with Alzheimer’s Association Georgia Chapter appeared first on Business RadioX ®.
Chris interviews Matthew Baldock, Director of Charles David Casson Estates and business YouTuber. Contacts: haswell247@gmail.com, LostInCitations@gmail.com
Jonathan and Chris preview the new hit show that will occasionally pop up on this feed! Check it out!
Governor Mark Gordon was censured by the Wyoming Republican Party over the weekend. Of course, the Cow Pie didn't get anything right about it, and they broadcast it on their video news update. Also, a witness to the Christie Antoinette Haswell DUI has come forward. The witness agreed to speak to me on the program.
Pool Sceners. As we look to the Sun for this "Once In A Century" Event, we head to Camp Hope for redemption. Just like Cody Rhodes, the kids finish their story as they triumph over "The Head of The Camp" Tony Perkis. The Mobile Bar returns and the Teremana flows...you know what that means.. Enjoy the Eclipse and this Episode 4 Months in the Making! SPREAD THE WORD POOL SCENERS! JOIN THE POOL SCENERS GROUP ON FACEBOOK FOR EXCLUSIVE AND INCLUSIVE CONTENT! LIKE. COMMENT. SUBSCRIBE. RATE AND FOLLOW... APPLE. SPOTIFY. PODBEAN. PODBAY and EVERYWHERE PODCASTS ARE FOUND! LEAVE A 5 STAR REVIEW. WE READ IT ON THE AIR. YOU WIN A PRIZE!!! HAVE AN IDEA FOR AN EPISODE OR A POOL CHECK...SEND US AN EMAIL OR MESSAGE US AT ONE OF THE LINKS BELOW. CONTRIBUTE TO THE SHOW ON LINKTREE!! WE GREATLY APPRECIATE IT!! Linktree: https://www.linktr.ee/poolscenepodcast Email: PoolScenePodcast@gmail.com Facebook: https://www.facebook.com/PoolScenePodacst Instagram: https://www.instagram.com/PoolScenePodcast Discord: poolscenepodcast Threads: https://www.threads.com/poolscenepodcast TikTok: https://www.tiktok.com/thepoolscenepodcast Twitch: https://twitch.tv/poolscenepodcast YouTube: https://www.youtube.com/PoolScenePodcast
Going to therapy usually evokes laying on a couch and talking endlessly about your childhood. But what if all the stress and healing are located in your body and could be felt and accessed through your inner monologue. That's the approach of Internal Family Systems (“IFS”) which helps you tap into your various “parts,” like your Inner Critic, Perfectionist or Lone Ranger to better understand yourself. [Episode 42] Derek Haswell is an entrepreneur, father of 3, executive coach and IFS practitioner. Learn more about Derek: • Derek's Website • Derek's X/Twitter References from the show: • No Bad Parts by Richard C. Schwartz • Meditation for Fidgety Skeptics by Dan Harris —- JOIN OUR GROUP COACHING COHORTS: Are you looking to ask deep, introspective and provocative questions about your own life (with Khe and likeminded peers) Apply today —- BECOME A RADREADER:
Learn more at TheCityLife.org --- Send in a voice message: https://podcasters.spotify.com/pod/show/citylifeorg/message Support this podcast: https://podcasters.spotify.com/pod/show/citylifeorg/support
2023-12-10 Unafraid Of Storms (Greg Haswell) by CHOOSE LIFE Church
Sponsored by Woodstock Neighbors Magazine Atlanta natives, Kip and Terri Haswell opened the doors of Seniors Helping Seniors Northwest Atlanta on June 1, 2023. They hire an often-overlooked workforce of active adults, who are looking for meaningful work while also supplementing their income, to come alongside and care for their less active senior counterparts. They […] The post Terri Haswell with Seniors Helping Seniors and Bill Neglia with Neglia Insurance Group appeared first on Business RadioX ®.
I stumbled across Emily Haswell on TikTok, and I knew immediately that we would be friends. Listen to hear Emily's TikTok about wearing the “circus tent with pockets” that led her to say (as a 33-year-old plus-sized woman), “I will NOT be influenced again by what the skinny-girl influencers say we MUST have!” She has started a de-influencing movement that I'm totally here for. Join us to laugh and learn more! Show Highlights: ● How Emily got more followers when she started her honest, de-influencing movement ● Why KC hashired Emily as creative director for the Struggle Care podcast ● Why KC and Emily decided to cancel on having the well-known, Emmy-nominated Netflix stars, The Minimalists ● How we critique The Minimalists' philosophy because it spreads shame and doesn't hold the value we are looking for (and who really does the dishes in their house anyway?) ● How we have reacted to influencers with harmful messaging on health, hoarding, domestic tasks, etc. Resources and Links: Connect with Emily Haswell: TikTok and Instagram Connect with KC: Website, TikTok, Instagram, and Facebook Get KC's book, How to Keep House While Drowning We love the sponsors that make this show possible! You can always find all the special deals and codes for all our current sponsors on our website: www.strugglecare.com/promo-codes
Greg Haswell is the Pastor of Northlands church, and he joins the show to talk about strengthening your Spirit and gives some practical tips to learn to hear from and respond to the Holy Spirit. Learn more about Greg: https://northlandschurch.com/lead-pastors Partner with Be Still: https://www.bestillministries.net/give Get 20% discount on Father's House Study with code: FH20 Get the Father's House Study: https://www.fathershousestudy.com/ Get the Free Spiritual Warfare Course: https://bestillministries.teachable.com/p/spiritual-warfare-workshop Follow Be Still Ministries on Instagram: @bestillministries
Click the link to support the show! Thanks!https://linktr.ee/brianeverettmillerEpisode 71 of The Ambient Vault podcast features special guest Slow Blink. Slow Blink is Amanda Haswell's dark ambient project. The songs are built around tape loops that primarily feature effect-weathered guitar, piano, and synth. Many have described the sound as being one of nostalgia for memories that sometimes are difficult to pinpoint. Haswell's latest EP, Imbolc, was self- released digitally February 23. Slow Blink has also found a home in the catalogs of Hard Return, Hare's Breath Records, Bummer Recordings, and Invisible Animals Records. A new split release with Minnesota noise musician, Stomachache, is planned for later this year as well as a solo release under Marthasville Fine Audio Recordings.For this week's episode of The Ambient Vault, Amanda has been kind enough to share a studio recording of a live set performed at Memphis Concrete entitled “Bedform”.Many thanks to Amanda for sharing her Slow Blink project, and as always thanks for listening! You can learn more about all things Slow Blink using the link below.Slow Blink: https://linktr.ee/Sloow_blink?utm_source=linktree_profile_share<sid=da9f5652-3d8e-41d2-978b-ded13f2d4fe6Memphis Concrete:https://memphisconcretemusic.com/
Will Haswell is one of the original cast members of Back to the Future The Musical. He's currently appearing at the Adelphi Theatre in London's West End where he's played Dave McFly, Sam Baines, Slick, Asbestos Guy(!) and Alternate Marty. Will was involved in some of the early workshops for Back to the Future The Musical before joining both the Original Manchester Cast and Original West End Cast. While chatting with us, he shared loads of brilliant stories about how he got interested in musical theatre, what it was like to be in the workshops, understudying the role of Marty McFly, the opening night in Manchester, the challenges of playing several ensemble roles with so many costume changes… and he answers a LOT of questions from our Back to the Future The Musical Fans Facebook group members! WARNING: Contains minor spoilers about Back to the Future The Musical. Recorded: 16th June 2023
2023-05-21 Life Giving Speech (Greg Haswell) by CHOOSE LIFE Church
Last week, JD Walt gave us an inside look at the Asbury Revival. Michelle Haswell joins the show this week to talk about the revival that is happening in the next generation. Get 10% discount on Father's House Study with code: FH10 Get the Father's House Study: https://www.fathershousestudy.com/ Get the Free Spiritual Warfare Course: https://bestillministries.teachable.com/p/spiritual-warfare-workshop Follow Be Still Ministries on Instagram: @bestillministries Contact Us: hello@bestillministries.net
Link to bioRxiv paper: http://biorxiv.org/cgi/content/short/2022.12.12.519838v1?rss=1 Authors: Zhu, X., Kim, Y., Ravid, O., He, X., Suarez-Jimenez, B., Zilcha-Mano, S., Lazarov, A., Lee, S., Abdallah, C. G., Angstadt, M., Averill, C. L., Baird, C. L., Baugh, L. A., Blackford, J. U., Bomyea, J., Bruce, S. E., Bryant, R. A., Cao, Z., Choi, K., Cisler, J., Cotton, A. S., Daniels, J. K., Davenport, N. D., Davidson, R. J., DeBellis, M. D., Dennis, E. L., Densmore, M., deRoon-Cassini, T., Disner, S. G., El Hage, W., Etkin, A., Fani, N., Fercho, K. A., Fitzgerald, J., Forster, G. L., Frijling, J. L., Geuze, E., Gonenc, A., Gordon, E. M., Gruber, S., Grupe, D. W., Guenette, J. P., Haswell, C. C Abstract: Background: Current clinical assessments of Posttraumatic stress disorder (PTSD) rely solely on subjective symptoms and experiences reported by the patient, rather than objective biomarkers of the illness. Recent advances in data-driven computational approaches have been helpful in devising tools to objectively diagnose psychiatric disorders. Here we aimed to classify individuals with PTSD versus controls using heterogeneous brain datasets from the ENIGMA-PGC PTSD Working group. Methods: We analyzed brain MRI data from 3,527 structural-MRI; 2,502 resting state-fMRI; and 1,953 diffusion-MRI. First, we identified the brain features that best distinguish individuals with PTSD from controls (TEHC and HC) using traditional machine learning methods. Second, we assessed the utility of the denoising variational autoencoder (DVAE) and evaluated its classification performance. Third, we assessed the generalizability and reproducibility of both models using leave-one-site-out cross-validation procedure for each modality. Results: We found lower performance in classifying PTSD vs. controls with data from over 20 sites (60% test AUC for s-MRI, 59% for rs-fMRI and 56% for d-MRI), as compared to other studies run on single-site data. The performance increased when classifying PTSD from HC without trauma history across all three modalities (75% AUC). The classification performance remained intact when applying the DVAE framework, which reduced the number of features. Finally, we found that the DVAE framework achieved better generalization to unseen datasets compared with the traditional machine learning frameworks, albeit performance was slightly above chance. Conclusion: Our findings highlight the promise offered by machine learning methods for the diagnosis of patients with PTSD. The utility of brain biomarkers across three MRI modalities and the contribution of DVAE models for improving generalizability offers new insights into neural mechanisms involved in PTSD. Copy rights belong to original authors. Visit the link for more info Podcast created by Paper Player, LLC
Welcome to the FCA Project Podcast. Join us as we bring The Vertical Series to the podcast! In this episode we get to sit down with Kacky and hear the wisdom she has to share about finding a local church, spiritual authority, and learning how to trust the Lord continuously. She shares her experiences about how to find true biblical community and how to speak truth in and serve with sacrificial love. We hope you enjoy!
Link to bioRxiv paper: http://biorxiv.org/cgi/content/short/2022.10.13.512111v1?rss=1 Authors: Huggins, A. A., Baird, C. L., Briggs, M., Laskowitz, S., Fouda, S., Haswell, C. C., Sun, D., Salminen, L. E., Jahanshad, N., Thomopoulos, S. I., Veltman, D. J., Frijling, J. L., Olff, M., van Zuiden, M., Koch, S. B. J., Nawijn, L., Wang, L., Zhu, Y., Li, G., Stein, D. J., Ipser, J., Seedat, S., du Plessis, S., van den Heuvel, L. L., Suarez-Jimenez, B., Zhu, X., Kim, Y., He, X., Zilcha-Mano, S., Lazarov, A., Neria, Y., Stevens, J. S., Ressler, K. J., Jovanovic, T., van Rooij, S. J. H., Fani, N., Hudson, A. R., Mueller, S. C., Sierk, A., Manthey, A., Walter, H., Daniels, J. K., Schmahl, C., Herz Abstract: Background: The cerebellum critically contributes to higher-order cognitive and emotional functions such fear learning and memory. Prior research on cerebellar volume in PTSD is scant and has neglected neuroanatomical subdivisions of the cerebellum that differentially map on to motor, cognitive, and affective functions. Methods: We quantified cerebellar lobule volumes using structural magnetic resonance imaging in 4,215 adults (PTSD n= 1640; Control n=2575) across 40 sites from the from the ENIGMA-PGC PTSD working group. Using a new state-of-the-art deep-learning based approach for automatic cerebellar parcellation, we obtained volumetric estimates for the total cerebellum and 28 subregions. Linear mixed effects models controlling for age, gender, intracranial volume, and site were used to compare cerebellum total and subregional volume in PTSD compared to healthy controls. The Benjamini-Hochberg procedure was used to control the false discovery rate (p-FDR less than 0.05). Results: PTSD was associated with significant grey and white matter reductions of the cerebellum. Compared to controls, people with PTSD demonstrated smaller total cerebellum volume. In addition, people with PTSD showed reduced volume in subregions primarily within the posterior lobe (lobule VIIB, crus II), but also the vermis (VI, VIII), flocculonodular lobe (lobule X), and cerebellar white matter (all p-FDR less than 0.05). Effects of PTSD on volume were consistent, and generally more robust, when examining symptom severity rather than diagnostic status. Conclusions: These findings implicate regionally specific cerebellar volumetric differences in the pathophysiology of PTSD. The cerebellum appears to play an important role in high-order cognitive and emotional processes, far beyond its historical association with vestibulomotor function. Further examination of the cerebellum in trauma-related psychopathology will help to clarify how cerebellar structure and function may disrupt cognitive and affective processes at the center of translational models for PTSD. Copy rights belong to original authors. Visit the link for more info Podcast created by Paper Player, LLC
Contributing interviewer Lisa M. Hunsberger (Citation 60, Citation 82) interviews Dr. Chris Haswell, Associate Professor at Kyushu University. Read the blog post here. Lisa's website: YaadPikni.com To learn more about being a contributing interviewer, please read here. Contacts: haswell247@gmail.com, LostInCitations@gmail.com
In this episode Bobby and Steffan are joined straight out of the 80's (or is it 50's?) by Will Haswell who is currently alternate Marty McFly in Back To The Future in the West End. The trio discuss Will's sporting and dance background, before asking him how he takes care of himself now in order to function at the highest level, playing one of the most energetic roles in music theatre.
Lindsey Haswell was determined to be either a broadcast journalist or a lawyer. Because it's at the epicenter of policy and economics, she chose law. She started out as a litigator at Gibson, Dunn & Crutcher before making the leap to a small (at the time) startup called Uber. She viewed it as an investment in her future, an opportunity to learn how to build and run a business and how legal furthers the mission of the business. She passes these lessons along to her team in her current role as Chief Administrative Officer and Chief Legal Officer at Blockchain.com, where they are shaping the future of financial services on the internet. We discuss: Taking the risk of joining Uber The mindset shift required for going in-house Shaping predictable regulatory frameworks in crypto Bringing more women and non-binaries into crypto with MyBFF More information about Lindsey Haswell and today's topics: LinkedIn Profile: linkedin.com/in/lindsey-haswell-5190378 Company Website: blockchain.com MyBFF on Twitter: twitter.com/MyBFF MyBFF on Discord: discord.com/invite/mybff The Hard Thing About Hard Things by Ben Horowitz: https://a16z.com/book/the-hard-thing-about-hard-things/ Hear more stories by following Innovative Legal Leadership on Apple Podcasts, Spotify, or any podcast platform. Listening on a desktop & can't see the links? Just search for Innovative Legal Leadership in your favorite podcast player.
Lindsey Haswell was determined to be either a broadcast journalist or a lawyer. Because it's at the epicenter of policy and economics, she chose law. She started out as a litigator at Gibson, Dunn & Crutcher before making the leap to a small (at the time) startup called Uber. She viewed it as an investment in her future, an opportunity to learn how to build and run a business and how legal furthers the mission of the business. She passes these lessons along to her team in her current role as Chief Administrative Officer and Chief Legal Officer at Blockchain.com, where they are shaping the future of financial services on the internet. We discuss: Taking the risk of joining Uber The mindset shift required for going in-house Shaping predictable regulatory frameworks in crypto Bringing more women and non-binaries into crypto with MyBFF More information about Lindsey Haswell and today's topics: LinkedIn Profile: linkedin.com/in/lindsey-haswell-5190378 Company Website: blockchain.com MyBFF on Twitter: twitter.com/MyBFF MyBFF on Discord: discord.com/invite/mybff The Hard Thing About Hard Things by Ben Horowitz: https://a16z.com/book/the-hard-thing-about-hard-things/ Hear more stories by following Innovative Legal Leadership on Apple Podcasts, Spotify, or any podcast platform. Listening on a desktop & can't see the links? Just search for Innovative Legal Leadership in your favorite podcast player.
We are joined by our dear friends, Greg and Michelle Haswell of Haswell Ministries. Greg and Michelle are senior leaders of Northlands Church in Atlanta Georgia, where they minister into local churches, key ministries, and global movements, bringing clarity and stability to leadership teams. In this episode they talk all about the spiritual gifts; what they are, how to understand them, and how to discover your own. Learn More About Haswell Ministries: https://www.haswellministries.com/ Contact Us: hello@bestillministries.net Get the Father's House Study: https://www.fathershousestudy.com/ Follow Be Still Ministries on Instagram: @bestillministries Visit our Website: https://www.bestillministries.net/
2022-04-03 Jesus In The Storm (Greg Haswell) by CHOOSE LIFE Church
It's time for the world and the church to fully realize the goodness of God. “Jesus changes EVERYTHING. When you preach the good news of Jesus Christ people run to Jesus! Their devotion to Jesus explodes. They cling to Jesus; they put away sin! They say – He's so beautiful. I love this God!” Tune… The post Ep. 123 – Good News Gospel Feat. Greg Haswell appeared first on Global Mission Awareness.
Having promised herself that she wouldn't be returning to the male dominated industry of finance, Carole found herself sat at a Tax conference, training to be a financial planner, once again surrounded by men. After hearing the age old stereotype of the woman wanting to spend the money on a kitchen and the man wanting to invest it, Carole questioned her part in the financial industry. But rather than be defeated by the gender stereotypes, she decide to work to defeat them. Carole figured that while she can't force women to have an interest in investing, she could get them talking about money. So, she set up some workshops with women to help them voice their concerns, and learn about investing and planning for their future. In our conversation, Carole chats with me about some of the patterns she has noticed since becoming a financial adviser. She gives us some advice on what women can be doing to start getting an understanding of investing, and her wishes for the women in finance in the future.
our guest for episode 12 is amina haswell! amina is a winnipeg based broomsquire (the official term for broom-maker) and the creative director and owner of prairie breeze folk arts studio (pbfas). pbfas is an artisan driven home décor and household essentials company, specializing in quality crafted brooms, brushes and other household essentials. amina was first drawn to the art of broom-making in 2011, attending various institutions in the US for in-depth training opportunities in folk arts. since then, she has been honing her skills in the folk-art form of broom-making, sharing ideas and collaborating with broom makers across canada and the us. amina also teaches the art form/trade to others which allows her to experiment and develop new techniques. amina is inspired by colour and fibers and so broom-making seemed like a natural fit. amina spends her days binding naturally unprocessed broom corn (also known as sorghum bi-colour) grown locally on her acreage and imported from north american sources. amina binds them with natural and synthetic threads to make over 60 varieties of brooms and brushes in over 42 different colours. amina harvests many of the handles she uses in her broom making by foraging the forest for the perfect sticks in areas across manitoba and across canada when possible. you can find her online at prairebreezefolkartsstudio.com and on instagram @prairiebreezefolkarts. each season we read a new book about witchcraft practices around the world with the #snortandcacklebookclub, with a book review by ash and the occasional guest helping us close out the season. this season's #snortandcacklebookclub read is "witchcraft in early modern poland 1500-1800" by wanda wyporska. take the fibre witch quiz at ashalberg.com/quiz. follow us on instagram @snortandcackle and be sure to subscribe via your favourite podcasting app so you don't miss an episode! find transcripts for every episode at snortandcackle.com - just navigate to "podcast" in the main menu. seasons 1-3 of snort & cackle are generously supported by the manitoba arts council.
Kenny Haswell of 10th Planet speaks with MMA UKs Stoomboy about his upcoming grappling match against Gavin Macqueen of MNBJJ at SGI8 #SGI8 #MMAUK #BJJ --- Send in a voice message: https://anchor.fm/mmaukbjj/message
"I think you can strive to be the best and still do it in a loving and caring way." // Haswell "Has" Franklin Jr. '79 is a father, proud Gilman alum, financial advisor, former three-sport athlete at Johns Hopkins, and racket sport wizard. // Mac Franklin '14 is a proud Gilman alum, Dickinson graduate, and group benefits advisor. // On a very special Episode #50 of the Path to Follow Podcast, the Franklins and I discuss the Gilman/McDonogh football rivalry, Has's favorite football memories, Gilman pep rallies, impactful Gilman teachers and coaches, George Chandlee, how Gilman School has evolved over the years, playing multiple sports, chicken tenders, Gilman's commitment to excellence, lifelong bonds, playing three sports at Johns Hopkins, and Mac and Has's book recommendations: "The Greatest Gambling Story Ever Told" (2020) by Mark Paul and "Hug Your Customers" (2003) by Jack Mitchell. // Enjoy the episode? Please follow @pathtofollowpod on all platforms. More to come! // Many thanks to the all-powerful Cesare Ciccanti for all of his efforts on podcast production. //
On this hoops heavy episode of The Read Option, Jeff is joined by ESPN Stats & Info Researcher, Kevin Haswell, to breakdown the current state of the NBA, the Sixers outlook for the rest of the season, and where the MVP race stands without Joel Embiid (1:28). Jeff then welcomes on Scotty Miller to give a full breakdown of the first round of the NCAA Tournament (42:46), as well as their picks for the Elite Eight through the Final Four & National Championship, with a little betting talk at the end (1:30:15).
We review Meltdown and Spectre responses from various BSD projects, show you how to run CentOS with bhyve, GhostBSD 11.1 is out, and we look at the case against the fork syscall. This episode was brought to you by Headlines More Meltdown Much has been happened this week, but before we get into a status update of the various mitigations on the other BSDs, some important updates: Intel has recalled the microcode update they issued on January 8th. It turns out this update can cause Haswell and Broadwell based systems to randomly reboot, with some frequency. (https://newsroom.intel.com/news/intel-security-issue-update-addressing-reboot-issues/) AMD has confirmed that its processors are vulnerable to both variants of Spectre, and the the fix for variant #2 will require a forthcoming microcode update, in addition to OS level mitigations (https://www.amd.com/en/corporate/speculative-execution) Fujitsu has provided a status report for most of its products, including SPARC hardware (https://sp.ts.fujitsu.com/dmsp/Publications/public/Intel-Side-Channel-Analysis-Method-Security-Review-CVE2017-5715-vulnerability-Fujitsu-products.pdf) The Register of course has some commentary (https://www.theregister.co.uk/2018/01/12/intel_warns_meltdown_spectre_fixes_make_broadwells_haswells_unstable/) If new code is needed, Intel will need to get it right: the company already faces numerous class action lawsuits. Data centre operators already scrambling to conduct unplanned maintenance will not be happy about the fix reducing stability. AMD has said that operating system patches alone will address the Spectre bounds check bypass bug. Fixing Spectre's branch target injection flaw will require firmware fixes that AMD has said will start to arrive for Ryzen and EPYC CPUs this week. The Register has also asked other server vendors how they're addressing the bugs. Oracle has patched its Linux, but has told us it has “No comment/statement on this as of now” in response to our query about its x86 systems, x86 cloud, Linux and Solaris on x86. The no comment regarding Linux is odd as fixes for Oracle Linux landed here (https://linux.oracle.com/errata/ELSA-2018-4006.html) on January 9th. SPARC-using Fujitsu, meanwhile, has published advice (PDF) revealing how it will address the twin bugs in its servers and PCs, and also saying its SPARC systems are “under investigation”. Response from OpenBSD: (https://undeadly.org/cgi?action=article;sid=20180106082238) 'Meltdown, aka "Dear Intel, you suck"' (https://marc.info/?t=151521438600001&r=1&w=2) Theo de Raadt's response to Meltdown (https://www.itwire.com/security/81338-handling-of-cpu-bug-disclosure-incredibly-bad-openbsd-s-de-raadt.html) That time in 2007 when Theo talked about how Intel x86 had major design problems in their chips (https://marc.info/?l=openbsd-misc&m=118296441702631&w=2) OpenBSD gets a Microcode updater (https://marc.info/?l=openbsd-cvs&m=151570987406841&w=2) Response from Dragonfly BSD: (http://lists.dragonflybsd.org/pipermail/users/2018-January/313758.html) The longer response in four commits One (http://lists.dragonflybsd.org/pipermail/commits/2018-January/627151.html) Two (http://lists.dragonflybsd.org/pipermail/commits/2018-January/627152.html) Three (http://lists.dragonflybsd.org/pipermail/commits/2018-January/627153.html) Four (http://lists.dragonflybsd.org/pipermail/commits/2018-January/627154.html) Even more Meltdown (https://www.dragonflydigest.com/2018/01/10/20718.html) DragonflyBSD master now has full IBRS and IBPB support (http://lists.dragonflybsd.org/pipermail/users/2018-January/335643.html) IBRS (Indirect Branch Restricted Speculation): The x86 IBRS feature requires corresponding microcode support. It mitigates the variant 2 vulnerability. If IBRS is set, near returns and near indirect jumps/calls will not allow their predicted target address to be controlled by code that executed in a less privileged prediction mode before the IBRS mode was last written with a value of 1 or on another logical processor so long as all RSB entries from the previous less privileged prediction mode are overwritten. Speculation on Skylake and later requires these patches ("dynamic IBRS") be used instead of retpoline. If you are very paranoid or you run on a CPU where IBRS=1 is cheaper, you may also want to run in "IBRS always" mode. IBPB (Indirect Branch Prediction Barrier): Setting of IBPB ensures that earlier code's behavior does not control later indirect branch predictions. It is used when context switching to new untrusted address space. Unlike IBRS, IBPB is a command MSR and does not retain its state. DragonFlyBSD's Meltdown Fix Causing More Slowdowns Than Linux (https://www.phoronix.com/scan.php?page=article&item=dragonfly-bsd-meltdown&num=1) NetBSD HOTPATCH() (http://mail-index.netbsd.org/source-changes/2018/01/07/msg090945.html) NetBSD SVS (Separate Virtual Space) (http://mail-index.netbsd.org/source-changes/2018/01/07/msg090952.html) Running CentOS with Bhyve (https://www.daemon-security.com/2018/01/bhyve-centos-0110.html) With the addition of UEFI in FreeBSD (since version 11), users of bhyve can use the UEFI boot loader instead of the grub2-bhyve port for booting operating systems such as Microsoft Windows, Linux and OpenBSD. The following page provides information necessary for setting up bhyve with UEFI boot loader support: https://wiki.freebsd.org/bhyve/UEFI Features have been added to vmrun.sh to make it easier to setup the UEFI boot loader, but the following is required to install the UEFI firmware pkg: # pkg install -y uefi-edk2-bhyve With graphical support, you can use a vnc client like tigervnc, which can be installed with the following command: # pkg install -y tigervnc In the case of most corporate or government environments, the Linux of choice is RHEL, or CentOS. Utilizing bhyve, you can test and install CentOS in a bhyve VM the same way you would deploy a Linux VM in production. The first step is to download the CentOS iso (for this tutorial I used the CentOS minimal ISO): http://isoredirect.centos.org/centos/7/isos/x8664/CentOS-7-x8664-Minimal-1708.iso I normally use a ZFS Volume (zvol) when running bhyve VMs. Run the following commands to create a zvol (ensure you have enough disk space to perform these operations): # zfs create -V20G -o volmode=dev zroot/centos0 (zroot in this case is the zpool I am using) Similar to my previous post about vmrun.sh, you need certain items to be configured on FreeBSD in order to use bhyve. The following commands are necessary to get things running: ``` echo "vfs.zfs.vol.mode=2" >> /boot/loader.conf kldload vmm ifconfig tap0 create sysctl net.link.tap.uponopen=1 net.link.tap.uponopen: 0 -> 1 ifconfig bridge0 create ifconfig bridge0 addm em0 addm tap0 ifconfig bridge0 up ``` (replace em0 with whatever your physical interface is). There are a number of utilities that can be used to manage bhyve VMs, and I am sure there is a way to use vmrun.sh to run Linux VMs, but since all of the HowTos for running Linux use the bhyve command line, the following script is what I use for running CentOS with bhyve. ``` !/bin/sh General bhyve install/run script for CentOS Based on scripts from pr1ntf and lattera HOST="127.0.0.1" PORT="5901" ISO="/tmp/centos.iso" VMNAME="centos" ZVOL="centos0" SERIAL="nmda0A" TAP="tap1" CPU="1" RAM="1024M" HEIGHT="800" WIDTH="600" if [ "$1" == "install" ]; then Kill it before starting it bhyvectl --destroy --vm=$VMNAME bhyve -c $CPU -m $RAM -H -P -A -s 0,hostbridge -s 2,virtio-net,$TAP -s 3,ahci-cd,$ISO -s 4,virtio-blk,/dev/zvol/zroot/$ZVOL -s 29,fbuf,tcp=$HOST:$PORT,w=$WIDTH,h=$HEIGHT -s 30,xhci,tablet -s 31,lpc -l com1,/dev/$SERIAL -l bootrom,/usr/local/share/uefi-firmware/BHYVE_UEFI.fd $VMNAME kill it after bhyvectl --destroy --vm=$VMNAME elif [ "$1" == "run" ]; then Kill it before starting it bhyvectl --destroy --vm=centos bhyve -c $CPU -m $RAM -w -H -s 0,hostbridge -s 2,virtio-net,$TAP -s 4,virtio-blk,/dev/zvol/zroot/$ZVOL -s 29,fbuf,tcp=$HOST:$PORT,w=$WIDTH,h=$HEIGHT -s 30,xhci,tablet -s 31,lpc -l com1,/dev/$SERIAL -l bootrom,/usr/local/share/uefi-firmware/BHYVE_UEFI.fd $VMNAME & else echo "Please type install or run"; fi ``` The variables at the top of the script can be adjusted to fit your own needs. With the addition of the graphics output protocol in UEFI (or UEFI-GOP), a VNC console is launched and hosted with the HOST and PORT setting. There is a password option available for the VNC service, but the connection should be treated as insecure. It is advised to only listen on localhost with the VNC console and tunnel into the host of the bhyve VM. Now with the ISO copied to /tmp/centos.iso, and the script saved as centos.sh you can run the following command to start the install: # ./centos.sh install At this point, using vncviewer (on the local machine, or over an SSH tunnel), you should be able to bring up the console and run the CentOS installer as normal. The absolutely most critical item is to resolve an issue with the booting of UEFI after the installation has completed. Because of the path used in bhyve, you need to run the following to be able to boot CentOS after the installation: # cp -f /mnt/sysimage/boot/efi/EFI/centos/grubx64.efi /mnt/sysimage/boot/efi/EFI/BOOT With this setting changed, the same script can be used to launch your CentOS VM as needed: # ./centos.sh run If you are interested in a better solution for managing your Linux VM, take a look at the various bhyve management ports in the FreeBSD ports tree. Interview - newnix architect - @newnix (https://bsd.network/@newnix) News Roundup GhostBSD 11.1 - FreeBSD for the desktop (https://distrowatch.com/weekly.php?issue=20180108#ghostbsd) GhostBSD is a desktop oriented operating system which is based on FreeBSD. The project takes the FreeBSD operating system and adds a desktop environment, some popular applications, a graphical package manager and Linux binary compatibility. GhostBSD is available in two flavours, MATE and Xfce, and is currently available for 64-bit x86 computers exclusively. I downloaded the MATE edition which is available as a 2.3GB ISO file. Installing GhostBSD's system installer is a graphical application which begins by asking us for our preferred language, which we can select from a list. We can then select our keyboard's layout and our time zone. When it comes to partitioning we have three main options: let GhostBSD take over the entire disk using UFS as the file system, create a custom UFS layout or take over the entire disk using ZFS as the file system. UFS is a classic file system and quite popular, it is more or less FreeBSD's equivalent to Linux's ext4. ZFS is a more advanced file system with snapshots, multi-disk volumes and optional deduplication of data. I decided to try the ZFS option. Once I selected ZFS I didn't have many more options to go through. I was given the chance to set the size of my swap space and choose whether to set up ZFS as a plain volume, with a mirrored disk for backup or in a RAID arrangement with multiple disks. I stayed with the plain, single disk arrangement. We are then asked to create a password for the root account and create a username and password for a regular user account. The installer lets us pick our account's shell with the default being fish, which seemed unusual. Other shells, including bash, csh, tcsh, ksh and zsh are available. The installer goes to work copying files and offers to reboot our computer when it is done. Early impressions The newly installed copy of GhostBSD boots to a graphical login screen where we can sign into the account we created during the install process. Signing into our account loads the MATE 1.18 desktop environment. I found MATE to be responsive and applications were quick to open. Early on I noticed odd window behaviour where windows would continue to slide around after I moved them with the mouse, as if the windows were skidding on ice. Turning off compositing in the MATE settings panel corrected this behaviour. I also found the desktop's default font (Montserrat Alternates) to be hard on my eyes as the font is thin and, for lack of a better term, bubbly. Fonts can be easily adjusted in the settings panel. A few minutes after I signed into my account, a notification appeared in the system tray letting me know software updates were available. Clicking the update icon brings up a small window showing us a list of package updates and, if any are available, updates to the base operating system. FreeBSD, and therefore GhostBSD, both separate the core operating system from the applications (packages) which run on the operating system. This means we can update the core of the system separately from the applications. GhostBSD's core remains relatively static and minimal while applications are updated using a semi-rolling schedule. When we are updating the core operating system, the update manager will give us the option of rebooting the system to finish the process. We can dismiss this prompt to continue working, but the wording of the prompt may be confusing. When asked if we want to reboot to continue the update process, the options presented to us are "Continue" or "Restart". The Continue option closes the update manager and returns us to the MATE desktop. The update manager worked well for me and the only issue I ran into was when I dismissed the update manager and then wanted to install updates later. There are two launchers for the update manager, one in MATE's System menu and one in the settings panel. Clicking either of these launchers didn't accomplish anything. Running the update manager from the command line simply caused the process to lock up until killed. I found if I had dismissed the update manager once, I'd have to wait until I logged in again to use it. Alternatively, I could use a command line tool or use the OctoPkg package manager to install package updates. Conclusions Most of my time with GhostBSD, I was impressed and happy with the operating system. GhostBSD builds on a solid, stable FreeBSD core. We benefit from FreeBSD's performance and its large collection of open source software packages. The MATE desktop was very responsive in my trial and the system is relatively light on memory, even when run on ZFS which has a reputation for taking up more memory than other file systems. FreeBSD Looks At Making Wayland Support Available By Default (https://www.phoronix.com/scan.php?page=news_item&px=FreeBSD-Wayland-Availability) There's an active discussion this week about making Wayland support available by default on FreeBSD. FreeBSD has working Wayland support -- well, assuming you have working Intel / Radeon graphics -- and do have Weston and some other Wayland components available via FreeBSD Ports. FreeBSD has offered working Wayland support that is "quite usable" for more than one year. But, it's not too easy to get going with Wayland on FreeBSD. Right now those FreeBSD desktop users wanting to use/develop with Wayland currently need to rebuild the GTK3 tool-kit, Mesa, and other packages with Wayland support enabled. This call for action now is about allowing the wayland=on to be made the default. This move would then allow these dependencies to be built with Wayland support by default, but for the foreseeable future FreeBSD will continue defaulting to X.Org-based sessions. The FreeBSD developers mostly acknowledge that Wayland is the future and the cost of enabling Wayland support by default is just slightly larger packages, but that weight is still leaner than the size of the X.Org code-base and its dependencies. FreeBSD vote thread (https://lists.freebsd.org/pipermail/freebsd-ports/2017-December/111906.html) TrueOS Fliped the switch already (https://github.com/trueos/trueos-core/commit/f48dba9d4e8cefc45d6f72336e7a0b5f42a2f6f1) fork is not my favorite syscall (https://sircmpwn.github.io/2018/01/02/The-case-against-fork.html) This article has been on my to-write list for a while now. In my opinion, fork is one of the most questionable design choices of Unix. I don't understand the circumstances that led to its creation, and I grieve over the legacy rationale that keeps it alive to this day. Let's set the scene. It's 1971 and you're a fly on the wall in Bell Labs, watching the first edition of Unix being designed for the PDP-11/20. This machine has a 16-bit address space with no more than 248 kilobytes of memory. They're discussing how they're going to support programs that spawn new programs, and someone has a brilliant idea. “What if we copied the entire address space of the program into a new process running from the same spot, then let them overwrite themselves with the new program?” This got a rousing laugh out of everyone present, then they moved on to a better design which would become immortalized in the most popular and influential operating system of all time. At least, that's the story I'd like to have been told. In actual fact, the laughter becomes consensus. There's an obvious problem with this approach: every time you want to execute a new program, the entire process space is copied and promptly discarded when the new program begins. Usually when I complain about fork, this the point when its supporters play the virtual memory card, pointing out that modern operating systems don't actually have to copy the whole address space. We'll get to that, but first — First Edition Unix does copy the whole process space, so this excuse wouldn't have held up at the time. By Fourth Edition Unix (the next one for which kernel sources survived), they had wisened up a bit, and started only copying segments when they faulted. This model leads to a number of problems. One is that the new process inherits all of the parent's process descriptors, so you have to close them all before you exec another process. However, unless you're manually keeping tabs on your open file descriptors, there is no way to know what file handles you must close! The hack that solves this is CLOEXEC, the first of many hacks that deal with fork's poor design choices. This file descriptors problem balloons a bit - consider for example if you want to set up a pipe. You have to establish a piped pair of file descriptors in the parent, then close every fd but the pipe in the child, then dup2 the pipe file descriptor over the (now recently closed) file descriptor 1. By this point you've probably had to do several non-trivial operations and utilize a handful of variables from the parent process space, which hopefully were on the stack so that we don't end up copying segments into the new process space anyway. These problems, however, pale in comparison to my number one complaint with the fork model. Fork is the direct cause of the stupidest component I've ever heard of in an operating system: the out-of-memory (aka OOM) killer. Say you have a process which is using half of the physical memory on your system, and wants to spawn a tiny program. Since fork “copies” the entire process, you might be inclined to think that this would make fork fail. But, on Linux and many other operating systems since, it does not fail! They agree that it's stupid to copy the entire process just to exec something else, but because fork is Important for Backwards Compatibility, they just fake it and reuse the same memory map (except read-only), then trap the faults and actually copy later. The hope is that the child will get on with it and exec before this happens. However, nothing prevents the child from doing something other than exec - it's free to use the memory space however it desires! This approach now leads to memory overcommittment - Linux has promised memory it does not have. As a result, when it really does run out of physical memory, Linux will just kill off processes until it has some memory back. Linux makes an awfully big fuss about “never breaking userspace” for a kernel that will lie about memory it doesn't have, then kill programs that try to use the back-alley memory they were given. That this nearly 50 year old crappy design choice has come to this astonishes me. Alas, I cannot rant forever without discussing the alternatives. There are better process models that have been developed since Unix! The first attempt I know of is BSD's vfork syscall, which is, in a nutshell, the same as fork but with severe limitations on what you do in the child process (i.e. nothing other than calling exec straight away). There are loads of problems with vfork. It only handles the most basic of use cases: you cannot set up a pipe, cannot set up a pty, and can't even close open file descriptors you inherited from the parent. Also, you couldn't really be sure of what variables you were and weren't editing or allowed to edit, considering the limitations of the C specification. Overall this syscall ended up being pretty useless. Another model is posixspawn, which is a hell of an interface. It's far too complicated for me to detail here, and in my opinion far too complicated to ever consider using in practice. Even if it could be understood by mortals, it's a really bad implementation of the spawn paradigm — it basically operates like fork backwards, and inherits many of the same flaws. You still have to deal with children inheriting your file descriptors, for example, only now you do it in the parent process. It's also straight-up impossible to make a genuine pipe with posixspawn. (Note: a reader corrected me - this is indeed possible via posixspawnfileactionsadddup2.) Let's talk about the good models - rfork and spawn (at least, if spawn is done right). rfork originated from plan9 and is a beautiful little coconut of a syscall, much like the rest of plan9. They also implement fork, but it's a special case of rfork. plan9 does not distinguish between processes and threads - all threads are processes and vice versa. However, new processes in plan9 are not the everything-must-go fuckfest of your typical fork call. Instead, you specify exactly what the child should get from you. You can choose to include (or not include) your memory space, file descriptors, environment, or a number of other things specific to plan9. There's a cool flag that makes it so you don't have to reap the process, too, which is nice because reaping children is another really stupid idea. It still has some problems, mainly around creating pipes without tremendous file descriptor fuckery, but it's basically as good as the fork model gets. Note: Linux offers this via the clone syscall now, but everyone just fork+execs anyway. The other model is the spawn model, which I prefer. This is the approach I took in my own kernel for KnightOS, and I think it's also used in NT (Microsoft's kernel). I don't really know much about NT, but I can tell you how it works in KnightOS. Basically, when you create a new process, it is kept in limbo until the parent consents to begin. You are given a handle with which you can configure the process - you can change its environment, load it up with file descriptors to your liking, and so on. When you're ready for it to begin, you give the go-ahead and it's off to the races. The spawn model has none of the flaws of fork. Both fork and exec can be useful at times, but spawning is much better for 90% of their use-cases. If I were to write a new kernel today, I'd probably take a leaf from plan9's book and find a happy medium between rfork and spawn, so you could use spawn to start new threads in your process space as well. To the brave OS designers of the future, ready to shrug off the weight of legacy: please reconsider fork. Enable ld.lld as bootstrap linker by default on amd64 (https://svnweb.freebsd.org/changeset/base/327783) Enable ld.lld as bootstrap linker by default on amd64 For some time we have been planning to migrate to LLVM's lld linker. Having a man page was the last blocking issue for using ld.lld to link the base system kernel + userland, now addressed by r327770. Link the kernel and userland libraries and binaries with ld.lld by default, for additional test coverage. This has been a long time in the making. On 2013-04-13 I submitted an upstream tracking issue in LLVM PR 23214: [META] Using LLD as FreeBSD's system linker. Since then 85 individual issues were identified, and submitted as dependencies. These have been addressed along with two and a half years of other lld development and improvement. I'd like to express deep gratitude to upstream lld developers Rui Ueyama, Rafael Espindola, George Rimar and Davide Italiano. They put in substantial effort in addressing the issues we found affecting FreeBSD/amd64. To revert to using ld.bfd as the bootstrap linker, in /etc/src.conf set WITHOUTLLDBOOTSTRAP=yes If you need to set this, please follow up with a PR or post to the freebsd-toolchain mailing list explaining how default WITHLLDBOOTSTRAP failed for your use case. Note that GNU ld.bfd is still installed as /usr/bin/ld, and will still be used for linking ports. ld.lld can be installed as /usr/bin/ld by setting in /etc/src.conf WITH_LLD_IS_LLD=yes A followup commit will set WITHLLDIS_LD by default, possibly after Clang/LLVM/lld 6.0 is merged to FreeBSD. Release notes: Yes Sponsored by: The FreeBSD Foundation Followup: https://www.mail-archive.com/svn-src-all@freebsd.org/msg155493.html *** Beastie Bits BSDCAN2017 Interview with Peter Hessler, Reyk Floeter, and Henning Brauer (https://undeadly.org/cgi?action=article;sid=20171229080944) video (https://www.youtube.com/watch?v=e-Xim3_rJns) DSBMD (https://freeshell.de/~mk/projects/dsbmd.html) ccc34 talk - May contain DTraces of FreeBSD (https://media.ccc.de/v/34c3-9196-may_contain_dtraces_of_freebsd) [scripts to run an OpenBSD mirror, rsync and verify])(https://github.com/bluhm/mirror-openbsd) Old School PC Fonts (https://int10h.org/oldschool-pc-fonts/readme/) Feedback/Questions David - Approach and Tools for Snapshots and Remote Replication (http://dpaste.com/33HKKEM#wrap) Brian - Help getting my FreeBSD systems talking across the city (http://dpaste.com/3QWFEYR#wrap) Malcolm - First BSD Meetup in Stockholm happened and it was great (http://dpaste.com/1Z9Y8H1) Brad - Update on TrueOS system (http://dpaste.com/3EC9RGG#wrap) ***
This week on BSDNow, Allan and I are back from AsiaBSDCon and we have an interview with Brad Davis about the new “Packaging Base” call-for-testing. We'll be sharing our thoughts and stories on how the week This episode was brought to you by Headlines AsiaBSDCon 2016 - Wrap-up FreeBSD gets Haswell graphics support in time for 11.0-RELEASE (https://svnweb.freebsd.org/changeset/base/296548) The moment that many have been waiting for has finally arrived, support for Haswell graphics has been committed to FreeBSD -CURRENT The brings the DRM/i915 code up to date with Linux kernel 3.8.13 Work has already started on updating to Linux kernel 3.9 It is hoped that subsequent updates will be much easier, and much faster It does not appear to require setting the i915.preliminaryhwsupport loader tunable *** OpenBSD vmm/vmd Update (http://bhyvecon.org/bhyvecon2016-Mike.pdf) For the third year running, bhyvecon was held last week, during the lead up to AsiaBSDCon Bhyvecon has expanded, and now covers all virtualization on BSDs There were presentations on bhyve, Xen Dom0 on FreeBSD, Xen DomU for OpenBSD, and OpenBSD's vmm OpenBSD vmm started at the Brisbane 2015 hackathon in Australia Work continued through the summer and fall thanks to funding by the OpenBSD Foundation The presentation answered some outstanding questions, such as, why not just port bhyve? Initial focus is OpenBSD on OpenBSD Loader currently supports FreeBSD and NetBSD as well After the initial commits, other developers joined in to help with the work Reyk reworked the vmd and vmctl commands, to provide a better user interface Future plans: Nested VMX i386 support AMD SVM support Filesystem passthru Live migration (with ZFS like command syntax) Other developers are working on related projects: qemu interface: Allow qemu to be accelerated by the vmm backend, while providing emulated hardware, for legacy systems KVM interface: Make vmm look like KVM, so existing tools like openstack “just work” *** Interview - Brad Davis - brd@freebsd.org (mailto:brd@freebsd.org) / @so14k (https://twitter.com/so14k) Packaging Base News Roundup Packaging the base system with pkg(8) (https://lists.freebsd.org/pipermail/freebsd-pkgbase/2016-March/000032.html) The official call for testing for FreeBSD's pkg(8)'d base is out Users are requested to checkout the release-pkg branch, and build it as normal (buildworld, buildkernel) Instead of installworld, run: make packages This will produce a pkg repo in the /usr/obj directory The post to the mailing list includes an example pkg repo config file to point to those packages Run: pkg update -r FreeBSD-base This will read the metadata from the new repository Then run: pkg install -g 'FreeBSD-*' This will find all packages that start with ‘FreeBSD-' and install them In the future, there will be meta packages, so you can just install FreeBSD-base and it will pull in other packages are dependencies Currently, there are a large number of packages (over 700), because each shared library is packaged separately, and almost all optional features are in a separate package The number of packages is also increased because there are separate -debug, -profiling, etc versions of each package New features are being added to pkg(8) to mark important system components, like libc, as ‘vital', so they cannot be deleted accidently However, in the case of using pkg(8)'d base to create a jail, the administrator should be able to delete the entire base system Classic conundrum: “UNIX does not stop you doing something stupid, as that would also stop you doing something clever” Work is still ongoing At AsiaBSDCon, after the interview was recorded, bapt@ and brd@ had a whiteboarding session and have come up with how they expect to handle the kernel package, to ensure there is a /boot/kernel.old for you to fall back to incase the newly installer kernel does not work correctly. *** FreeBSD 10.3-RC2 Now Available (https://lists.freebsd.org/pipermail/freebsd-stable/2016-March/084384.html) The second release candidate for FreeBSD 10.3 is now available for testing Notable changes include: Import an upstream fix for ‘zfs send -i' to avoid data corruption in specific instances Boot loaders and kernel have been taught to handle ELF sections of type SHTAMD64UNWIND. This does not really apply to FreeBSD 10.3, but is required for 11.0, so will make upgrades easier Various mkdb commands (/etc/services, /etc/login.conf, etc) commands now use fsync() instead of opening the files as O_SYNC, greatly increasing the speed of the database generation From the earlier BETA3, the VFS improvements that were causing ZFS hangs, and the new ‘tryforward' routing code, have been reverted Work is ongoing to fix these issues for FreeBSD 11.0 There are two open issues: A fix for OpenSSH CVE-2016-3115 has not be included yet the re-addition of AES-CBC ciphers to the default server proposal list. AES-CBC was removed as part of the update to OpenSSH version 7.1p2, but the plan is to re-add it, specifically for lightweight clients who rely on hardware crypto offload to have acceptable SSH performance Please go out and test *** OPNsense 16.1.6 released (https://forum.opnsense.org/index.php?topic=2378.0) A new point-release of OPNsense has dropped, and apart from the usual security updates, some new features have been included firmware: bootstrap utility can now directly install e.g. the development version dhcp: all GUI pages have been reworked for a polished look and feel proxy: added category-based remote file support if compressed file contains multiple files proxy: added ICAP support (contributed by Fabian Franz) proxy: hook up the transparent FTP proxy proxy: add intercept on IPv6 for FTP and HTTP proxy options logging: syslog facilities, like services, are now fully pluggable vpn: stripped an invalid PPTP server configuration from the standard configuration vpn: converted to pluggable syslog, menu and ACL dyndns: all GUI pages have been reworked for a polished look and feel dyndns: widget now shows IPv6 entries too dns forwarder: all GUI pages have been reworked for a polished look and feel dns resolver: all GUI pages have been reworked for a polished look and feel dns resolver: rewrote the dhcp lease registration hooks dns resolver: allow parallel operation on non-standard port when dns forwarder is running as well firewall: hide outbound nat rule input for "interface address" option and toggle bitmask correctly interfaces: fix problem when VLAN tags weren't generated properly interfaces: improve interface capability reconfigure ipsec: fix service restart behaviour from GUI captive portal: add missing chain in certificate generation configd: improve recovery and reload behaviour load balancer: reordered menu entries for clarity ntp: reordered menu entries for clarity traffic shaper: fix mismatch for direction + dual interfaces setup languages: updated German and French Call for testing - ASLR patch (https://lists.freebsd.org/pipermail/freebsd-arch/2016-March/017719.html) A patch that provides a first pass implementation of basic ASLR (Address Space Layout Randomization) for FreeBSD has been posted to the mailing list “Stack gap, W^X, shared page randomization, KASLR and other techniques are explicitly out of scope of this work.” “ASLR is enabled on per-ABI basis, and currently it is only enabled on native i386 and amd64 (including compat 32bit) ABIs. I expect to test and enable ASLR for armv6 and arm64 as well, later” “Thanks to Oliver Pinter and Shawn Webb of the HardenedBSD project for pursuing ASLR for FreeBSD. Although this work is not based on theirs, it was inspired by their efforts.” *** Feedback/Questions Daniel - OpenZFS (http://slexy.org/view/s20Z81SPq3) Florian - JBODS (http://slexy.org/view/s2be4zDkG6) Hunter - SSL on DO (http://slexy.org/view/s2o0MijCFy) Ben - Backups (http://slexy.org/view/s2fXlOwdU7) Damian - Bug'in Me! (http://slexy.org/view/s2weBPb8sx) ***
This week on the show, we will be interviewing Alex Rosenberg, to This episode was brought to you by iX Systems Mission Complete (https://www.ixsystems.com/missioncomplete/) Submit your story of how you accomplished a mission with FreeBSD, FreeNAS, or iXsystems hardware, and you could win monthly prizes, and have your story featured in the FreeBSD Journal! *** Headlines Life with an OpenBSD Laptop: A UNIX-lover's tale of migrating away from the Mac. The Good, The Bad, The Ugly (http://www.nycbug.org/event/10356/openbsd_laptop_nycbug_2015.pdf) OpenBSD user Isaac (.ike) Levy details his switch from a Mac to an OpenBSD laptop He covers a bit about selecting hardware and dealing with wifi Talks about binary packages and system upgrades Talks about power management, suspend/resume, battery life Show screenshots of some of his favourite window managers Browsers and email clients are also discussed Things he found missing in OpenBSD: A journaling file system, every unclean shutdown means a full fsck(1) UTF-8/unicode was not everywhere Syncing pictures and contacts to his phone Drawing tools *** DragonFlyBSD matches its Intel kernel graphics driver against Linux 4.0 (http://lists.dragonflybsd.org/pipermail/commits/2015-December/459067.html) The DragonFlyBSD DRM stack continues to rapidly advance, now bringing in support from Linux 4.0! Some of the notable features: Basic Skylake support Panel Self-Refresh (PSR) now supported on Valleyview and Cherryview Preparations for atomic display updates Performance improvements on various GPU families, including Cherryview, Broadwell and Haswell GPU frequencies are now kept at a minimum of 450MHz when possible on Haswell and Broadwell, ensuring a minimum experience level for various types of workloads Improved reset support for gen3/4 GPUs, which should fix some OpenGL crashes on Core 2 and pre-2012 Atom machine Better sound/graphics driver synchronization for audio over hdmi support As usual, small bugfixes and stability improvements here and there *** A BSD Wish List for 2016 (http://fossforce.com/2015/12/bsd-wish-list-2016/) Larry over at Foss Force brings us his wish list for BSD support in 2016. Since he has converted most of his daily desktop usage to PC-BSD, he is specifically wanting support for some desktop applications. Namely Google hangouts and Spotify. This is something which has come up periodically among the PC-BSD community. At the moment most users are dual-booting or using alternatives, like WebRTC. However the Google Hangouts plugin is available for Linux, and perhaps this will encourage some developers to see if we can get it running with the newer Linux stack on -CURRENT. Spotify also has a native Linux version, which may need testing on FreeBSD - CURRENT. It may be closer now, and should be updated on the Wanted Ports Page https://wiki.freebsd.org/WantedPorts *** Hard Float API coming soon by default to armv6 (http://bsdimp.blogspot.com/2015/12/hard-float-api-coming-soon-by-default.html) Warner Losh talks about upcoming changes to armv6 on FreeBSD “All the CPUs that FreeBSD supports have hard floating point in them. We've supported hard float for quite some time in the FreeBSD kernel. However, by default, we still use a soft-float ABI.” First, “A new armv6hf (architecture) was created, but that caused some issues with some ports, and the meaning of 'soft float' sadly was ambiguous between the soft-float ABI, and the soft-float libraries that implement floating point when there's no hardware FPU” “Over the spring and summer, I fixed ld.so so that it can load both soft ABI and hard ABI libraries on the same system, depending on markings in the binaries themselves. Soft float ABI and hard float ABI binaries have different flags in the ELF headers, so it is relatively straightforward to know which is which.” “So, in the coming days, I'll commit the first set of changes to move to armv6 as a hard float ABI by default. The kernel doesn't care: it can execute both. The new ld.so will allow you to transition through this change by allowing old, compat soft ABI libraries to co-exist on the system with new hard ABI libraries. This change alone isn't enough, but it will be good to get it out into circulation.” “armv6hf will be removed before FreeBSD 11” A LIBSOFT will be created, similar in concept to the LIB32 available on AMD64 *** Interview - Alex Rosenberg - alexr@leftfield.org (mailto:alexr@leftfield.org) / @alexr (https://twitter.com/alexr) Former Manager of Platform Architecture at Sony *** Beastie Bits Tuesday, Dec 20, 2005 was the release date of the very first bsdtalkpodcast (http://bsdtalk.blogspot.com/2005/12/bsdtalk001-intro-to-bsd.html) Patch: Server side support for TCP FastOpen (https://reviews.freebsd.org/D4350) Learn to tame OpenBSD quickly (http://www.openbsdjumpstart.org/) Hardware Accerated iSCSI lands in FreeBSD (https://svnweb.freebsd.org/base?view=revision&revision=292740) Settings for full HD resolution on DragonFlyBSD under QEMU/KVM, thanks to reddit user Chapo_Rouge (https://www.reddit.com/r/dragonflybsd/comments/3x4n7u/psa_1920x1080_on_dragonflybsd_44_under_qemukvm/) Patch: An IllumOS developer has been porting the FreeBSD boot loader to replace their old version of GRUB. In doing so, he has also made improvements to the block caching in the boot loader (https://reviews.freebsd.org/D4713) A FreeBSD user working at Microsoft talks about Microsoft's shift to Open Source (http://blog.teleri.net/open-microsoft/) BSDCG Exam Session at FOSDEM'16 (https://fosdem.org/2016/schedule/event/cert_bsdcg/) Schedule for the BSD devroom at FOSDEM'16 (https://fosdem.org/2016/schedule/track/bsd/) OpenBSD snapshots are now 5.9 (http://marc.info/?l=openbsd-cvs&m=145055446007162&w=2) Notes on making BSD grep faster (http://blog.erratasec.com/2015/12/some-notes-on-fast-grep.html#.VoQKD1JSRhx) Intel's Platform Application Engineering (PAE) group within the Networking Division (ND) is looking for a Network Software Engineer (https://www-ssl.intel.com/content/www/us/en/jobs/job-search/js2.html?job=782165&src=ML-12080) Did you watch Die Hard at Christmas? Get the Die Hard FreeBSD boot screen: install this file in /boot and set loader_logo="tribute" in /boot/loader.conf (http://locheil.shxd.cx/logo-tribute.4th) Feedback/Questions Jeremy - ZFS without root (http://slexy.org/view/s20CTqtEan) Dan - Getting PC-BSD Media (http://slexy.org/view/s20sNPoDm5) Chris - VMs and FreeBSD (http://slexy.org/view/s2hjsVgGBK) Ben - Haswell and IRC (http://slexy.org/view/s21pwYOTHi) Instructions for trying the Haswell patch (https://wiki.freebsd.org/Graphics/Update%20i915%20GPU%20driver%20to%20Linux%203.8) Matt - Donation to foundation (http://slexy.org/view/s20vifHCyc) ***
Coming up on this week's episode, we have an interview This episode was brought to you by iX Systems Mission Complete (https://www.ixsystems.com/missioncomplete/) Submit your story of how you accomplished a mission with FreeBSD, FreeNAS, or iXsystems hardware, and you could win monthly prizes, and have your story featured in the FreeBSD Journal! *** Headlines OpenBSD 5.8 is released on the 20th birthday of the OpenBSD project (http://bsdsec.net/articles/openbsd-5-8-released) 5.8 has landed, and just in time for the 20th birthday of OpenBSD, Oct 18th A long list of changes can be found on the release announcement, but here's a small scattering of them Drivers for new hardware, such as: rtwn = Realtek RTL8188CE wifi hpb = HyperTransport bridge in IBM CPC945 Improved sensor support for upd driver (USB power devices) Jumbo frame support on re driver, using RTL8168C/D/E/F/G and RTL8411 Updated to installer, improve autoinstall, and questions about SSH setup Sudo in base has been replace with “doas”, sudo moved to package tree New file(1) command with sandboxing and priv separation The tame(2) API WiP Improvements to the httpd(8) daemon, such as support for lua pattern matching redirections Bugfixes and the security updates to OpenSMTPD 5.4.4 LibreSSL security fixes, removed SSLv3 support from openssl(1) (Still working on nuking SSLv3 from all ports) And much more, too much to mention here, read the notes for all the gory details! OpenBSD Developer Interviews To go along with the 20th birthday, we have a whole slew of new interviews brought to us by the beastie.pl team. English and Polish are both provided, so be sure not to miss these! Dmitrij D. Czarkoff (http://beastie.pl/deweloperzy-openbsd-dmitrij-d-czarkoff/) Vadim Zhukov (http://beastie.pl/deweloperzy-openbsd-vadim-zhukov/) Marc Espie (http://beastie.pl/deweloperzy-openbsd-marc-espie/) Bryan Steele (http://beastie.pl/deweloperzy-openbsd-bryan-steele/) Ingo Schwarze (http://beastie.pl/deweloperzy-openbsd-ingo-schwarze/) Gilles Chehade (http://beastie.pl/deweloperzy-openbsd-gilles-chehade/) Jean-Sébastien Pédron has submitted a call for testing out the neIntel i915 driver (http://lists.freebsd.org/pipermail/freebsd-x11/2015-October/016758.html) A very eagerly awaited feature, Haswell GPU support has begun the testing process The main developer, Jean-Sébastien Pédron dumbbell@freebsd.org looking for users to test the patch, both those that have older supported cards (Sandybridge, Ivybridge) that are currently working, and users with Haswell devices that have, until now, not been supported Included is a link to the Wiki with instructions on how to enable debugging, and grab the updated branch of FreeBSD with the graphical improvements. Jean-Sébastien is calling for testers to send results both good and bad over to the freebsd-x11 mailing lists For those who want an “out of box solution” the next PC-BSD 11.0-CURRENT November images will include these changes as well How to install FreeBSD on a Raspberry Pi 2 (http://www.cyberciti.biz/faq/how-to-install-freebsd-on-raspberry-pi-2-model-b/) We have a nice walkthrough this week on how to install FreeBSD, both 10 or 11-CURRENT on a RPi 2! The walkthrough shows us how to use OSX to copy the image to SD card, then booting. In this case, we have him using a USB to serial cable to capture output with screen This is a pretty quick way for users sitting on a RPi2 to get up and running with FreeBSD Interview - Jordan Hubbard - jkh@ixsystems.com (mailto:email@email) NextBSD (http://www.nextbsd.org/) | NextBSD Github (https://github.com/NextBSD/NextBSD) Beastie Bits OpenBSD's Source Tree turned 20 on October 18th (https://marc.info/?l=openbsd-misc&m=144515087006177&w=2) GhostBSD working on Graphical ZFS Configuration Utility (https://plus.google.com/+GhostbsdOrg/posts/JoNZzrKrhtB) EuroBSDcon 2014 videos finally online (https://www.youtube.com/channel/UCz6C-szau90f9Vn07A6W2aA/videos) Postdoctoral research position at Memorial University is open (http://www.mun.ca/postdoc/tc-postdoc-2015.pdf) NetBSD Security Advisory: TCP LAST_ACK memory exhaustion, reported by NetFlix and Juniper (http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2015-009.txt.asc) DesktopBSD making a comeback? (http://www.desktopbsd.net/forums/threads/desktopbsd-2-0-roadmap.798/) Feedback/Questions Steve (http://slexy.org/view/s20PllfFXt) Ben (http://slexy.org/view/s21jJm1lFN) Frank (http://slexy.org/view/s20TsrN3uq) Tyler (http://slexy.org/view/s20AydOevW)
It's already our two-year anniversary! This time on the show, we'll be chatting with Scott Courtney, vice president of infrastructure engineering at Verisign, about this year's vBSDCon. What's it have to offer in an already-crowded BSD conference space? We'll find out. This episode was brought to you by Headlines OpenBSD hypervisor coming soon (https://www.marc.info/?l=openbsd-tech&m=144104398132541&w=2) Our buddy Mike Larkin never rests, and he posted some very tight-lipped console output (http://pastebin.com/raw.php?i=F2Qbgdde) on Twitter recently From what little he revealed at the time (https://twitter.com/mlarkin2012/status/638265767864070144), it appeared to be a new hypervisor (https://en.wikipedia.org/wiki/Hypervisor) (that is, X86 hardware virtualization) running on OpenBSD -current, tentatively titled "vmm" Later on, he provided a much longer explanation on the mailing list, detailing a bit about what the overall plan for the code is Originally started around the time of the Australia hackathon, the work has since picked up more steam, and has gotten a funding boost from the OpenBSD foundation One thing to note: this isn't just a port of something like Xen or Bhyve; it's all-new code, and Mike explains why he chose to go that route He also answered some basic questions about the requirements, when it'll be available, what OSes it can run, what's left to do, how to get involved and so on *** Why FreeBSD should not adopt launchd (http://blog.darknedgy.net/technology/2015/08/26/0/) Last week (http://www.bsdnow.tv/episodes/2015_08_26-beverly_hills_25519) we mentioned a talk Jordan Hubbard gave about integrating various parts of Mac OS X into FreeBSD One of the changes, perhaps the most controversial item on the list, was the adoption of launchd to replace the init system (replacing init systems seems to cause backlash, we've learned) In this article, the author talks about why he thinks this is a bad idea He doesn't oppose the integration into FreeBSD-derived projects, like FreeNAS and PC-BSD, only vanilla FreeBSD itself - this is also explained in more detail The post includes both high-level descriptions and low-level technical details, and provides an interesting outlook on the situation and possibilities Reddit had quite a bit (https://www.reddit.com/r/BSD/comments/3ilhpk) to say (https://www.reddit.com/r/freebsd/comments/3ilj4i) about this one, some in agreement and some not *** DragonFly graphics improvements (http://lists.dragonflybsd.org/pipermail/commits/2015-August/458108.html) The DragonFlyBSD guys are at it again, merging newer support and fixes into their i915 (Intel) graphics stack This latest update brings them in sync with Linux 3.17, and includes Haswell fixes, DisplayPort fixes, improvements for Broadwell and even Cherryview GPUs You should also see some power management improvements, longer battery life and various other bug fixes If you're running DragonFly, especially on a laptop, you'll want to get this stuff on your machine quick - big improvements all around *** OpenBSD tames the userland (https://www.marc.info/?l=openbsd-tech&m=144070638327053&w=2) Last week we mentioned OpenBSD's tame framework getting support for file whitelists, and said that the userland integration was next - well, now here we are Theo posted a mega diff of nearly 100 smaller diffs, adding tame support to many areas of the userland tools It's still a work-in-progress version; there's still more to be added (including the file path whitelist stuff) Some classic utilities are even being reworked to make taming them easier - the "w" command (https://www.marc.info/?l=openbsd-cvs&m=144103945031253&w=2), for example The diff provides some good insight on exactly how to restrict different types of utilities, as well as how easy it is to actually do so (and en masse) More discussion can be found on HN (https://news.ycombinator.com/item?id=10135901), as one might expect If you're a software developer, and especially if your software is in ports already, consider adding some more fine-grained tame support in your next release *** Interview - Scott Courtney - vbsdcon@verisign.com (mailto:vbsdcon@verisign.com) / @verisign (https://twitter.com/verisign) vBSDCon (http://vbsdcon.com/) 2015 News Roundup OPNsense, beyond the fork (https://opnsense.org/opnsense-beyond-the-fork) We first heard about (http://www.bsdnow.tv/episodes/2015_01_14-common_sense_approach) OPNsense back in January, and they've since released nearly 40 versions, spanning over 5,000 commits This is their first big status update, covering some of the things that've happened since the project was born There's been a lot of community growth and participation, mass bug fixing, new features added, experimental builds with ASLR and much more - the report touches on a little of everything *** LibreSSL nukes SSLv3 (http://undeadly.org/cgi?action=article&sid=20150827112006) With their latest release, LibreSSL began to turn off SSLv3 (http://disablessl3.com) support, starting with the "openssl" command At the time, SSLv3 wasn't disabled entirely because of some things in the OpenBSD ports tree requiring it (apache being one odd example) They've now flipped the switch, and the process of complete removal has started From the Undeadly summary, "This is an important step for the security of the LibreSSL library and, by extension, the ports tree. It does, however, require lots of testing of the resulting packages, as some of the fallout may be at runtime (so not detected during the build). That is part of why this is committed at this point during the release cycle: it gives the community more time to test packages and report issues so that these can be fixed. When these fixes are then pushed upstream, the entire software ecosystem will benefit. In short: you know what to do!" With this change and a few more to follow shortly, LibreSSL won't actually support SSL anymore - time to rename it "LibreTLS" *** FreeBSD MPTCP updated (http://caia.swin.edu.au/urp/newtcp/mptcp/tools/v05/mptcp-readme-v0.5.txt) For anyone unaware, Multipath TCP (https://en.wikipedia.org/wiki/Multipath_TCP) is "an ongoing effort of the Internet Engineering Task Force's (IETF) Multipath TCP working group, that aims at allowing a Transmission Control Protocol (TCP) connection to use multiple paths to maximize resource usage and increase redundancy." There's been work out of an Australian university to add support for it to the FreeBSD kernel, and the patchset was recently updated Including in this latest version is an overview of the protocol, how to get it compiled in, current features and limitations and some info about the routing requirements Some big performance gains can be had with MPTCP, but only if both the client and server systems support it - getting it into the FreeBSD kernel would be a good start *** UEFI and GPT in OpenBSD (https://www.marc.info/?l=openbsd-cvs&m=144092912907778&w=2) There hasn't been much fanfare about it yet, but some initial UEFI and GPT-related commits have been creeping into OpenBSD recently Some support (https://github.com/yasuoka/openbsd-uefi) for UEFI booting has landed in the kernel, and more bits are being slowly enabled after review This comes along with a number (https://www.marc.info/?l=openbsd-cvs&m=143732984925140&w=2) of (https://www.marc.info/?l=openbsd-cvs&m=144088136200753&w=2) other (https://www.marc.info/?l=openbsd-cvs&m=144046793225230&w=2) commits (https://www.marc.info/?l=openbsd-cvs&m=144045760723039&w=2) related to GPT, much of which is being refactored and slowly reintroduced Currently, you have to do some disklabel wizardry to bypass the MBR limit and access more than 2TB of space on a single drive, but it should "just work" with GPT (once everything's in) The UEFI bootloader support has been committed (https://www.marc.info/?l=openbsd-cvs&m=144115942223734&w=2), so stay tuned for more updates (http://undeadly.org/cgi?action=article&sid=20150902074526&mode=flat) as further (https://twitter.com/kotatsu_mi/status/638909417761562624) progress (https://twitter.com/yojiro/status/638189353601097728) is made *** Feedback/Questions John writes in (http://slexy.org/view/s2sIWfb3Qh) Mason writes in (http://slexy.org/view/s2Ybrx00KI) Earl writes in (http://slexy.org/view/s20FpmR7ZW) ***
This week on the show we'll be chatting with David Maxwell, a former NetBSD security officer. He's got an interesting project called Pipecut that takes a whole new approach to the commandline. We've also got answers to viewer-submitted questions and all this week's headlines, on BSD Now - the place to B.. SD. This episode was brought to you by Headlines FreeBSD quarterly status report (https://www.freebsd.org/news/status/report-2014-10-2014-12.html) The FreeBSD team has posted an updated on some of their activities between October and December of 2014 They put a big focus on compatibility with other systems: the Linux emulation layer, bhyve (http://www.bsdnow.tv/tutorials/bhyve), WINE and Xen all got some nice improvements As always, the report has lots of updates from the various teams working on different parts of the OS and ports infrastructure The release engineering team got 10.1 out the door, the ports team shuffled a few members in and out and continued working on closing more PRs FreeBSD's forums underwent a huge change, and discussion about the new support model for release cycles continues (hopefully taking effect after 11.0 is released) Git was promoted from beta to an officially-supported version control system (Kris is happy) The core team is also assembling a new QA team to ensure better code quality in critical areas, such as security and release engineering, after getting a number of complaints Other notable entries include: lots of bhyve fixes, Clang/LLVM being updated to 3.5.0, ongoing work to the external toolchain, adding FreeBSD support to more "cloud" services, pkgng updates, work on SecureBoot, more ARM support and graphics stack improvements Check out the full report for all the details that we didn't cover *** OpenBSD package signature audit (http://linux-audit.com/vulnerabilities-and-digital-signatures-for-openbsd-software-packages/) "Linux Audit" is a website focused on auditing and hardening systems, as well as educating people about securing their boxes They recently did an article about OpenBSD, specifically their ports and package system (http://www.bsdnow.tv/tutorials/ports-obsd) and signing infrastructure The author gives a little background on the difference between ports and binary packages, then goes through the technical details of how releases and packages are cryptographically signed Package signature formats and public key distribution methods are also touched on After some heckling, the author of the post said he plans to write more BSD security articles, so look forward to them in the future If you haven't seen our episode about signify (http://www.bsdnow.tv/episodes/2014_02_05-time_signatures) with Ted Unangst, that would be a great one to check out after reading this *** Replacing a Linux router with BSD (http://ask.slashdot.org/story/15/01/15/1547209/ask-slashdot-migrating-a-router-from-linux-to-bsd) There was recently a Slashdot discussion about migrating a Linux-based router to a BSD-based one The poster begins with "I'm in the camp that doesn't trust systemd. You can discuss the technical merits of all init solutions all you want, but if I wanted to run Windows NT I'd run Windows NT, not Linux. So I've decided to migrate my homebrew router/firewall/samba server to one of the BSDs." A lot of people were quick to recommend OPNsense (http://www.bsdnow.tv/episodes/2015_01_14-common_sense_approach) and pfSense, being that they're very easy to administer (requiring basically no BSD knowledge at all) Other commenters suggested a more hands-on approach, setting one up yourself with FreeBSD (http://blog.pcbsd.org/2015/01/using-trueos-as-a-ipfw-based-home-router/) or OpenBSD (http://www.bsdnow.tv/tutorials/openbsd-router) If you've been thinking about moving some routers over from Linux or other commercial solution, this might be a good discussion to read through Unfortunately, a lot of the comments are just Linux users bickering about systemd, so you'll have to wade through some of that to get to the good information *** LibreSSL in FreeBSD and OPNsense (http://bsdxbsdx.blogspot.com/2015/01/switching-to-openssl-from-ports-in.html) A FreeBSD sysadmin has started documenting his experience replacing OpenSSL in the base system with the one from ports (and also experimenting with LibreSSL) The reasoning being that updates in base tend to lag behind (http://www.openbsd.org/papers/eurobsdcon2014-libressl.html), whereas the port can be updated for security very quickly OPNsense developers are looking into (https://twitter.com/fitchitis/status/555625679614521345) switching away (http://forum.opnsense.org/index.php?topic=21.0) from OpenSSL to LibreSSL's portable version (http://www.bsdnow.tv/episodes/2014_07_30-liberating_ssl), for both their ports and base system, which would be a pretty huge differentiator for their project Some ports still need fixing (https://bugs.freebsd.org/bugzilla/buglist.cgi?order=Importance&query_format=advanced&short_desc=libressl&short_desc_type=allwordssubstr) to be compatible though, particularly a few (https://github.com/opnsense/ports/commit/c15af648e9d5fcecf0ae666292e8f41c08979057) python-related (https://github.com/pyca/cryptography/issues/928) ones If you're a FreeBSD ports person, get involved and help squash some of the last remaining bugs A lot of the work has already been done in OpenBSD's ports tree (http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/) - some patches just need to be adopted More and more upstream projects are incorporating LibreSSL patches in their code - let your favorite software vendor know that you're using it *** Interview - David Maxwell - david@netbsd.org (mailto:david@netbsd.org) / @davidwmaxwell (https://twitter.com/david_w_maxwell) Pipecut (https://www.youtube.com/watch?v=CZHEZHK4jRc), text processing, commandline wizardry News Roundup Jetpack, a new jail container system (https://github.com/3ofcoins/jetpack) A new project was launched to adapt FreeBSD jails to the "app container specification" While still pretty experimental in terms of the development phase, this might be something to show your Linux friends who are in love with docker It's a similar project to iocage (https://github.com/pannon/iocage) or bsdploy (https://github.com/ployground/bsdploy), which we haven't talked a whole lot about There was also some discussion (https://news.ycombinator.com/item?id=8893630) about it on Hacker News *** Separating base and package binaries (https://www.reddit.com/r/BSD/comments/2szofc) All of the main BSDs make a strong separation between the base system and third party software This is in contrast to Linux where there's no real concept of a "base system" - more recently, some distros have even merged all the binaries into a single directory A user asks the community about the BSD way of doing it, trying to find out the advantages and disadvantages of both hierarchies Read the comments for the full explanation, but having things separated really helps keep things organized *** Updated i915kms driver for FreeBSD (https://svnweb.freebsd.org/base?view=revision&revision=277487) This update brings the FreeBSD code closer inline with the Linux code, to make it easier to update going forward It doesn't introduce Haswell support just yet, but was required before the Haswell bits can be added *** Year of the OpenBSD desktop (http://zacbrown.org/2015/01/18/openbsd-as-a-desktop/) Here we have an article about using OpenBSD as a daily driver for regular desktop usage The author says he "ran fifty thousand different distributions, never being satisfied" After dealing with the problems of Linux and fragmentation, he eventually gave up and bought a Macbook He also used FreeBSD between versions 7 and 9, finding a "a mostly harmonious environment," but regressions lead him to give up on desktop *nix once again Starting with 2015, he's back and is using OpenBSD on a Thinkpad x201 The rest of the article covers some of his configuration tweaks and gives an overall conclusion on his current setup He apparently used our desktop tutorial (http://www.bsdnow.tv/tutorials/the-desktop-obsd) - thanks for watching! *** Unattended FreeBSD installation (http://louwrentius.com/freebsd-101-unattended-install-over-pxe-http-no-nfs.html) A new BSD user was looking to get some more experience, so he documented how to install FreeBSD over PXE His goal was to have a setup similar to Redhat's "kickstart" or OpenBSD's autoinstall (http://www.bsdnow.tv/tutorials/autoinstall) The article shows you how to set up DHCP and TFTP, with no NFS share setup required He also gives a mention to mfsbsd, showing how you can customize its startup script to do most of the work for you *** Feedback/Questions Robert writes in (http://slexy.org/view/s20UsZjN4h) Sean writes in (http://slexy.org/view/s219cMQz3U) l33tname writes in (http://slexy.org/view/s2EkzMUMyb) Charlie writes in (http://slexy.org/view/s2nq6L6H1n) Eric writes in (http://slexy.org/view/s21EGqUYLd) *** Mailing List Gold Clowning around (https://www.marc.info/?l=openbsd-cvs&m=142159202606668&w=2) Better than succeeding in this case (https://lists.freebsd.org/pipermail/freebsd-ports/2015-January/097734.html) ***
This week, the NSA hacks El Presidente, Windows 8.1 launches (and unlaunches), Nokia's new Lumia and Apple's Fall cornucopia of product offerings. All this and more... What We're Playing With Andy: MAME Cabinet finish Tosin: Playing ‘Star Wars' for noobs Headlines NSA Hacked Email Account of Mexican President Nokia Lumia 1520: Windows Phone with a 6-inch 1080p display and 20MP camera Windows 8.1 launches Microsoft pulls Windows RT 8.1 update from the Windows Store due to 'a situation' Audible Book of the Week The Everything Store: Jeff Bezos and the Age of Amazon by Brad Stone Sign up at AudibleTrial.com/TheDrillDown Music Break: Something in the Air by Thunderclap Newman Hot Topic: Apple Fall Event From iPad Air to Mac Pro: everything you need to know about Apple's fall event Apple unveils Haswell-based MacBook Pros with Retina display, starting at $1,299 Apple's new Mac Pro: a mini supercomputer available in December for $2,999 OS X Mavericks Now Available Free on Mac App Store All Of The Ways Apple's New Free Mac OS Hurts Microsoft Windows iLife and iWork suites are updated and free with new iOS devices or Macs Apple Announces iPad Air and an iPad Mini With Retina Display The Drill Down Video of the Week Apple's fall 2013 event recap in less than 5 mins. Subscribe! The Drill Down on iTunes (Subscribe now!) Add us on Stitcher! The Drill Down on Facebook The Drill Down on Twitter Geeks Of Doom's The Drill Down is a roundtable-style audio podcast where we discuss the most important issues of the week, in tech and on the web and how they affect us all. Hosts are Geeks of Doom contributor Andrew Sorcini (Mr. BabyMan), marketing research analyst Dwayne De Freitas, and Startup Digest CTO Christopher Burnor. Occasionally joining them is Box tech consultant Tosin Onafowokan.
Anand and Dustin debate the merits of Haswell on the desktop, as well as the future of the enthusiast desktop.
Anand Shimpi, Brian Klug & Dr. Ian Cutress set expectations for Haswell and discuss Intel's TV initiative. Brian updates us on the removal of unofficial LTE support from the Nexus 4 as well as Broadcom's first LTE baseband. Surface Pro, the Pebble smartwatch and the Tesla Model S controversy are also on the list this week.
Anand Shimpi, Brian Klug & Dr. Ian Cutress discuss their best products of 2012. Haswell and Valley View are up for discussion as well. Brian goes on a rant about mobile operators removing fieldtest from smartphones. Brian also discusses Ubuntu for smartphones, the new Go Pro Hero 3 Black and some final words on the Galaxy Camera. The trio talks a bit about the ARM vx x86 power articles as well.
Welcome to our last podcast of 2012! We start off with what we've been playing, which naturally includes quite a few items from the ongoing Steam Holiday Sale. The news hits a few juicy items, including the ridiculous War Z fiasco, THQ filing for bankruptcy, Haswell spec leaks, Blizzard scrapping TDM PvP in Diablo III, [&hellip
Anand Shimpi, Brian Klug, Vivek Gowri and Dr. Ian Cutress discuss improving boot times with the next generation of BIOSes/UEFI updates for Windows 8. We also go over the Haswell architecture article and Vivek's 2nd gen Razer Blade review. Brian brings up the T-Mobile acquisition, HTC's One X+ and One VX. Vivek closes out with a mechanical engineer's perspective on the iPhone 5's anodized aluminum back.
Brian Klug, Dr. Ian Cutress and Anand Shimpi discuss the iPhone 5, Motorola's RAZR i, HTC's Windows Phone 8X/8S and LG's Optimus G. Anand also discusses more about Intel's Haswell architecture.
© 2020-2025 Ivy Podcast Discovery LLC
