Podcast appearances and mentions of Peter Hessler

In 2019, journalist and writer Peter Hessler traveled with his family to China. He'd gotten a gig as a teacher of writing—nonfiction writing in particular—in what he'd hoped would be a sequel to his 2001 book River Town: Two Years on the Yangtze. But plans changed—radically. At the very end of 2019, the COVID-19 virus emerges in Wuhan, leading to chaos as officials frantically try to figure out how to control the new disease. Peter's reporting first wins his criticism from Chinese nationalists angry about his frank discussions of China's mistakes—then criticism from U.S. hawks angry that Hessler gives Beijing credit for what it managed to do right as COVID rapidly spreads around the world. Peter's years in China are covered in his latest book Other Rivers: A Chinese Education (Penguin Press, 2024), published last year. Peter Hessler is a staff writer at the New Yorker, where he served as Beijing correspondent from 2000 to 2007, Cairo correspondent from 2011 to 2016, and Chengdu correspondent from 2019 to 2021. He is the author of The Buried: An Archaeology of the Egyptian Revolution; River Town: Two Years on the Yangtze, which won the Kiriyama Book Prize; Oracle Bones: A Journey Between China's Past and Present, which was a finalist for the National Book Award; Country Driving: A Chinese Road Trip; and Strange Stones: Dispatches from East and West. He won the 2008 National Magazine Award for excellence in reporting, and he was named a MacArthur fellow in 2011. You can find more reviews, excerpts, interviews, and essays at The Asian Review of Books, including its review of Other Rivers. Follow on Twitter at @BookReviewsAsia. Nicholas Gordon is an editor for a global magazine, and a reviewer for the Asian Review of Books. He can be found on Twitter at @nickrigordon. Learn more about your ad choices. Visit megaphone.fm/adchoices Support our show by becoming a premium member! https://newbooksnetwork.supportingcast.fm/new-books-network

In 2019, journalist and writer Peter Hessler traveled with his family to China. He'd gotten a gig as a teacher of writing—nonfiction writing in particular—in what he'd hoped would be a sequel to his 2001 book River Town: Two Years on the Yangtze. But plans changed—radically. At the very end of 2019, the COVID-19 virus emerges in Wuhan, leading to chaos as officials frantically try to figure out how to control the new disease. Peter's reporting first wins his criticism from Chinese nationalists angry about his frank discussions of China's mistakes—then criticism from U.S. hawks angry that Hessler gives Beijing credit for what it managed to do right as COVID rapidly spreads around the world. Peter's years in China are covered in his latest book Other Rivers: A Chinese Education (Penguin Press, 2024), published last year. Peter Hessler is a staff writer at the New Yorker, where he served as Beijing correspondent from 2000 to 2007, Cairo correspondent from 2011 to 2016, and Chengdu correspondent from 2019 to 2021. He is the author of The Buried: An Archaeology of the Egyptian Revolution; River Town: Two Years on the Yangtze, which won the Kiriyama Book Prize; Oracle Bones: A Journey Between China's Past and Present, which was a finalist for the National Book Award; Country Driving: A Chinese Road Trip; and Strange Stones: Dispatches from East and West. He won the 2008 National Magazine Award for excellence in reporting, and he was named a MacArthur fellow in 2011. You can find more reviews, excerpts, interviews, and essays at The Asian Review of Books, including its review of Other Rivers. Follow on Twitter at @BookReviewsAsia. Nicholas Gordon is an editor for a global magazine, and a reviewer for the Asian Review of Books. He can be found on Twitter at @nickrigordon. Learn more about your ad choices. Visit megaphone.fm/adchoices Support our show by becoming a premium member! https://newbooksnetwork.supportingcast.fm/history

In 2019, journalist and writer Peter Hessler traveled with his family to China. He'd gotten a gig as a teacher of writing—nonfiction writing in particular—in what he'd hoped would be a sequel to his 2001 book River Town: Two Years on the Yangtze. But plans changed—radically. At the very end of 2019, the COVID-19 virus emerges in Wuhan, leading to chaos as officials frantically try to figure out how to control the new disease. Peter's reporting first wins his criticism from Chinese nationalists angry about his frank discussions of China's mistakes—then criticism from U.S. hawks angry that Hessler gives Beijing credit for what it managed to do right as COVID rapidly spreads around the world. Peter's years in China are covered in his latest book Other Rivers: A Chinese Education (Penguin Press, 2024), published last year. Peter Hessler is a staff writer at the New Yorker, where he served as Beijing correspondent from 2000 to 2007, Cairo correspondent from 2011 to 2016, and Chengdu correspondent from 2019 to 2021. He is the author of The Buried: An Archaeology of the Egyptian Revolution; River Town: Two Years on the Yangtze, which won the Kiriyama Book Prize; Oracle Bones: A Journey Between China's Past and Present, which was a finalist for the National Book Award; Country Driving: A Chinese Road Trip; and Strange Stones: Dispatches from East and West. He won the 2008 National Magazine Award for excellence in reporting, and he was named a MacArthur fellow in 2011. You can find more reviews, excerpts, interviews, and essays at The Asian Review of Books, including its review of Other Rivers. Follow on Twitter at @BookReviewsAsia. Nicholas Gordon is an editor for a global magazine, and a reviewer for the Asian Review of Books. He can be found on Twitter at @nickrigordon. Learn more about your ad choices. Visit megaphone.fm/adchoices Support our show by becoming a premium member! https://newbooksnetwork.supportingcast.fm/east-asian-studies

In 2019, journalist and writer Peter Hessler traveled with his family to China. He'd gotten a gig as a teacher of writing—nonfiction writing in particular—in what he'd hoped would be a sequel to his 2001 book River Town: Two Years on the Yangtze. But plans changed—radically. At the very end of 2019, the COVID-19 virus emerges in Wuhan, leading to chaos as officials frantically try to figure out how to control the new disease. Peter's reporting first wins his criticism from Chinese nationalists angry about his frank discussions of China's mistakes—then criticism from U.S. hawks angry that Hessler gives Beijing credit for what it managed to do right as COVID rapidly spreads around the world. Peter's years in China are covered in his latest book Other Rivers: A Chinese Education (Penguin Press, 2024), published last year. Peter Hessler is a staff writer at the New Yorker, where he served as Beijing correspondent from 2000 to 2007, Cairo correspondent from 2011 to 2016, and Chengdu correspondent from 2019 to 2021. He is the author of The Buried: An Archaeology of the Egyptian Revolution; River Town: Two Years on the Yangtze, which won the Kiriyama Book Prize; Oracle Bones: A Journey Between China's Past and Present, which was a finalist for the National Book Award; Country Driving: A Chinese Road Trip; and Strange Stones: Dispatches from East and West. He won the 2008 National Magazine Award for excellence in reporting, and he was named a MacArthur fellow in 2011. You can find more reviews, excerpts, interviews, and essays at The Asian Review of Books, including its review of Other Rivers. Follow on Twitter at @BookReviewsAsia. Nicholas Gordon is an editor for a global magazine, and a reviewer for the Asian Review of Books. He can be found on Twitter at @nickrigordon. Learn more about your ad choices. Visit megaphone.fm/adchoices Support our show by becoming a premium member! https://newbooksnetwork.supportingcast.fm/chinese-studies

In 2019, journalist and writer Peter Hessler traveled with his family to China. He'd gotten a gig as a teacher of writing—nonfiction writing in particular—in what he'd hoped would be a sequel to his 2001 book River Town: Two Years on the Yangtze. But plans changed—radically. At the very end of 2019, the COVID-19 virus emerges in Wuhan, leading to chaos as officials frantically try to figure out how to control the new disease. Peter's reporting first wins his criticism from Chinese nationalists angry about his frank discussions of China's mistakes—then criticism from U.S. hawks angry that Hessler gives Beijing credit for what it managed to do right as COVID rapidly spreads around the world. Peter's years in China are covered in his latest book Other Rivers: A Chinese Education (Penguin Press, 2024), published last year. Peter Hessler is a staff writer at the New Yorker, where he served as Beijing correspondent from 2000 to 2007, Cairo correspondent from 2011 to 2016, and Chengdu correspondent from 2019 to 2021. He is the author of The Buried: An Archaeology of the Egyptian Revolution; River Town: Two Years on the Yangtze, which won the Kiriyama Book Prize; Oracle Bones: A Journey Between China's Past and Present, which was a finalist for the National Book Award; Country Driving: A Chinese Road Trip; and Strange Stones: Dispatches from East and West. He won the 2008 National Magazine Award for excellence in reporting, and he was named a MacArthur fellow in 2011. You can find more reviews, excerpts, interviews, and essays at The Asian Review of Books, including its review of Other Rivers. Follow on Twitter at @BookReviewsAsia. Nicholas Gordon is an editor for a global magazine, and a reviewer for the Asian Review of Books. He can be found on Twitter at @nickrigordon. Learn more about your ad choices. Visit megaphone.fm/adchoices Support our show by becoming a premium member! https://newbooksnetwork.supportingcast.fm/education

In 2019, journalist and writer Peter Hessler traveled with his family to China. He'd gotten a gig as a teacher of writing—nonfiction writing in particular—in what he'd hoped would be a sequel to his 2001 book River Town: Two Years on the Yangtze. But plans changed—radically. At the very end of 2019, the COVID-19 virus emerges in Wuhan, leading to chaos as officials frantically try to figure out how to control the new disease. Peter's reporting first wins his criticism from Chinese nationalists angry about his frank discussions of China's mistakes—then criticism from U.S. hawks angry that Hessler gives Beijing credit for what it managed to do right as COVID rapidly spreads around the world. Peter's years in China are covered in his latest book Other Rivers: A Chinese Education (Penguin Press, 2024), published last year. Peter Hessler is a staff writer at the New Yorker, where he served as Beijing correspondent from 2000 to 2007, Cairo correspondent from 2011 to 2016, and Chengdu correspondent from 2019 to 2021. He is the author of The Buried: An Archaeology of the Egyptian Revolution; River Town: Two Years on the Yangtze, which won the Kiriyama Book Prize; Oracle Bones: A Journey Between China's Past and Present, which was a finalist for the National Book Award; Country Driving: A Chinese Road Trip; and Strange Stones: Dispatches from East and West. He won the 2008 National Magazine Award for excellence in reporting, and he was named a MacArthur fellow in 2011. You can find more reviews, excerpts, interviews, and essays at The Asian Review of Books, including its review of Other Rivers. Follow on Twitter at @BookReviewsAsia. Nicholas Gordon is an editor for a global magazine, and a reviewer for the Asian Review of Books. He can be found on Twitter at @nickrigordon. Learn more about your ad choices. Visit megaphone.fm/adchoices Support our show by becoming a premium member! https://newbooksnetwork.supportingcast.fm/asian-review

In 2019, journalist and writer Peter Hessler traveled with his family to China. He'd gotten a gig as a teacher of writing—nonfiction writing in particular—in what he'd hoped would be a sequel to his 2001 book River Town: Two Years on the Yangtze. But plans changed—radically. At the very end of 2019, the COVID-19 virus emerges in Wuhan, leading to chaos as officials frantically try to figure out how to control the new disease. Peter's reporting first wins his criticism from Chinese nationalists angry about his frank discussions of China's mistakes—then criticism from U.S. hawks angry that Hessler gives Beijing credit for what it managed to do right as COVID rapidly spreads around the world. Peter's years in China are covered in his latest book Other Rivers: A Chinese Education (Penguin Press, 2024), published last year. Peter Hessler is a staff writer at the New Yorker, where he served as Beijing correspondent from 2000 to 2007, Cairo correspondent from 2011 to 2016, and Chengdu correspondent from 2019 to 2021. He is the author of The Buried: An Archaeology of the Egyptian Revolution; River Town: Two Years on the Yangtze, which won the Kiriyama Book Prize; Oracle Bones: A Journey Between China's Past and Present, which was a finalist for the National Book Award; Country Driving: A Chinese Road Trip; and Strange Stones: Dispatches from East and West. He won the 2008 National Magazine Award for excellence in reporting, and he was named a MacArthur fellow in 2011. You can find more reviews, excerpts, interviews, and essays at The Asian Review of Books, including its review of Other Rivers. Follow on Twitter at @BookReviewsAsia. Nicholas Gordon is an editor for a global magazine, and a reviewer for the Asian Review of Books. He can be found on Twitter at @nickrigordon. Learn more about your ad choices. Visit megaphone.fm/adchoices Support our show by becoming a premium member! https://newbooksnetwork.supportingcast.fm/journalism

Why do so many Chinese people choose such curious English names? You must have come across this phenomenon – whether they are names from a past century, or surnames, nouns or even adjectives used as first names, or words that aren't real at all. I have a particular interest in this because my English name – Cindy – isn't exactly in vogue these days. You might think this is a bit of a trivial question, but I think the question of English names goes deeper than just some odd words. I think these names reveal something about the China that gave rise to them. So I was pleased to come across another China watcher recently who is also obsessed by the question. Peter Hessler is an award winning journalist whose 2001 book River Town was highly influential for its depiction of life in a changing China. I spoke to him recently upon the publication of his latest book, Other Rivers. Tune in to hear where I also reveal the origins of my English name.

Why do so many Chinese people choose such curious English names? You must have come across this phenomenon – whether they are names from a past century, or surnames, nouns or even adjectives used as first names, or words that aren't real at all. I have a particular interest in this because my English name – Cindy – isn't exactly in vogue these days. You might think this is a bit of a trivial question, but I think the question of English names goes deeper than just some odd words. I think these names reveal something about the China that gave rise to them. So I was pleased to come across another China watcher recently who is also obsessed by the question. Peter Hessler is an award winning journalist whose 2001 book River Town was highly influential for its depiction of life in a changing China. I spoke to him recently upon the publication of his latest book, Other Rivers. Tune in to hear where I also reveal the origins of my English name.

Peter's new book, Other Rivers: A Chinese Education ... Have Chinese people become less hostile to America? ... What Americans get wrong about China ... Why Peter thinks Covid didn't come from a lab ... China's transformative recent decades ... Respect for authority in Chinese culture ... Change in China between Peter's two teaching stints there ... Why the Chinese political system may change dramatically ...

Peter's new book, Other Rivers: A Chinese Education ... Have Chinese people become less hostile to America? ... What Americans get wrong about China ... Why Peter thinks Covid didn't come from a lab ... China's transformative recent decades ... Respect for authority in Chinese culture ... Change in China between Peter's two teaching stints there ... Why the Chinese political system may change dramatically ...

Our guest this month is renowned writer Peter Hessler, a staff writer at The New Yorker and author of five books about China, most recently Other Rivers: A Chinese Education, published earlier this year by Penguin Press. In the book, Hessler details his most recent stint living in China, teaching writing at Sichuan University in Chengdu from 2019 to 2021. Hessler talked to us about how the new generation of Chinese students differ from those he taught in the late 1990s; his experiences of Covid in 2020; the circumstances in which he left China in 2021; and the uncertain future of China writing.The China Books Podcast is a companion of China Books Review, a project of Asia Society's Center on U.S.-China Relations and The Wire, a digital business platform that also publishes The Wire China. For any queries or comments, please write to editor@chinabooksreview.com.

In 1996, when Peter Hessler first went to China to teach, almost all of his students were first-generation college students. Most came from large rural families, and their parents, subsistence farmers, could offer little guidance as their children entered a new world. By 2019, when Mr. Hessler arrived at Sichuan University, he found a very different China, as well as a new kind of student – an only child whose schooling was the object of intense focus from a much more ambitious cohort of parents.     China's education system offers a means of examining the country's past, present, and future.  At a time when anti-Chinese rhetoric in America has grown intense, Other Rivers is a work of empathy that shows us China from the inside out and the bottom up.   In an interview conducted on August 6, 2024, Peter Hessler, in conversation with Lenora Chu, looks at Chinese education as a way to understand both China and the United States.  About the speakers: https://www.ncuscr.org/video/peter-hessler-other-rivers/  Follow Peter Hessler on X: @peterhessler  Follow Lenora Chu on X: @LenoraChu  Subscribe to the National Committee on YouTube for video of this interview. Follow us on Twitter (@ncuscr) and Instagram (@ncuscr).

(0:00) Intro.(1:05) About the podcast sponsor: The American College of Governance Counsel.(1:52) Start of interview. (2:28) Thompson's origin story.(3:42) His startup work at Quizlet (joined a 5 person team) and Stripe (from 2k to 8k employees). Joined Anthropic in early 2023.(6:25) On China-US relations, and the course he teaches at Vanderbilt Law School: Emerging Technologies, Law, and U.S.-China Competition.(11:04) On startup incorporations, Delaware, and other thoughts for entrepreneurs. Reference to Stripe Atlas.(14:18) Unveiling the AI investment landscape. Increase in capital and talent in AI technologies. "Companies at the frontier of building LLMs: Anthropic, OpenAI, Alphabet and Meta."(19:15) On the international AI landscape. China wanting to overcome its "century of humiliation."(21:55) Origin story and mission of Anthropic. The eight founders left OpenAI in 2021. Claude 3.5 Sonnet.(26:14) Anthropic's Public Benefit Corporation (PBC) and Long Term Benefit Trust (LTBT) model.(29:24) How to think about AI and its paradigm shift for corporate directors.(31:05) Claude products for consumers and enterprise.(33:36) On the future of work with impact of AI.(35:17) San Francisco's evolving role as a global tech hub.(37:37)  Is AI overhyped or underhyped? "The impact of AI will be somewhere between the internet platform shift to the next industrial revolution (...) and if the next internet is kind of the lower bound of the impact AI will have on society and the economy and technology more broadly, then that's a pretty significant impact."(40:05) On the "stay private vs go public" debate.(42:48) More thoughts for directors on AI. Prof Ethan Mollick: "The AI you're using today is the worst AI you will ever use." (43:48) Books that have greatly influenced his life: The Children, by David Halberstam (1998)Oracle Bones by Peter Hessler (2006)All Quiet on the Western Front by Erich Maria Remarque (1929)(46:42)  His mentors. Chris Klein and Dan Crittenbrink (State Department). Chip Blacker (Stanford).(47:53) Quotes that he thinks of often or lives his life by.(48:40) An unusual habit or absurd thing that he loves: Antique maps and running everyday.(50:28)  The living person he most admires.Thompson Paine is the head of business operations at Anthropic, one of the leading AI companies in San Francisco. You can follow Evan on social media at:Twitter: @evanepsteinLinkedIn: https://www.linkedin.com/in/epsteinevan/ Substack: https://evanepstein.substack.com/__You can join as a Patron of the Boardroom Governance Podcast at:Patreon: patreon.com/BoardroomGovernancePod__Music/Soundtrack (found via Free Music Archive): Seeing The Future by Dexter Britain is licensed under a Attribution-Noncommercial-Share Alike 3.0 United States License

Few Americans know contemporary China better than Peter Hessler. The author of four prize winning books about life in China as well as the former China correspondent of the New Yorker, Hessler originally came to China as a Peace Corps volunteer in 1996 and has been writing about the day-to-day life of the country ever since. In contrast with the geopolitical crowd with their bellicose nonsense about the totalitarian evils of Xi's China, Hessler, whose twin daughters were educated in a local state-run elementary school, has spent the last quarter century talking with ordinary Chinese people about ordinary things. In his latest book, Other Rivers: A Chinese Education, Hessler offers intimate narrative about two generations of students in China's heartland. In an America unthinkingly preoccupied with the “China threat”, Hessler provides an accurate window onto real life in this much misunderstood country. Peter Hessler is a staff writer at The New Yorker, where he served as Beijing correspondent from 2000 to 2007, Cairo correspondent from 2011 to 2016, and Chengdu correspondent from 2019 to 2021. He is the author of The Buried, which was a finalist for the National Book Critics Circle Award; River Town, which won the Kiriyama Prize; Oracle Bones, which was a finalist for the National Book Award; Country Driving; and Strange Stones. He won the 2008 National Magazine Award for excellence in reporting, and he was named a MacArthur Fellow in 2011.Named as one of the "100 most connected men" by GQ magazine, Andrew Keen is amongst the world's best known broadcasters and commentators. In addition to presenting KEEN ON, he is the host of the long-running How To Fix Democracy show. He is also the author of four prescient books about digital technology: CULT OF THE AMATEUR, DIGITAL VERTIGO, THE INTERNET IS NOT THE ANSWER and HOW TO FIX THE FUTURE. Andrew lives in San Francisco, is married to Cassandra Knight, Google's VP of Litigation & Discovery, and has two grown children. This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit keenon.substack.com/subscribe

Foreign correspondent Peter Hessler taught in China during the country's economic boom in the 1990s, which he wrote about in his book River Town. Now, in Other Rivers, Hessler breaks down what it was like to teach there again more than two decades later. In today's episode, he and NPR international correspondent Emily Feng talk about what changed — and what stayed the same — with a new generation of students in China and how covering the country remains a challenge for so many writers and journalists. To listen to Book of the Day sponsor-free and support NPR's book coverage, sign up for Book of the Day+ at plus.npr.org/bookofthedayLearn more about sponsor message choices: podcastchoices.com/adchoicesNPR Privacy Policy

Happy publication day to Other Rivers by Peter Hessler! Listen to editor Scott Moyers share backstory on the book, and stay tuned for a reading from the audiobook.About the book: An intimate and revelatory account of two generations of students in China's heartland, by an author who has observed the country's tumultuous changes over the past quarter century.Read more: https://penguinrandomhouse.com/books/734501/other-rivers-by-peter-hessler/Follow us online—Website: https://www.penguin.com/penguin-press-overview/ Instagram: https://www.instagram.com/penguinpress/ Twitter: https://twitter.com/penguinpress TikTok: https://www.tiktok.com/@thepenguinpress Facebook: https://www.facebook.com/PenguinPress/ LinkedIn: https://www.linkedin.com/showcase/10489701/admin/feed/posts/

This week on Sinica, the highly-regarded writer Peter Hessler joins to talk about his new book, out July 9: Other Rivers: A Chinese Education. Over 20 years after teaching with the Peace Corps in Fuling (the subject of his first book, Rivertown, Pete returns to China to teach at Sichuan University in Chengdu. He writes about the two cohorts of students, with whom he has maintained extensive contacts, to offer fascinating insights into how China has changed across this momentous period with touching, deeply human stories. 3:47 – Why Pete couldn't teach in Fuling again6:56 – How Pete stayed in touch with his Fuling cohort 9:46 – Pete's SCUPI [(Sichuan University-Pittsburgh Institute)] cohort 13:51 – Pete's Fuling cohort 19:35 – Chinese rural values: pragmatism and modesty23:08 – The physical and psychological differences between the Fuling and Chengdu cohorts 29:32 – “Educated acquiescence” in the Chinese education system 35:07 – The Hessler family's experience with Chengdu Experimental Primary School43:04 – The impending lack of “Country feel,” and Pete's sense of humor 47:02 – Facing criticism over his reporting during the pandemic 52:13 – Pete's experience being jǔbào'ed and teaching Orwell's Animal Farm 59:01 – Pete's take on the COVID origins debate1:02:10 – Competition and authoritarianism in China, and the phenomenon of Chinese and Chinese American Trump supporters 1:06:57 – Serena's investigation for Chángshì and why Pete's contract was not renewed 1:15:28 What's next for Pete Recommendations:Pete: Burma Sahib by Paul Theroux, a forthcoming novel about George Orwell's time in Burma as a policeman; Burmese Days by George Orwell Kaiser: the Meta Quest VR headset See Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

This week on Sinica I'm delighted to bring you a live conversation with writer Peter Hessler, recorded at Duke University's Nasher Auditorium in Durham, North Carolina on November 10, 2023. The event was sponsored by the Duke Middle East Studies Center and the Asian Pacific Studies Institute, and was titled "Modern Revolutions in Ancient Civilizations."Peter, known for both his trilogy of books written in China — Rivertown, Oracle Bones, and Country Driving — as well as for his reporting for The New Yorker, talks about how his years in China gave him perspective when living in Cairo and writing about Egypt during the Arab Spring. His book on Egypt, The Buried: An Archaeology of the Egyptian Revolution, was made richer for me by the comparisons and contrasts with China threading throughout.Special thanks to Griffin Orlando of the Middle East Study Center and Alex Nickley from the Asia Pacific Studies Institute, and Ralph Litzinger from Duke Anthropology.6:27 – What Peter's China experience brought to his writing on China — and vice-versa9:45 – Contrasting the Chinese and Egyptian revolutions18:37 – Revolution in thinking in Egypt and China35:49 – Peter on his approach to the craft of reporting and writing51:47 – Peter's work in China as a longitudinal cohort study — and what it reveals so far58:03 – A preview of Peter's forthcoming book, Other RiversRecommendations:Peter: Gerald Durrell, My Family and Other Animals is one of the booksKaiser: Kenneth W. Harl's book Empires of the Steppes: A History of the Nomadic Tribes Who Shaped Civilization.See Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

Chapter 1 What's Country Driving Book by Peter Hessler"Country Driving: A Journey Through China from Farm to Factory" is a book written by Peter Hessler. Published in 2010, the book is a combination of memoir and travelogue as Hessler explores the various aspects of China's rapid development and transformation through his experiences of driving across the country. The book is divided into three parts. The first part focuses on Hessler's journey through the rural areas of Sichuan Province, where he learns about the challenges faced by the Chinese farmers and the impact of government policies on their lives. The second part takes the readers to the industrial city of Lishui in Zhejiang Province, where Hessler looks into the lives of factory workers and the consequences of China's manufacturing boom. Lastly, the third part examines the changes brought by the construction of the new highway system in China, along with the cultural and social implications."Country Driving" has been praised for its insightful portrayal of China's economic development and its effects on the lives of ordinary Chinese people. Hessler's writing captures the nuances of Chinese society and offers a unique perspective on the changes taking place in the country.Chapter 2 Is Country Driving Book A Good BookCountry Driving: A Journey Through China from Farm to Factory is a highly acclaimed book by Peter Hessler. It offers an insightful exploration of China's rapid development and transformation through the experiences of its people. Many readers and critics have praised the book for its engaging storytelling, in-depth research, and cultural analysis. Overall, if you are interested in understanding China's social and economic changes, and enjoy well-written non-fiction, Country Driving is likely to be a good book for you.Chapter 3 Country Driving Book by Peter Hessler Summary"Country Driving" is a book written by Peter Hessler, an American journalist and writer, published in 2010. The book primarily focuses on Hessler's experiences living and traveling in China, particularly the changes and challenges faced by Chinese society due to the rapid development of the country's road and transportation systems.The book is divided into three parts. The first part, titled "The Wall," centers around Hessler's experience in a rural village in northern China where he rented a house and learned to drive. He describes the local culture, customs, and the impact of the construction of the Great Wall on the community. He also provides insights into the challenges faced by rural Chinese as they adapt to the changes brought by economic and infrastructural development.The second part, titled "The Village," focuses on Hessler's time in Sancha, a village located close to Beijing. Here, he explores the effects of urbanization and migration on rural communities. Hessler visits local businesses and profiles the lives of individuals who have left their homes to seek work in the city. He provides a nuanced view of the increasing wealth disparity and cultural shifts occurring in China.The final part, titled "The Factory," takes place in Zhejiang Province, where Hessler investigates the factory industry and its impact on Chinese society. He works in a factory and interviews factory workers to shed light on their experiences, motivations, and struggles. He delves into the complexities of the manufacturing industry, including foreign investment, labor rights, and environmental concerns.Throughout the book, Hessler weaves in personal anecdotes and observations, portraying a vivid picture of the rural and industrial landscapes of China. He explores themes of economic growth, social change, and the clash between tradition and modernity in the lives of...

“The Chinese people had invented the compass, paper, the printing press, gunpowder, the seismograph, the crossbow, and the umbrella; they had sailed to Africa in the fifteenth century; they had constructed the Great Wall; over the past decade they had built their economy at a rate never before seen in the developing world. They could return a rental car with exactly three-eighths of a tank of gas, but filling it was apparently beyond the realm of cultural possibility.” Welcome back to another episode of Made You Think! In this episode, we're covering Country Driving, a captivating memoir by Peter Hessler that explores the transformation of China through the lens of its rapidly changing roadways and the people who navigate them.  We cover a wide range of topics including: The modernization of Chinese infrastructure Negotiation culture in China Exceptionalism and believing your culture is superior The most popular automobiles in America How conditions for laborers have gotten so bad And much more. Please enjoy, and make sure to follow Nat, Neil, and Adil on Twitter and share your thoughts on the episode. Links from the Episode: Mentioned in the Show: Slate Star Codex reddit thread (0:32) Dan Carlin's Hardcore History (2:48) Monthly car payments in America (42:35) 2022's best selling cars (46:05) Books Mentioned: The Fish That Ate the Whale (0:11) (Nat's Book Notes) Energy and Civilization (5:42) (Nat's Book Notes) On China (21:52) Cobalt Red (28:57) The Dictator's Handbook (36:15) (Nat's Book Notes) People Mentioned: Sam Bankman-Fried (0:39) Dan Carlin (2:48) Henry Kissinger (21:51) Show Topics: (0:00) There are some books that can arguably be just a blog post, but we feel this is not the case for Country Driving. (3:35) Country Driving gives insight to what 'Made in China' means, as we often don't consider the human labor side of the items we own. (6:59) While there are large amounts of ambition and hustle in Chinese culture, is it sustainable and truly for the good of the individual, or is it simply for their own survival?  (9:16) “In China, much of life involves skirting regulations, and one of the basic truths is that forgiveness comes easier than permission.” The central government in China and how enforcement happens moreso on the group level. We also discuss whether people throughout the world are innately the same and how our culture plays a role in how we act under certain circumstances.  (15:33) Negotation culture in China and the patience it takes to draw decisions out until the last possible second. Nearly everything is a negotiation in China, whereas in America, there isn't a whole lot of negotiation. (20:56) Invasion of the Mongols headed by Genghis Khan. As different groups arrived to China, they eventually got absorbed into the current culture. (24:26) One of China's strengths is the ability to absorb outside cultures. As new figures came into power, they adopted the previous regimes. We also talk about what exceptionalism means in America. (28:00) During China's modernization projects, many workers would be working for just a few instant noodle packets per day. As states become more technologically adept, they continue to mistreat people and extract money from them while also being able to discard the evidence. (33:41) Is it right or wrong to invade a country that's aggressively using slave labor to harness its natural resources? Though it's nation building, it also is an invasion on human rights. (39:31) The driving laws and norms in China are different than in the US- From their communication through honking to the lanes they use for turning. (43:11) Why cities in China have their hands tied when it comes to financing.  (48:13) That concludes this episode, thanks for listening! If this episode intrigued you, make sure to pick up a copy of Country Driving and stay tuned for our next episode. If you enjoyed this episode, let us know by leaving a review on iTunes and tell a friend. As always, let us know if you have any book recommendations! You can say hi to us on Twitter @TheRealNeilS, @adilmajid, @nateliason and share your thoughts on this episode. You can now support Made You Think using the Value-for-Value feature of Podcasting 2.0. This means you can directly tip the co-hosts in BTC with minimal transaction fees. To get started, simply download a podcast app (like Fountain or Breez) that supports Value-for-Value and send some BTC to your in-app wallet. You can then use that to support shows who have opted-in, including Made You Think! We'll be going with this direct support model moving forward, rather than ads. Thanks for listening. See you next time!

"First, it's important to remember that merit beliefs aren't necessarily true, nor are crony beliefs necessarily false. What distinguishes the two concepts is how we're rewarded for them: via effective actions or via social impressions. The best we can say is that merit beliefs are more likely to be true." Welcome back to another episode of Made You Think! This week, we're talking about Kevin Simler's popular Essay: Crony Beliefs. Our beliefs are essentially divided into merit beliefs and crony beliefs. We talk about the many reasons we hold our beliefs, whether it's for accuracy, showing off, or blending in. We cover a wide range of topics including: Key distinctions between Meritocracy and Cronyism The different agendas that we accomplish through our belief system  Autonomy and individual decision making in the US vs. other countries How crony beliefs show up in the medical field, diet culture, and more What does it take to overturn a belief? And much more. Please enjoy, and make sure to follow Nat, Neil, and Adil on Twitter and share your thoughts on the episode. Links from the Episode: Mentioned in the Show: Listen Notes (0:15) Hardcore History (Dan Carlin) (2:10) Castro podcast app (2:26) Huberman Lab podcast (3:39) Outside the System (6:53) The Danny Miranda podcast (7:53) Books Mentioned: The Elephant in the Brain (9:39) (Nat's Book Notes) Country Driving (40:13) Where Is My Flying Car? (54:03) Atomic Habits (1:03:27) (Nat's Book Notes) People Mentioned: Dan Carlin (2:10) Joe Rogan (5:26) Danny Miranda (7:53) Matt Mullenweg (11:06) Charlie Munger (1:06:28) Show Topics: (0:00) According to Listen Notes, we're in the top 1% of podcasts! We open the show by talking about podcast stats and the main challenge podcasts face that makes it hard for the show to grow.  (4:42) Differences between podcasts put out by independent creators vs. content distribution companies. (8:33) Today, we're discussing Crony Beliefs by Kevin Simler. He talks about using beliefs as tools or ‘employees'. You have beliefs that you believe in for true reasons, but there are also crony beliefs which you may hold for social or political benefit.  (13:52) We have agendas that we accomplish through our beliefs as they fulfill different reward systems. With Cronyism, we're less concerned about the accuracy of our belief so long as we make the right impression on others.  (20:37) Crony beliefs thrive in areas of ambiguity. However, it's important to note that merit beliefs aren't always true in the same way that crony beliefs aren't always false. The distinction comes from how we're rewarded for our belief and why you believe in it. (24:12) Conspicuousness and standing out so you can be visible to others. It can be hard to tell when someone is sharing something out of the human desire to share and add value, or whether it's for self-justification purposes. (28:24) There are collections of ideas or rules where as a whole, we feel that we all need to agree on it. We go into the example of traffic laws. Conflicts arise when some groups think an idea has to be mandated whereas some people feel that it's okay ‘as long as it's not hurting anyone'. (32:06) How something as simple as a traffic light can mean something different in different places in the world. Is it to be obeyed 100% or just for guidance in preventing accidents? (40:08) The US prides itself on democracy, but the individual decision making and autonomy is lower than it is in many other cultures. (47:03) Crony beliefs in the medical field. Many times, it feels riskier to change a belief than to keep going with the current one you have. (49:21) From the outside, it's difficult to discern what a crony belief is. When it comes time to challenge or change a crony belief, if often would take a large event. Small, gradual changes wouldn't push the dial enough. (54:26) The best way to see if you believe something: Are you willing to test it?  (58:01) The word 'crony' has a negative connotation, but they're not always bad beliefs to have. We talk about why life wouldn't be better if we only had meritocratic beliefs. (1:05:24) Could there be a level between crony and merit beliefs? There are many beliefs that are aspirational and positive, but not necessarily true. (1:09:01) We discuss the level of overlap between Kevin Simler's essay on crony beliefs and his book, The Elephant in the Brain. The book is all about the hidden motives that we have, and how we have thoughts that we don't want to acknowledge, yet they drive our behavior. (1:16:45) Harry Potter, Fast and Furious, and Lord of the Rings. Why it's easier to gain traction from remakes and sequels than a whole new story altogether.  (1:20:43) That wraps up this episode! Next up, we'll be reading Country Driving by Peter Hessler. Make sure to pick up a copy of the book if you want to read along with us before the next episode. If you enjoyed this episode, let us know by leaving a review on iTunes and tell a friend. As always, let us know if you have any book recommendations! You can say hi to us on Twitter @TheRealNeilS, @adilmajid, @nateliason and share your thoughts on this episode. You can now support Made You Think using the Value-for-Value feature of Podcasting 2.0. This means you can directly tip the co-hosts in BTC with minimal transaction fees. To get started, simply download a podcast app (like Fountain or Breez) that supports Value-for-Value and send some BTC to your in-app wallet. You can then use that to support shows who have opted-in, including Made You Think! We'll be going with this direct support model moving forward, rather than ads. Thanks for listening. See you next time!

“Your unhappiness cannot be blamed on your past or your environment. And it isn't that you lack competence. You just lack courage. One might say you are lacking in the courage to be happy.” Welcome back to another episode of Made You Think! This week, we're diving into The Courage to Be Disliked by Ichiro Kishimi and Fumitake Koga. This book is full of wisdom, challenging you to free yourself from the expectations placed on you by others so you can achieve happiness. We cover a wide range of topics including: Pledging loyalty to yourself How "Insta-therapy" can be simultaneously hurtful and helpful When not to give unsolicited advice Are all problems interpersonal problems? Having the courage to follow through on your ideas And much more. Please enjoy, and make sure to follow Nat, Neil, and Adil on Twitter and share your thoughts on the episode. Links from the Episode: Mentioned in the Show: The End of Medicine (29:40) The Game Changers (29:48) What is a Spoonie? (38:40) Hurts So Good (40:36) Books Mentioned: The Subtle Art of Not Giving a F*ck (3:17) (Nat's Book Notes) How I Found Freedom in an Unfree World (10:19) Finite and Infinite Games (21:55) (Nat's Book Notes) King, Warrior, Magician, Lover (22:03) Antifragile (46:47) (Nat's Book Notes) Turning Pro (55:57) (Nat's Book Notes) Shadow Divers (56:54) People Mentioned: Alfred Adler (5:38) Will Durant (10:03) Harry Browne (10:18) Nassim Taleb (46:26) Steven Pressfield (55:55) Show Topics: 2:10) On today's episode, we're discussing The Courage to Be Disliked. Written by two Japanese authors, the book is a conversation between a German philosopher and a young man teaching that the past doesn't control you, as you have ownership over your life and your actions. (7:16) Insta-therapy; social media posts all about therapy and unpacking trauma. While it can be helpful and informational, there can be some downside to it, too. When it comes to therapy, there's a difference between unpacking your life and taking action on it. (12:29) The book talks about lifestyles and how it's something that we can choose at any point in our life. (15:17) Everything you experience is in context of other people. Separation of tasks: Don't try to do somebody's tasks for them. "A parent suffering over the relationship with his or her child will tend to think, 'My child is my life.' In other words, the parent is taking on the child's task as his or her own, and is no longer able to think about anything but the child. When at last the parent notices it, the ‘I' is already gone from his or her life. However, no matter how much of the burden of the child's task one carries, the child is still an independent individual." (23:23) Unsolicited feedback. You can usually tell if someone's feedback is sincere or if it's for their own benefit. (29:54) Vegan diet vs. standard American diet, and how elimination diets are a way to see how your body reacts and what you're sensitive to.  (34:15) Once we took lead out of gasoline, violent crime rates and other factors went down tremendously. The "Spoonie" community.  (40:46) When you identify with a group, you may tend to believe in all related ideas or beliefs in order to stay a part of that group, even if the ideas are questionable. (42:54) The way the book frames ambition and how you shouldn't be seeking recognition. By being ambitious, you can contribute to more people.  (45:27) Nat, Neil, and Adil discuss the title of the book and their interpretations of it. It's impossible to get everyone like you. If you aren't disliked, you're restricting your behavior to receive a more favorable outcome, but are you really free?  (51:34) Pledging loyalty to yourself and recognizing that you can't please everybody. (54:14) When you think you can't do something, it's often because you lack the courage to follow through on it. You can't fail if you don't start, and that can prevent you from taking action. (56:34) That wraps up this episode! Next up, we'll be covering Country Driving by Peter Hessler so make sure to pick up a copy and read along with us before our next episode. If you enjoyed this episode, let us know by leaving a review on iTunes and tell a friend. As always, let us know if you have any book recommendations! You can say hi to us on Twitter @TheRealNeilS, @adilmajid, @nateliason and share your thoughts on this episode. You can now support Made You Think using the Value-for-Value feature of Podcasting 2.0. This means you can directly tip the co-hosts in BTC with minimal transaction fees. To get started, simply download a podcast app (like Fountain or Breez) that supports Value-for-Value and send some BTC to your in-app wallet. You can then use that to support shows who have opted-in, including Made You Think! We'll be going with this direct support model moving forward, rather than ads. Thanks for listening. See you next time!

This episode describes an academic career path as a China watcher with a strong focus on Young China, the Post-90s generation, and Chinese companies going global. 1) Why is Fluent Chinese so important to a flexpat career? 2) How can you start an academic career as a China watcher? 3) How do you make a living as a China watcher? 4) How are Chinese companies going global, do they hire flexpats? 5) What is the key to success for flexpats in the next decade? Zak Dychtwald is the author of the critically acclaimed Young China: How the Restless Generation Will Change Their Country and the World and founder of the market insights firm, Young China Group. A fluent mandarin speaker with a decade in China, Zak is an expert in dissecting the intersection between China's evolving identity, the economy, and consumer trends. Zak has been invited to share his expertise with audiences on six continents at events such as the Wall Street Journal CEO Council Summit, Aspen Ideas Festival, and Google Talks, as well as for major financial institutions and global brands. He is a contributor to Harvard Business Review and his work is frequently cited in The Wall Street Journal, Bloomberg, The Atlantic, The Washington Post, BBC, Fortune, Barron's, and others. Zak started out in China only because of a love of Science Fiction and a want to see where people were saying the future was unfolding. Based in Chengdu, he became fixated on the gap between how China was perceived back home in the US and what he was seeing and experiencing on the ground. Find Zak's recent video with Harvard Business Review on "China's New Innovation Advantage" or his TEDx talk here. https://www.youtube.com/watch?v=ump7Kge05ZE https://www.youtube.com/watch?v=myChmWNbBQc Website: www.youngchinagroup.com; www.zakdychtwald.com LinkedIn: Zak Dychtwald You might also want to check out Peter Hessler, his book River town is really well-known in China writing circles. We recommend the following episodes to get more input on learning Chinese, working for Chinese companies, or working in consulting: 75 Learn Chinese 99 Work for Chinese companies abroad And some more: 31 Work for Chinese company in China 31 Work for Chinese company abroad 39 How to differentiate from Chinese professionals 43 Work at Alibaba 54 Work at Alibaba 65 Work in Consulting __________________ About learning Chinese (by Sofia and Francis): The next episode will be a LIVE webinar, recorded on Thursday, January 12 at 9 pm Chinese Time. Please contact Francis on Wechat: Flexpat2020, to join this episode. Warmly invited! The ZOOM dial-ins are: Meeting ID: 860 0921 7545 Passcode: 4689330 Contrary to popular belief, mastering Chinese doesn't have to be a slow, hard process. Our book "Chinese On Your Terms" gives you access to the big picture of learning Chinese. Find your WHY. Take Action. You can get the eBook on Amazon for 9,99 EUR. In case you prefer a printed version in China, you can reach out to Francis The book can be sent by SF express within China for 100 RMB.

Taiping Movement Gets Started In this episode, we talk about Hong Xiuquan's first preaching journey and the formalization of the Taiping religious elements. We meet Hong Rengan and Feng Yunshan, two core members of the Taiping movement's inner circle. First Preaching Journey to Guangxi After they started getting some opposition at home, Hong Xiuquan and friends decided to go west to Guangxi, a very rural, very rugged, very underdeveloped area of China. Hong started writing his own tracts and carefully cast his teachings in Chinese terms. Chinese literary allusions, Chinese culture, Chinese examples. He was there for five months before going back to his home village. One thing we'll see is the importance of rivers for travel in China. It's a road right there for you, as long as it's deep enough for the boat. Feng Yunshan Goes to Thistle Mountain Feng Yunshan split off from Hong and went on his own preaching tour to the impoverished Thistle Mountain area. This area will be where they have their next sessions of visions and where they will make converts who will provide the core of the Taiping armies. Revolutions often appeal to the dispossessed and those on the fringes. This was very much Thistle Mountain. Book Recommendation  River Town by Peter Hessler. If you want a look at China in the 1990s and a look at what it's like to live in some of the more rugged areas of China. The way you get to another town is by river. The hills are very steep. This is exactly the sort of terrain the Taiping Rebellion will be moving through. If You'd Like to Support the Podcast Subscribe, share, leave a rating. Give once, give monthly at www.buymeacoffee.com/crpodcast Subscribe to the substack newsletter at https://chineserevolutions.substack.com/ Also... Please reach out at chineserevolutions@gmail.com and let me know what you think!

This week on Sinica, Kaiser is joined by Mark Leonard, founder and director of the European Council on Foreign Relations and author most recently of The Age of Unpeace: How Connectivity Causes Conflict. Mark talks about how despite the bright promise that increasing connectedness — whether in trade, telecommunications, or movements of individuals — would usher in a world of better mutual understanding and enduring peace, the reality is that this connectedness has made the world more fractured and fractious. He explains how the three "empires of connectivity" — the U.S., China, and the EU — each leverage their extensive connectivity to advance their own interests. He also unpacks his assertion that the world is coming to share China's longstanding ambivalence toward connectedness.1:05 – Kaiser tells how researching an abortive book project presaged Mark's conclusion that familiarity can breed contempt7:58 – How Mark came to be a deep ambivalence about connectivity16:03 – The three "empires of connectivity" and how they leverage or weaponize connectivity31:41 – How all the connected empires are taking on "Chinese characteristics"41:41 – How the Russo-Ukrainian War fits into Mark's framework in the book51:49 – Chinese intellectuals and the shift in their thinkingA full transcript of this interview is available on SupChina.com.Recommendations:Mark: Chinese Hegemony: Grand Strategy and International Institutions in East Asian History by Zhang FengKaiser: "A Teacher in China Learns the Limits of Free Expression," the latest piece by Peter Hessler in The New Yorker; and the Israeli spy thriller Tehran on AppleTV.See Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

What do we know about Chinese nationalism? Do nationalistic sentiments manifest differently among different demographic groups, as is often the case in Western democratic countries? What kinds of global situations can provoke bouts of nationalism? And to what extent does grassroots nationalism influence China's foreign policy? We explore these questions with this week's guest, Peter Gries, Professor of Chinese Politics at the University of Manchester, and the Lee Kai Hung Chair of the Manchester China Institute.  “Nationalism, Social Influences, and Chinese Foreign Policy” in China and the World. Shambaugh, D. (ed.). Oxford University Press, 2021.China's New Nationalism: Pride, Politics, and Diplomacy, University of California Press, 2004.Peter Hessler. "A Teacher in China Learns the Limits of Free Expression," The New Yorker, May 16, 2022

China's “zero COVID” strategy has brought the bustling metropolis of Shanghai to a standstill, with many of its twenty-five million residents sealed in their homes. These exceptionally strict measures are being met with some public resistance, but Xi Jinping's government has largely doubled down on its approach. Peter Hessler has been in and out of China for twenty-five years. He recently returned from two years of teaching and writing in Sichuan Province. His experience led him to a conclusion that may surprise some Americans: that, for many young people in China, the experience of the pandemic has reinforced “a general idea that the benefits of the Chinese system greatly outweigh its flaws.” And, even if people resent heavy-handed government control, they also bristle when outsiders criticize it. Hessler joins guest host Evan Osnos to talk about teaching in China and how the pandemic has reshaped the public's views about the government.

Re-Orienting China: Travel Writing and Cross-Cultural Understanding (U Regina Press, 2016) challenges the notion of the travel writer as imperialistic, while exploring the binary opposition of self/other. Featuring analyses of rarely studied writers on post-1949 China, including Jan Wong, Jock T. Wilson, Peter Hessler, Leslie T. Chang, Hill Gates, and Yi-Fu Tuan, Re-Orienting China demonstrates the transformative power of travel, as it changes our preconceived notions of home and abroad. Drawing on her own experience as a Chinese expat living in Canada, Leilei Chen embraces the possibility of productive cross-border relationships that are critical in today's globalized world. Leilei Chen is a literary translator, bilingual writer, instructor, and researcher. She published the Mandarin version of Steven Grosby's Nationalism: A Very Short Introduction (Oxford University Press) with Nanjing's Yilin Press in 2017 and Hong Kong's Oxford University Press in 2020. She is the author of Re-orienting China: Travel Writing and Cross-cultural Understanding (University of Regina Press, 2016). Her poetry and prose translations, and poetry and personal essays appear in literary anthologies such as Home: Stories Connecting Us All (Embracing Multicultural Community Development, 2017), Looking Back, Moving Forward (Mawenzi House, 2019), Beyond the Food Court: An Anthology of Literary Cuisines (Laberinto Press, 2020); as well as in journals and magazines in Canada and beyond. She teaches at the Department of English and Film Studies at the University of Alberta and serves as Vice President (West Canada) of the Literary Translators Association of Canada. Clara Iwasaki is an assistant professor in the East Asian Studies department at the University of Alberta. Learn more about your ad choices. Visit megaphone.fm/adchoices Support our show by becoming a premium member! https://newbooksnetwork.supportingcast.fm/geography

Re-Orienting China: Travel Writing and Cross-Cultural Understanding (U Regina Press, 2016) challenges the notion of the travel writer as imperialistic, while exploring the binary opposition of self/other. Featuring analyses of rarely studied writers on post-1949 China, including Jan Wong, Jock T. Wilson, Peter Hessler, Leslie T. Chang, Hill Gates, and Yi-Fu Tuan, Re-Orienting China demonstrates the transformative power of travel, as it changes our preconceived notions of home and abroad. Drawing on her own experience as a Chinese expat living in Canada, Leilei Chen embraces the possibility of productive cross-border relationships that are critical in today's globalized world. Leilei Chen is a literary translator, bilingual writer, instructor, and researcher. She published the Mandarin version of Steven Grosby's Nationalism: A Very Short Introduction (Oxford University Press) with Nanjing's Yilin Press in 2017 and Hong Kong's Oxford University Press in 2020. She is the author of Re-orienting China: Travel Writing and Cross-cultural Understanding (University of Regina Press, 2016). Her poetry and prose translations, and poetry and personal essays appear in literary anthologies such as Home: Stories Connecting Us All (Embracing Multicultural Community Development, 2017), Looking Back, Moving Forward (Mawenzi House, 2019), Beyond the Food Court: An Anthology of Literary Cuisines (Laberinto Press, 2020); as well as in journals and magazines in Canada and beyond. She teaches at the Department of English and Film Studies at the University of Alberta and serves as Vice President (West Canada) of the Literary Translators Association of Canada. Clara Iwasaki is an assistant professor in the East Asian Studies department at the University of Alberta. Learn more about your ad choices. Visit megaphone.fm/adchoices Support our show by becoming a premium member! https://newbooksnetwork.supportingcast.fm/chinese-studies

Re-Orienting China: Travel Writing and Cross-Cultural Understanding (U Regina Press, 2016) challenges the notion of the travel writer as imperialistic, while exploring the binary opposition of self/other. Featuring analyses of rarely studied writers on post-1949 China, including Jan Wong, Jock T. Wilson, Peter Hessler, Leslie T. Chang, Hill Gates, and Yi-Fu Tuan, Re-Orienting China demonstrates the transformative power of travel, as it changes our preconceived notions of home and abroad. Drawing on her own experience as a Chinese expat living in Canada, Leilei Chen embraces the possibility of productive cross-border relationships that are critical in today's globalized world. Leilei Chen is a literary translator, bilingual writer, instructor, and researcher. She published the Mandarin version of Steven Grosby's Nationalism: A Very Short Introduction (Oxford University Press) with Nanjing's Yilin Press in 2017 and Hong Kong's Oxford University Press in 2020. She is the author of Re-orienting China: Travel Writing and Cross-cultural Understanding (University of Regina Press, 2016). Her poetry and prose translations, and poetry and personal essays appear in literary anthologies such as Home: Stories Connecting Us All (Embracing Multicultural Community Development, 2017), Looking Back, Moving Forward (Mawenzi House, 2019), Beyond the Food Court: An Anthology of Literary Cuisines (Laberinto Press, 2020); as well as in journals and magazines in Canada and beyond. She teaches at the Department of English and Film Studies at the University of Alberta and serves as Vice President (West Canada) of the Literary Translators Association of Canada. Clara Iwasaki is an assistant professor in the East Asian Studies department at the University of Alberta. Learn more about your ad choices. Visit megaphone.fm/adchoices Support our show by becoming a premium member! https://newbooksnetwork.supportingcast.fm/literary-studies

Re-Orienting China: Travel Writing and Cross-Cultural Understanding (U Regina Press, 2016) challenges the notion of the travel writer as imperialistic, while exploring the binary opposition of self/other. Featuring analyses of rarely studied writers on post-1949 China, including Jan Wong, Jock T. Wilson, Peter Hessler, Leslie T. Chang, Hill Gates, and Yi-Fu Tuan, Re-Orienting China demonstrates the transformative power of travel, as it changes our preconceived notions of home and abroad. Drawing on her own experience as a Chinese expat living in Canada, Leilei Chen embraces the possibility of productive cross-border relationships that are critical in today's globalized world. Leilei Chen is a literary translator, bilingual writer, instructor, and researcher. She published the Mandarin version of Steven Grosby's Nationalism: A Very Short Introduction (Oxford University Press) with Nanjing's Yilin Press in 2017 and Hong Kong's Oxford University Press in 2020. She is the author of Re-orienting China: Travel Writing and Cross-cultural Understanding (University of Regina Press, 2016). Her poetry and prose translations, and poetry and personal essays appear in literary anthologies such as Home: Stories Connecting Us All (Embracing Multicultural Community Development, 2017), Looking Back, Moving Forward (Mawenzi House, 2019), Beyond the Food Court: An Anthology of Literary Cuisines (Laberinto Press, 2020); as well as in journals and magazines in Canada and beyond. She teaches at the Department of English and Film Studies at the University of Alberta and serves as Vice President (West Canada) of the Literary Translators Association of Canada. Clara Iwasaki is an assistant professor in the East Asian Studies department at the University of Alberta. Learn more about your ad choices. Visit megaphone.fm/adchoices Support our show by becoming a premium member! https://newbooksnetwork.supportingcast.fm/east-asian-studies

Re-Orienting China: Travel Writing and Cross-Cultural Understanding (U Regina Press, 2016) challenges the notion of the travel writer as imperialistic, while exploring the binary opposition of self/other. Featuring analyses of rarely studied writers on post-1949 China, including Jan Wong, Jock T. Wilson, Peter Hessler, Leslie T. Chang, Hill Gates, and Yi-Fu Tuan, Re-Orienting China demonstrates the transformative power of travel, as it changes our preconceived notions of home and abroad. Drawing on her own experience as a Chinese expat living in Canada, Leilei Chen embraces the possibility of productive cross-border relationships that are critical in today's globalized world. Leilei Chen is a literary translator, bilingual writer, instructor, and researcher. She published the Mandarin version of Steven Grosby's Nationalism: A Very Short Introduction (Oxford University Press) with Nanjing's Yilin Press in 2017 and Hong Kong's Oxford University Press in 2020. She is the author of Re-orienting China: Travel Writing and Cross-cultural Understanding (University of Regina Press, 2016). Her poetry and prose translations, and poetry and personal essays appear in literary anthologies such as Home: Stories Connecting Us All (Embracing Multicultural Community Development, 2017), Looking Back, Moving Forward (Mawenzi House, 2019), Beyond the Food Court: An Anthology of Literary Cuisines (Laberinto Press, 2020); as well as in journals and magazines in Canada and beyond. She teaches at the Department of English and Film Studies at the University of Alberta and serves as Vice President (West Canada) of the Literary Translators Association of Canada. Clara Iwasaki is an assistant professor in the East Asian Studies department at the University of Alberta. Learn more about your ad choices. Visit megaphone.fm/adchoices Support our show by becoming a premium member! https://newbooksnetwork.supportingcast.fm/new-books-network

Much has changed since China last hosted the Olympics, during the 2008 Summer Games. Those Games were widely seen as greatly improving China's international reputation. But the 2022 Winter Games have put a spotlight on its human-rights abuses, most notably the genocide taking place against Uyghurs and Kazakhs. The U.S. government and other nations are boycotting the games in a limited way, leaving government officials home while allowing their athletes to compete, to avoid a bitter disappointment like that in 1980, when America didn't compete in Moscow. The effect of these actions on China may be limited, but the tensions may be very difficult for athletes to navigate. Peter Hessler, for many years The New Yorker's China correspondent, asks David Remnick, “When an athlete says something about the internment camps in Xinjiang, and the oppression of Muslim people in China, what is the Chinese response going to be?” “The I.O.C. has really left them out there. The I.O.C. … basically just washed their hands of it. It's really up to the athletes,” he notes. “A lot of people I've talked to are very concerned about this.” At the same time, the sports reporter Louisa Thomas notes that these Games may garner little American support or attention. The delayed Tokyo Games last year “were already the least-watched Games in history,” and there are few big-name American athletes for NBC to promote. “I even have a lot of friends who have no idea there's about to be an Olympics,” Thomas says. “Which is extraordinary.”

Much has changed since China last hosted the Olympics, during the 2008 Summer Games. Those Games were widely seen as greatly improving China's international reputation. But the 2022 Winter Games have put a spotlight instead on its human-rights abuses, most notably the genocide taking place against Uyghurs and Kazakhs. Peter Hessler, for many years The New Yorker's China correspondent, asks David Remnick, “When an athlete says something about the internment camps in Xinjiang, and the oppression of Muslim people in China, what is the Chinese response going to be? The I.O.C. has really left them out there.” The sports reporter Louisa Thomas notes that these Games may garner little American support or attention, with few big-name American athletes for NBC to promote. “I even have a lot of friends who have no idea there's about to be an Olympics,” Thomas says. Plus, at the Beijing pizzeria Pie Squared, the owner, Asher Gillespie, glumly assesses the Olympics boom that isn't coming. With ticket sales halted and the events in a bubble, he says, “We're going to be watching from TV just like everybody else.” 

In view of the upcoming 2022 Winter Olympics (officially the XXIV Olympic Winter Games and commonly known as Beijing 2022) this interview is a repost.  In the summer of 2001, Peter Hessler, the longtime Beijing correspondent for The New Yorker, acquired his Chinese driver's license. For the next seven years, he traveled the country, tracking how the automobile and improved roads were transforming China. Hessler writes movingly of the average people—farmers, migrant workers, entrepreneurs—who have reshaped the nation during one of the most critical periods in its modern history. Country Driving begins with Hessler's 7,000-mile trip across northern China, following the Great Wall, from the East China Sea to the Tibetan plateau. He investigates a historically important rural region being abandoned, as young people migrate to jobs in the southeast. Next Hessler spends six years in Sancha, a small farming village in the mountains north of Beijing, which changes dramatically after the local road is paved and the capital's auto boom brings new tourism. Finally, he turns his attention to urban China, researching development over a period of more than two years in Lishui, a small southeastern city where officials hope that a new government-built expressway will transform a farm region into a major industrial center. Peter Hessler, whom The Wall Street Journal calls "one of the Western world's most thoughtful writers on modern China," deftly illuminates the vast, shifting landscape of a traditionally rural nation that, having once built walls against foreigners, is now building roads and factory towns that look to the outside world. Hessler, a native of Columbia, Missouri, studied English literature at Princeton and Oxford before going to China as a Peace Corps volunteer in 1996. His two-year experience of teaching English in Fuling, a town on the Yangtze, inspired , his critically acclaimed first book. After finishing his Peace Corps stint, Hessler wrote freelance pieces for  and the  before returning to China in 1999 as a Beijing-based freelance writer. There he wrote for newspapers like the , the  and the  before moving on to magazine work for  and the .

China has ambitious plans to compete in every winter sport and also to seed a new industry of recreational skiing and skating. The New Yorker's Peter Hessler was there in China to see it — and ski it. And, University of Chicago political scientist Robert Pape has pored over court documents over the past year to learn more about the Jan. 6 rioters. He discusses what he found.

This week, we bring you a selection of the best of our China Stories podcast. Launched in late January this year, it has published nearly 400 narrated pieces from the best English-language media outlets focused on China: Sixth Tone, Caixin Global, The Wire China, Protocol China, The World of Chinese, and Week in China — plus, of course, SupChina. The stories are read by Chinese-speaking narrators who won't badly mispronounce Chinese names and other words. If you enjoy this sampling, please make sure to subscribe to China Stories wherever you get your podcasts.3:04 – Peter Hessler's last class, published in Sixth Tone, written by He Yujia, and read by Elyse Ribbons25:07 – Luo Jialing, a.k.a. Liza Hardoon, and the height of global Shanghai, written by James Carter, published in SupChina, and read by John D. Van Fleet37:22 – Qianlong Emperor: The worst poet in Chinese history?, written by Sun Jiahui, published in The World of Chinese, and read by Cliff Larsen46:52 – Partners in profit, published by Week in China, and read by Sylvia Franke52:36 – Shot heard round the world: China's Olympic return, written by Sam Davies, published in The World of Chinese, and read by Sarah Kutulakos58:32 – China's culture wars, now playing on Bilibili, written by Shen Lu, published in Protocol China, and read by Kaiser Kuo1:07:23 – I sacrificed 16 years to the mines, as told to Gushi FM in Chinese by Chen Nianxi, translated by Nathaniel J. Gan, published in The World of Chinese, and read by Elyse Ribbons1:34:50 – Family values, excerpted from One Thousand Years of Joys and Sorrows, by Ai Weiwei, published in The Wire China, and read by Kaiser KuoSee Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

This is the unedited conversation with Michael Hilliard about Peter Hessler's book "River Town: Two Years on the Yangtze."

A conversation with Michael Hilliard about Peter Hessler's book "River Town: Two Years on the Yangtze."

“China is an amazingly diverse place in terms of food” - Jen Lin-LiuJen Lin-Liu is a journalist, memoirist and founder of Beijing based culinary school Black Sesame Kitchen. In this episode she talks about life as a journalist abroad and how she discovered cooking while writing her travel memoirs Serve the People and On the Noodle Road. Just before this episode was recorded Jen also opened her second restaurant, Qianmen Kitchen, inspired by her travels across Asia, The Middle East and Europe.Have a question or comment? Email us at themanifista@gmail.com.Topics discussed in this episode:Cooking and the Chinese Cuisine I was the typical Chinese-American kid, becoming a chef or a restauranteur was definitely not in my cards. You rarely do see female chefs in professional kitchens in China.China is an amazingly diverse place in terms of food.Traveling and Expat-lifeIt's been a great experience for our children to understand that the world is not just their immediate community.I traveled from Beijing to Rome, which is a trip I did overland 6000 miles.I could spend my whole lifetime studying Chinese food.Resources Mentioned:Jen Lin-Liu (link)Black Sesame Kitchen (link) Qianmen Kitchen (link)Peter Hessler trilogy (link)Serve the People by Jen Lin-Liu (link)On The Noodle Road by Jen Lin-Liu (link)Missionaries by Phil Klay (link)The Sellout by Paul Beatty (link)

We provide you with updates to Spectre and Meltdown from various BSD projects, a review of TrueOS from Linux, how to set up FreeBSD on ThinkPad x240, and a whole bunch of beastie bits. This episode was brought to you by Headlines KPTI patch lands in FreeBSD -current (https://svnweb.freebsd.org/base?view=revision&revision=328083) After a heroic effort by Konstantin Belousov kib@FreeBSD.org, the first meltdown patch has landed in FreeBSD This creates separate page tables for the Kernel and userland, and switches between them when executions enters the kernel, and when it returns to userland It is currently off by default, but you are encouraged to test it, so it can be merged back to the release branches. Set vm.pmap.pti=1 in /boot/loader.conf The existing implementation of PCID (process-context identifiers), is not compatible with the new PTI code, and is disabled when PTI is enabled, decreasing performance. A future patch will use PCID in a way that is compatible with PTI. PCID allows the OS to annotate memory mappings to specific processes, so that they can be flushed selectively, and so that they are only used when in the context of that application. Once the developers are relatively confident in the correctness of the code that has landed in -current, it will be ported back to FreeBSD 10 and 11, and released as a security advisory. Apparently porting back to FreeBSD 11 only has some relatively simple merge conflicts, but 10 will be more work. Former FreeBSD Security Officer Dag-Erling Smørgrav has created a meltdown testing and PoC tool (https://github.com/dag-erling/meltdown) that you can use to check your system. It is not finished yet, and doesn't seem to work with newer processors (haswell and newer). The first partial mitigation for Spectre variant 2 (https://svnweb.freebsd.org/changeset/base/328011) for bhyve on AMD64 has also been committed The latest information is always available on the FreeBSD Wiki (https://wiki.freebsd.org/action/edit/SpeculativeExecutionVulnerabilities) *** Some thoughts on Spectre and Meltdown (http://www.daemonology.net/blog/2018-01-17-some-thoughts-on-spectre-and-meltdown.html) Colin Percival breaks down how these vulnerabilities work, with same nice analogies What is a side channel: I want to know when my girlfriend's passport expires, but she won't show me her passport (she complains that it has a horrible photo) and refuses to tell me the expiry date. I tell her that I'm going to take her to Europe on vacation in August and watch what happens: If she runs out to renew her passport, I know that it will expire before August; while if she doesn't get her passport renewed, I know that it will remain valid beyond that date. Her desire to ensure that her passport would be valid inadvertently revealed to me some information: Whether its expiry date was before or after August. Spectre Variant 1: I tell my girlfriend that I'm going to take her on vacation in June, but I don't tell her where yet; however, she knows that it will either be somewhere within Canada (for which she doesn't need a passport, since we live in Vancouver) or somewhere in Europe. She knows that it takes time to get a passport renewed, so she checks her passport and (if it was about to expire) gets it renewed just in case I later reveal that I'm going to take her to Europe. If I tell her later that I'm only taking her to Ottawa — well, she didn't need to renew her passport after all, but in the meantime her behaviour has already revealed to me whether her passport was about to expire. This is what Google refers to "variant 1" of the Spectre vulnerability: Even though she didn't need her passport, she made sure it was still valid just in case she was going to need it. Spectre Variant 2: I spend a week talking about how Oxford is a wonderful place to visit and I really enjoyed the years I spent there, and then I tell her that I want to take her on vacation. She very reasonably assumes that — since I've been talking about Oxford so much — I must be planning on taking her to England, and runs off to check her passport and potentially renew it... but in fact I tricked her and I'm only planning on taking her to Ottawa. Meltdown: I tell my girlfriend that I want to take her to the Korean peninsula. She knows that her passport is valid for long enough; but she immediately runs off to check that her North Korean visa hasn't expired. Why does she have a North Korean visa, you ask? Good question. She doesn't — but she runs off to check its expiry date anyway! Because she doesn't have a North Korean visa, she (somehow) checks the expiry date on someone else's North Korean visa, and then (if it is about to expire) runs out to renew it — and so by telling her that I want to take her to Korea for a vacation I find out something she couldn't have told me even if she wanted to. Final thoughts on vulnerability disclosure The way these issues were handled was a mess; frankly, I expected better of Google, I expected better of Intel, and I expected better of the Linux community. When I found that Hyper-Threading was easily exploitable, I spent five months notifying the security community and preparing everyone for my announcement of the vulnerability; but when the embargo ended at midnight UTC and FreeBSD published its advisory a few minutes later, the broader world was taken entirely by surprise. Nobody knew what was coming aside from the people who needed to know; and the people who needed to know had months of warning. Contrast that with what happened this time around. Google discovered a problem and reported it to Intel, AMD, and ARM on June 1st. Did they then go around contacting all of the operating systems which would need to work on fixes for this? Not even close. FreeBSD was notified the week before Christmas, over six months after the vulnerabilities were discovered. Now, FreeBSD can occasionally respond very quickly to security vulnerabilities, even when they arise at inconvenient times — on November 30th 2009 a vulnerability was reported at 22:12 UTC, and on December 1st I provided a patch at 01:20 UTC, barely over 3 hours later — but that was an extremely simple bug which needed only a few lines of code to fix; the Spectre and Meltdown issues are orders of magnitude more complex. To make things worse, the Linux community was notified and couldn't keep their mouths shut. Standard practice for multi-vendor advisories like this is that an embargo date is set, and nobody does anything publicly prior to that date. People don't publish advisories; they don't commit patches into their public source code repositories; and they definitely don't engage in arguments on public mailing lists about whether the patches are needed for different CPUs. As a result, despite an embargo date being set for January 9th, by January 4th anyone who cared knew about the issues and there was code being passed around on Twitter for exploiting them. This is not the first time I've seen people get sloppy with embargoes recently, but it's by far the worst case. As an industry we pride ourselves on the concept of responsible disclosure — ensuring that people are notified in time to prepare fixes before an issue is disclosed publicly — but in this case there was far too much disclosure and nowhere near enough responsibility. We can do better, and I sincerely hope that next time we do. CPU microcode update code for amd64 (https://undeadly.org/cgi?action=article;sid=20180115073406) (https://marc.info/?l=openbsd-tech&m=151588857304763&w=2) Patrick Wildt (patrick@) recently committed some code that will update the Intel microcode on many Intel CPUs, a diff initially written by Stefan Fritsch (sf@). The microcode of your CPU is basically the firmware that runs on your (Intel) processor, defining its instruction set in terms of so called "microinstructions". The new code depends, of course, on the corresponding firmware package, ported by Patrick which can be installed using a very recent fw_update(1). Of course, this all plays into the recently revealed problems in Intel (and other) CPUs, Meltdown and Spectre. Now Theo has explained the workings of the code on openbsd-tech, detailing some of the challenges in updating microcode on CPUs where your OS is already starting to run. Theo hints at future updates to the intel-firmware package in his mail: (https://marc.info/?l=openbsd-tech&m=151588857304763&w=2) Patrick and others committed amd64 Intel cpu microcode update code over the last few days. The approach isn't perfect, but it is good enough for a start. I want to explain the situation. When you fw_update, you'll get the firmware files. Upon a reboot, it will attempt to update the microcode on your cpus. Maybe there isn't a new microcode. Maybe your BIOS has a copy of the microcode and installs it before booting OpenBSD. This firmware installation is done a little late. Doing it better will require some work in the bootblocks to find the firmware files, but time is a bit short to do that right now. The branch-target-cache flushing features added in new microcode are not being used yet. There is more code which has to be written, but again other work is happening first. Also, Intel is saying their new microcodes sucks and people should wait a little. "Hi, my name is Intel and I'm an cheating speculator". Several developers are working on mitigations for these issues, attacking the problem from several angles. Expect to see more updates to a CVS tree near you soon. Intel: as a *BSD user, I am fucking pissed! (https://malcont.net/2018/01/dont-like-meltdown-spectre-releated-bugs-handled/) I wasn't going to write anything on the recently found x64 architecture – related bugs. I'm not a kernel developer nor even a programmer and I can't say that I have a solid understanding of what Meltdown and Spectre attacks are. Also there already is a ton of articles and posts written by people who have no grasp of the subject. I'm however a malcontent and I find this a good way to express my feelings: Intel: as a *BSD user, I am fucking pissed! Meltdown, Spectre and BSD – the “pissed” part Part of my work is UNIX-like systems administration – including BSDs and Linuces. As much as I am happy with Linux changes already made, I am beyond pissed about how the BSDs were handled by Intel – because they were not. FreeBSD Security Team received some heads-up just before Xmas, while OpenBSD, NetBSD and DragonflyBSD teams received no prior warnings. Meltdown and Spectre attacks are hard to perform. It is a hard work to mitigate them in the software, as the bugs lay in the CPUs and are not fixable by microcode updates. Developers are trying to mitigate these bugs in a way that will deliver smallest performance losses. A lot of time consuming work is needed to fix CPU vendors' mistakes. Linux developers had this time. BSD developers did not. BSD user base too small? BSD user base is small in comparison to Linux. Seems that it's too small for Intel. PlayStation4 consoles are FreeBSD-based (and use AMD CPUs) but I think it's safe to say that gaming devices are not the most important systems to be fixed. Netflix serves their content off FreeBSD but the bugs are not remotely exploitable (possibly not including JavaScript, but it's running someone's code locally) so there's probably not much harm to be done here either. However gamers and Netflix aren't the only ones who use *BSD systems. I'd say that there is more than a few FreeBSD, NetBSD, OpenBSD and DragonFlyBSD servers on the internet. In March 2017, Intel promised “more timely support to FreeBSD”. They knew about flaws in their CPUs in June and decided that a timely manner is the end of December – short before the embargo was to be lifted. Intel and Google (probably Intel more): it was your job to pick the correct people to whom the bugs can be disclosed. In my humble opinion you chose poorly by disclosing these issues with ONLY Apple, Microsoft, and the Linux Foundation, of OS vendors. You did much harm to the BSD community. Intel: It's your bugs. And you offered “more support” to the FreeBSD Foundation less than 3 months prior to being informed (my guess is that you knew much earlier) on the flaws in YOUR products. I don't want to write more here as the wording would be too strong. Interview - Viewer Questions These days, do you consider yourself more of an programmer or a sysadmin? Which one do you enjoy more? Does FreeBSD/BSD enable your business or would another OS suit your needs just as well? You've hinted that you use FreeBSD as part of your business. Can you elaborate on that and give some technical detail on how it's used in that environment? If you were allowed three wishes for anything at all to be implemented or changed in ZFS, what would they be, and why? Per Dataset throughput and IOPS limiting Per-File Cloning and/or zfsmv (move a file from one dataset to another, without copying) Cluster support Allan, you have previously mentioned that you have worked on FreeBSD on MIPS, what made you choose the Onion Omega over something like the Raspberry Pi? What is BSD Now's association with Jupiter broadcasting, and how did the relationship come to be? Jupiter seems to be associated with several Linux-themed podcasts, and I'm wondering how and why BSD Now joined Jupiter. The two communities (the Linuxes and BSDs) don't always seem to mix freely -- or do they? What kind of keyboard is that? Have you ever tried an ErgoDox? The ErgoDox EZ is made by a Canadian. You mentioned when doing one of your talks on UCL for FreeBSD that you had only recently learned C. I am also aware of your history also on contributing to the FreeBSD handbook and to documentation in general. Given you started with C relatively recently, what made you want to learn it, how quickly did you pick it up, and is it your favourite language? It is most inspiring to me, as you are clearly so talented, and of all the languages I have learned (including C++), I still prefer C in my heart of hearts. I'd be really interested to hear your answer, many thanks. *** News Roundup LinuxAndUbuntu Review Of TrueOS A Unix Based OS (http://www.linuxandubuntu.com/home/linuxandubuntu-review-of-trueos-a-unix-based-os) Trust me, the name TrueOS takes me back to 1990s when Tru64 UNIX operating system made its presence. TrueOS is PC-BSD's new unified brand built upon FreeBSD-CURRENT code base. Note that TrueOS is not a Linux distro but is BSD Unix. FreeBSD is known for its cutting-edge features, security, scalability, and ability to work both as a server and desktop operating system. TrueOS aims at having user-friendliness with the power of FreeBSD OS. Let us start with going into details of different aspects of the TrueOS. TrueOS History ? TrueOS was founded by Kris Moore in 2005 with name PC-BSD. Initial version focused to make FreeBSD easy to use starting with providing GUI based installer (to relatively complicated FreeBSD installer). In the year 2006, PC-BSD was acquired by iXsystems. Before rebranding as TrueOS in Sept 2016, PC-BSD reached a stage starting considering better than vanilla FreeBSD. Older PC-BSD version used to support both x86 and x86-64 architecture. Kris Moore, the developer founder, says about rebranding: “We've already been using TrueOS for the server side of PC-BSD, and it made sense to unify the names. PC-BSD doesn't reflect server or embedded well. TrueOS Desktop/Server/Embedded can be real products, avoids some of the alphabet soup, and gives us a more catchy name.” TrueOS First Impression ? The startup is little longer; may be due to starting up of many services. The heavy KDE well suited to PC-BSD. The C++/Qt5 based Lumina desktop environment is light and fast. The Lumina offers an easy way to configure menu and panels. I did not face any problems for continuous use of two weeks on a virtual machine having the minimal configuration: 1 GB RAM, 20 GB hard disk and Intel 3.06 GHz i3 processor. The Lumina desktop is light and fast. The developers of Lumina know what they are doing and have a good idea of what makes a good IDE. As it happens with any new desktop environment, it needs some time to settle. Let us hope that they keep to the path they are on with it. Conclusion ? The TrueOS is impressive when consider it as relatively young. It is a daring step that TrueOS developers took FreeBSD Current rather than FreeBSD Stable code base. Overall it has created its own place from the legacy shadow of PC-BSD. Starting with easy installation TrueOS is a good combination of software and utilities that make the system ready to use. Go and get a TrueOS ISO to unleash the “bleeding edge” tag of FreeBSD Thinkpad x240 - FreeBSD Setup (http://stygix.org/nix/x240-freebsd.php) What follows is a record of how I set up FreeBSD to be my daily driver OS on the Lenovo Thinkpad X240. Everything seems to work great. Although, the touchpad needs some tweaking. I've tried several configurations, even recompiling Xorg with EVDEV support and all that, to no avail. Eventually I will figure it out. Do not sleep the laptop from the command line. Do it from within Xorg, or it will not wake up. I don't know why. You can do it from a terminal within Xorg, just not from the naked command line without Xorg started. It also will not sleep by closing the lid. I included a sudo config that allows you to run /usr/sbin/zzz without a password, so what I do is I have a key combo assigned within i3wm to run "sudo /usr/sbin/zzz". It works fine this way. I go into detail when it comes to setting up Xorg with i3wm. You can skip this if you want, but if you've never used a tiling window manager, it will handle screen real estate very efficiently on a laptop with a 12.5-inch screen and a touchpad. First, download the amd64 image for 11.1-RELEASE and flash it to a USB pen drive. For the Unices, use this: # dd if=FreeBSD-11.1-RELEASE-amd64-memstick.img of=/dev/da0 bs=1M conv=sync Obviously, you'll change /dev/da0 to whatever the USB pen drive is assigned. Plug it in, check dmesg. Leave it plugged in, restart the laptop. When prompted, tap Enter to halt the boot process, then F12 to select a bootable device. Choose the USB drive. I won't go through the actual install process, but it is pretty damn easy so just look at a guide or two and you'll be fine. If you can install Debian, you can install FreeBSD. I will, however, recommend ZFS if you have over 4GB of RAM (my particular variant of the X240 has 8GB of RAM, so yours should have at least 4GB), along with an encrypted disk, and an encrypted SWAP partition. When prompted to add an additional user, and you get to the question where it asks for additional groups, please make sure you add the user to "wheel". The rest should be self-explanatory during the install. Now for the good shit. You just booted into a fresh FreeBSD install. Now what? Well, time to fire up vi and open some config files... CNN Article about CDROM.com and FreeBSD, from 1999 (https://www.cnn.com/TECH/computing/9904/08/cdrom.idg/index.html) Walnut Creek CDROM sells a lot of CD-ROMs, but it gives away even more data. Specifically, anyone who has Internet access is free to log into wcarchive (ftp.cdrom.com) and start downloading bits. Even with a good Internet connection, however, you should expect to be at it for a while. At the present time, wcarchive resides on half a terabyte (500 GB) of RAID 5-disk storage. Even if your 56-Kbps modem can deliver seven kilobytes per second, downloading the complete archive would take you 70 million seconds. Even then, some of the files would be more than two years out of date, so a bit of "back and fill" would be needed. Of course, nobody uses wcarchive that way. Instead, they just drop in when they need the odd file or two. The FTP server is very accommodating; 3,600 simultaneous download sessions is the current limit and an upgrade to 10,000 sessions is in the works. This translates to about 800 GB per day of downloads. Bob Bruce (Walnut Creek's founder) says he's thinking about issuing a press release when they reach a terabyte a day. But 800 GB isn't all that shabby.... The hardware Because FTP archives don't do a lot of thinking, wcarchive doesn't need a massive cluster of CPUs. In fact, it gets by with a single 200-MHz P6 Pentium Pro and a measly(!) 1 GB of RAM. The I/O support, however, is fairly impressive. A six-channel Mylex RAID controller (DAC960SXI; Ultra-Wide SCSI-SCSI) is the centerpiece of the I/O subsystem. Two channels link it to the PC ("Personal Computer"!?!), via a dual-channel Adaptec card (AHA-3940AUW; PCI to Ultra-Wide SCSI). An 256-MB internal cache helps it to eliminate recurring disk accesses. Four nine-drive disk arrays provide the actual storage. The two larger arrays use 18-GB IBM drives; the two smaller arrays use 9-GB Micropolis and Quantum drives. A separate 4-GB Quantum drive is used as the "system disk." The output side is handled by a single Intel 100Base-T controller (Pro/100B PCI), which feeds into the Internet through a number of shared DS3 (45 Mbps) and OC3 (155 Mbps) circuits. A detailed description of the system is available as ftp.cdrom.com/archive-info/configuration; The software The system software is rather prosaic: a copy of FreeBSD, supplemented by home-grown FTP mirroring and server code. Because of the massive hardware support, the software "only" needs to keep the I/O going in an efficient and reliable manner. FreeBSD, the "prosaic" operating system mentioned above, merits a bit more discussion. Like Linux, FreeBSD is open source. Anyone can examine, modify, and/or redistribute the source code. And, like Linux, an active user community helps the authors to find bugs, improve documentation, and generally support the OS. Unlike Linux, FreeBSD is derived from the Berkeley Unix code that forms the foundation for most commercial Unix variants. When you use the "fast file system" (cylinder groups, long file names, symbolic links, etc.), TCP/IP networking, termcap, or even vi, you are using Berkeley Unix additions. The version of BSD underlying FreeBSD, however, is "pure" BSD; don't look for the System V modifications you see in Solaris. Instead, think of it as SunOS, brought up to date with Kerberos, modern sendmail, an updated filesystem, and more. Solid, fast, and free! One of FreeBSD's finest innovations, the Ports Collection, makes FreeBSD a delight for open source application users. The Ports Collection automates the downloading, building, and installation (including de-installation) of 2,300+ open source packages. The company Walnut Creek CDROM has been around for several years now, so you are likely to be familiar with its offerings. You may not realize, however, that it provides the major financial support for FreeBSD. The FreeBSD support has two purposes. First, it provides the company with a solid base to run wcarchive and other massive projects. Second, it ties in with the company's mission of making software (and data) economically accessible. Bob Bruce, the firm's founder, is an interesting guy: laid back and somewhat conservative in manner, but productive and innovative in practice. Here is a possibly illustrative story. When Bob started selling CD-ROMs, disc caddies were selling for $15 each. Bob thought that was rather high, so he started investigating the marketplace. A long-distance call to Japan got him Sony's fax number; a series of faxes got him in touch with the salespeople. It turned out that caddies were available, in bulk, for only a few dollars each. Bulk, in this case, meant pallet-loads of 10,000 caddies. In an act of great faith, Bob purchased a pallet of caddies, then proceeded to sell them for five dollars each. The results were everything he might have wished. Folks who bought his CD-ROMs added caddies to their orders; folks who bought piles of caddies added in a disc or two. Either way, Walnut Creek CDROM was making a name for itself. Many pallet-loads later, the company is still selling caddies, making and distributing CD-ROMs, and giving away bits. Walnut Creek CDROM is a real open-source success story; its breadth and depth of offerings is well worth a look. Beastie Bits OpenBSD adds kqueue event support to DRM, to detect device changes like HDMI cables being plugged in, and trigger randr events (https://github.com/openbsd/src/commit/b8584f4233dc11a328cd245a5843ec3d67462200) Thesis describing QUAD3, a unix-like, multi-tasking operating system for the 6502 processor (https://archive.org/details/AMultiTaskingOperatingSystemForMicrocomputers) Windows is getting chmod and chown... (https://blogs.msdn.microsoft.com/commandline/2018/01/12/chmod-chown-wsl-improvements/) Timeline: How they kept Meltdown and Spectre secret for so long (https://www.theverge.com/platform/amp/2018/1/11/16878670/meltdown-spectre-disclosure-embargo-google-microsoft-linux) bsd.network is a *BSD-themed Mastodon Instance (https://bsd.network/): Peter Hessler is administering a new Mastodon instance, running in an OpenBSD VM on top of an OpenBSD vmm hypervisor Computer-Aided Instruction on UNIX (https://virtuallyfun.com/wordpress/wp-content/uploads/2017/12/whfUb.pdf) AsiaBSDCon 2018 Travel Grant Application Now Open (https://www.freebsdfoundation.org/blog/asiabsdcon-2018-travel-grant-application-now-open/) AsiaBSDCon 2018 FreeBSD Developers Summit Call for Proposals (https://www.freebsdfoundation.org/news-and-events/call-for-papers/asiabsdcon-2018-freebsd-developers-summit-call-for-proposals/) LinuxFest Northwest 2018 Call for Proposals (https://www.freebsdfoundation.org/news-and-events/call-for-papers/linuxfest-northwest-2018-call-for-proposals/) Feedback/Questions Jason - Dont break my ports (http://dpaste.com/05PRNG2) Wilyarti - show content (http://dpaste.com/1BG8GZW) https://clinetworking.wordpress.com/2017/12/08/data-de-duplication-file-diff-ing-and-s3-style-object-storage-using-digital-ocean-spaces Scott - Your show is Perfect! (http://dpaste.com/0KER8YE#wrap) Ken - Community Culture (http://dpaste.com/0WT8285#wrap)

We review Meltdown and Spectre responses from various BSD projects, show you how to run CentOS with bhyve, GhostBSD 11.1 is out, and we look at the case against the fork syscall. This episode was brought to you by Headlines More Meltdown Much has been happened this week, but before we get into a status update of the various mitigations on the other BSDs, some important updates: Intel has recalled the microcode update they issued on January 8th. It turns out this update can cause Haswell and Broadwell based systems to randomly reboot, with some frequency. (https://newsroom.intel.com/news/intel-security-issue-update-addressing-reboot-issues/) AMD has confirmed that its processors are vulnerable to both variants of Spectre, and the the fix for variant #2 will require a forthcoming microcode update, in addition to OS level mitigations (https://www.amd.com/en/corporate/speculative-execution) Fujitsu has provided a status report for most of its products, including SPARC hardware (https://sp.ts.fujitsu.com/dmsp/Publications/public/Intel-Side-Channel-Analysis-Method-Security-Review-CVE2017-5715-vulnerability-Fujitsu-products.pdf) The Register of course has some commentary (https://www.theregister.co.uk/2018/01/12/intel_warns_meltdown_spectre_fixes_make_broadwells_haswells_unstable/) If new code is needed, Intel will need to get it right: the company already faces numerous class action lawsuits. Data centre operators already scrambling to conduct unplanned maintenance will not be happy about the fix reducing stability. AMD has said that operating system patches alone will address the Spectre bounds check bypass bug. Fixing Spectre's branch target injection flaw will require firmware fixes that AMD has said will start to arrive for Ryzen and EPYC CPUs this week. The Register has also asked other server vendors how they're addressing the bugs. Oracle has patched its Linux, but has told us it has “No comment/statement on this as of now” in response to our query about its x86 systems, x86 cloud, Linux and Solaris on x86. The no comment regarding Linux is odd as fixes for Oracle Linux landed here (https://linux.oracle.com/errata/ELSA-2018-4006.html) on January 9th. SPARC-using Fujitsu, meanwhile, has published advice (PDF) revealing how it will address the twin bugs in its servers and PCs, and also saying its SPARC systems are “under investigation”. Response from OpenBSD: (https://undeadly.org/cgi?action=article;sid=20180106082238) 'Meltdown, aka "Dear Intel, you suck"' (https://marc.info/?t=151521438600001&r=1&w=2) Theo de Raadt's response to Meltdown (https://www.itwire.com/security/81338-handling-of-cpu-bug-disclosure-incredibly-bad-openbsd-s-de-raadt.html) That time in 2007 when Theo talked about how Intel x86 had major design problems in their chips (https://marc.info/?l=openbsd-misc&m=118296441702631&w=2) OpenBSD gets a Microcode updater (https://marc.info/?l=openbsd-cvs&m=151570987406841&w=2) Response from Dragonfly BSD: (http://lists.dragonflybsd.org/pipermail/users/2018-January/313758.html) The longer response in four commits One (http://lists.dragonflybsd.org/pipermail/commits/2018-January/627151.html) Two (http://lists.dragonflybsd.org/pipermail/commits/2018-January/627152.html) Three (http://lists.dragonflybsd.org/pipermail/commits/2018-January/627153.html) Four (http://lists.dragonflybsd.org/pipermail/commits/2018-January/627154.html) Even more Meltdown (https://www.dragonflydigest.com/2018/01/10/20718.html) DragonflyBSD master now has full IBRS and IBPB support (http://lists.dragonflybsd.org/pipermail/users/2018-January/335643.html) IBRS (Indirect Branch Restricted Speculation): The x86 IBRS feature requires corresponding microcode support. It mitigates the variant 2 vulnerability. If IBRS is set, near returns and near indirect jumps/calls will not allow their predicted target address to be controlled by code that executed in a less privileged prediction mode before the IBRS mode was last written with a value of 1 or on another logical processor so long as all RSB entries from the previous less privileged prediction mode are overwritten. Speculation on Skylake and later requires these patches ("dynamic IBRS") be used instead of retpoline. If you are very paranoid or you run on a CPU where IBRS=1 is cheaper, you may also want to run in "IBRS always" mode. IBPB (Indirect Branch Prediction Barrier): Setting of IBPB ensures that earlier code's behavior does not control later indirect branch predictions. It is used when context switching to new untrusted address space. Unlike IBRS, IBPB is a command MSR and does not retain its state. DragonFlyBSD's Meltdown Fix Causing More Slowdowns Than Linux (https://www.phoronix.com/scan.php?page=article&item=dragonfly-bsd-meltdown&num=1) NetBSD HOTPATCH() (http://mail-index.netbsd.org/source-changes/2018/01/07/msg090945.html) NetBSD SVS (Separate Virtual Space) (http://mail-index.netbsd.org/source-changes/2018/01/07/msg090952.html) Running CentOS with Bhyve (https://www.daemon-security.com/2018/01/bhyve-centos-0110.html) With the addition of UEFI in FreeBSD (since version 11), users of bhyve can use the UEFI boot loader instead of the grub2-bhyve port for booting operating systems such as Microsoft Windows, Linux and OpenBSD. The following page provides information necessary for setting up bhyve with UEFI boot loader support: https://wiki.freebsd.org/bhyve/UEFI Features have been added to vmrun.sh to make it easier to setup the UEFI boot loader, but the following is required to install the UEFI firmware pkg: # pkg install -y uefi-edk2-bhyve With graphical support, you can use a vnc client like tigervnc, which can be installed with the following command: # pkg install -y tigervnc In the case of most corporate or government environments, the Linux of choice is RHEL, or CentOS. Utilizing bhyve, you can test and install CentOS in a bhyve VM the same way you would deploy a Linux VM in production. The first step is to download the CentOS iso (for this tutorial I used the CentOS minimal ISO): http://isoredirect.centos.org/centos/7/isos/x8664/CentOS-7-x8664-Minimal-1708.iso I normally use a ZFS Volume (zvol) when running bhyve VMs. Run the following commands to create a zvol (ensure you have enough disk space to perform these operations): # zfs create -V20G -o volmode=dev zroot/centos0 (zroot in this case is the zpool I am using) Similar to my previous post about vmrun.sh, you need certain items to be configured on FreeBSD in order to use bhyve. The following commands are necessary to get things running: ``` echo "vfs.zfs.vol.mode=2" >> /boot/loader.conf kldload vmm ifconfig tap0 create sysctl net.link.tap.uponopen=1 net.link.tap.uponopen: 0 -> 1 ifconfig bridge0 create ifconfig bridge0 addm em0 addm tap0 ifconfig bridge0 up ``` (replace em0 with whatever your physical interface is). There are a number of utilities that can be used to manage bhyve VMs, and I am sure there is a way to use vmrun.sh to run Linux VMs, but since all of the HowTos for running Linux use the bhyve command line, the following script is what I use for running CentOS with bhyve. ``` !/bin/sh General bhyve install/run script for CentOS Based on scripts from pr1ntf and lattera HOST="127.0.0.1" PORT="5901" ISO="/tmp/centos.iso" VMNAME="centos" ZVOL="centos0" SERIAL="nmda0A" TAP="tap1" CPU="1" RAM="1024M" HEIGHT="800" WIDTH="600" if [ "$1" == "install" ]; then Kill it before starting it bhyvectl --destroy --vm=$VMNAME bhyve -c $CPU -m $RAM -H -P -A -s 0,hostbridge -s 2,virtio-net,$TAP -s 3,ahci-cd,$ISO -s 4,virtio-blk,/dev/zvol/zroot/$ZVOL -s 29,fbuf,tcp=$HOST:$PORT,w=$WIDTH,h=$HEIGHT -s 30,xhci,tablet -s 31,lpc -l com1,/dev/$SERIAL -l bootrom,/usr/local/share/uefi-firmware/BHYVE_UEFI.fd $VMNAME kill it after bhyvectl --destroy --vm=$VMNAME elif [ "$1" == "run" ]; then Kill it before starting it bhyvectl --destroy --vm=centos bhyve -c $CPU -m $RAM -w -H -s 0,hostbridge -s 2,virtio-net,$TAP -s 4,virtio-blk,/dev/zvol/zroot/$ZVOL -s 29,fbuf,tcp=$HOST:$PORT,w=$WIDTH,h=$HEIGHT -s 30,xhci,tablet -s 31,lpc -l com1,/dev/$SERIAL -l bootrom,/usr/local/share/uefi-firmware/BHYVE_UEFI.fd $VMNAME & else echo "Please type install or run"; fi ``` The variables at the top of the script can be adjusted to fit your own needs. With the addition of the graphics output protocol in UEFI (or UEFI-GOP), a VNC console is launched and hosted with the HOST and PORT setting. There is a password option available for the VNC service, but the connection should be treated as insecure. It is advised to only listen on localhost with the VNC console and tunnel into the host of the bhyve VM. Now with the ISO copied to /tmp/centos.iso, and the script saved as centos.sh you can run the following command to start the install: # ./centos.sh install At this point, using vncviewer (on the local machine, or over an SSH tunnel), you should be able to bring up the console and run the CentOS installer as normal. The absolutely most critical item is to resolve an issue with the booting of UEFI after the installation has completed. Because of the path used in bhyve, you need to run the following to be able to boot CentOS after the installation: # cp -f /mnt/sysimage/boot/efi/EFI/centos/grubx64.efi /mnt/sysimage/boot/efi/EFI/BOOT With this setting changed, the same script can be used to launch your CentOS VM as needed: # ./centos.sh run If you are interested in a better solution for managing your Linux VM, take a look at the various bhyve management ports in the FreeBSD ports tree. Interview - newnix architect - @newnix (https://bsd.network/@newnix) News Roundup GhostBSD 11.1 - FreeBSD for the desktop (https://distrowatch.com/weekly.php?issue=20180108#ghostbsd) GhostBSD is a desktop oriented operating system which is based on FreeBSD. The project takes the FreeBSD operating system and adds a desktop environment, some popular applications, a graphical package manager and Linux binary compatibility. GhostBSD is available in two flavours, MATE and Xfce, and is currently available for 64-bit x86 computers exclusively. I downloaded the MATE edition which is available as a 2.3GB ISO file. Installing GhostBSD's system installer is a graphical application which begins by asking us for our preferred language, which we can select from a list. We can then select our keyboard's layout and our time zone. When it comes to partitioning we have three main options: let GhostBSD take over the entire disk using UFS as the file system, create a custom UFS layout or take over the entire disk using ZFS as the file system. UFS is a classic file system and quite popular, it is more or less FreeBSD's equivalent to Linux's ext4. ZFS is a more advanced file system with snapshots, multi-disk volumes and optional deduplication of data. I decided to try the ZFS option. Once I selected ZFS I didn't have many more options to go through. I was given the chance to set the size of my swap space and choose whether to set up ZFS as a plain volume, with a mirrored disk for backup or in a RAID arrangement with multiple disks. I stayed with the plain, single disk arrangement. We are then asked to create a password for the root account and create a username and password for a regular user account. The installer lets us pick our account's shell with the default being fish, which seemed unusual. Other shells, including bash, csh, tcsh, ksh and zsh are available. The installer goes to work copying files and offers to reboot our computer when it is done. Early impressions The newly installed copy of GhostBSD boots to a graphical login screen where we can sign into the account we created during the install process. Signing into our account loads the MATE 1.18 desktop environment. I found MATE to be responsive and applications were quick to open. Early on I noticed odd window behaviour where windows would continue to slide around after I moved them with the mouse, as if the windows were skidding on ice. Turning off compositing in the MATE settings panel corrected this behaviour. I also found the desktop's default font (Montserrat Alternates) to be hard on my eyes as the font is thin and, for lack of a better term, bubbly. Fonts can be easily adjusted in the settings panel. A few minutes after I signed into my account, a notification appeared in the system tray letting me know software updates were available. Clicking the update icon brings up a small window showing us a list of package updates and, if any are available, updates to the base operating system. FreeBSD, and therefore GhostBSD, both separate the core operating system from the applications (packages) which run on the operating system. This means we can update the core of the system separately from the applications. GhostBSD's core remains relatively static and minimal while applications are updated using a semi-rolling schedule. When we are updating the core operating system, the update manager will give us the option of rebooting the system to finish the process. We can dismiss this prompt to continue working, but the wording of the prompt may be confusing. When asked if we want to reboot to continue the update process, the options presented to us are "Continue" or "Restart". The Continue option closes the update manager and returns us to the MATE desktop. The update manager worked well for me and the only issue I ran into was when I dismissed the update manager and then wanted to install updates later. There are two launchers for the update manager, one in MATE's System menu and one in the settings panel. Clicking either of these launchers didn't accomplish anything. Running the update manager from the command line simply caused the process to lock up until killed. I found if I had dismissed the update manager once, I'd have to wait until I logged in again to use it. Alternatively, I could use a command line tool or use the OctoPkg package manager to install package updates. Conclusions Most of my time with GhostBSD, I was impressed and happy with the operating system. GhostBSD builds on a solid, stable FreeBSD core. We benefit from FreeBSD's performance and its large collection of open source software packages. The MATE desktop was very responsive in my trial and the system is relatively light on memory, even when run on ZFS which has a reputation for taking up more memory than other file systems. FreeBSD Looks At Making Wayland Support Available By Default (https://www.phoronix.com/scan.php?page=news_item&px=FreeBSD-Wayland-Availability) There's an active discussion this week about making Wayland support available by default on FreeBSD. FreeBSD has working Wayland support -- well, assuming you have working Intel / Radeon graphics -- and do have Weston and some other Wayland components available via FreeBSD Ports. FreeBSD has offered working Wayland support that is "quite usable" for more than one year. But, it's not too easy to get going with Wayland on FreeBSD. Right now those FreeBSD desktop users wanting to use/develop with Wayland currently need to rebuild the GTK3 tool-kit, Mesa, and other packages with Wayland support enabled. This call for action now is about allowing the wayland=on to be made the default. This move would then allow these dependencies to be built with Wayland support by default, but for the foreseeable future FreeBSD will continue defaulting to X.Org-based sessions. The FreeBSD developers mostly acknowledge that Wayland is the future and the cost of enabling Wayland support by default is just slightly larger packages, but that weight is still leaner than the size of the X.Org code-base and its dependencies. FreeBSD vote thread (https://lists.freebsd.org/pipermail/freebsd-ports/2017-December/111906.html) TrueOS Fliped the switch already (https://github.com/trueos/trueos-core/commit/f48dba9d4e8cefc45d6f72336e7a0b5f42a2f6f1) fork is not my favorite syscall (https://sircmpwn.github.io/2018/01/02/The-case-against-fork.html) This article has been on my to-write list for a while now. In my opinion, fork is one of the most questionable design choices of Unix. I don't understand the circumstances that led to its creation, and I grieve over the legacy rationale that keeps it alive to this day. Let's set the scene. It's 1971 and you're a fly on the wall in Bell Labs, watching the first edition of Unix being designed for the PDP-11/20. This machine has a 16-bit address space with no more than 248 kilobytes of memory. They're discussing how they're going to support programs that spawn new programs, and someone has a brilliant idea. “What if we copied the entire address space of the program into a new process running from the same spot, then let them overwrite themselves with the new program?” This got a rousing laugh out of everyone present, then they moved on to a better design which would become immortalized in the most popular and influential operating system of all time. At least, that's the story I'd like to have been told. In actual fact, the laughter becomes consensus. There's an obvious problem with this approach: every time you want to execute a new program, the entire process space is copied and promptly discarded when the new program begins. Usually when I complain about fork, this the point when its supporters play the virtual memory card, pointing out that modern operating systems don't actually have to copy the whole address space. We'll get to that, but first — First Edition Unix does copy the whole process space, so this excuse wouldn't have held up at the time. By Fourth Edition Unix (the next one for which kernel sources survived), they had wisened up a bit, and started only copying segments when they faulted. This model leads to a number of problems. One is that the new process inherits all of the parent's process descriptors, so you have to close them all before you exec another process. However, unless you're manually keeping tabs on your open file descriptors, there is no way to know what file handles you must close! The hack that solves this is CLOEXEC, the first of many hacks that deal with fork's poor design choices. This file descriptors problem balloons a bit - consider for example if you want to set up a pipe. You have to establish a piped pair of file descriptors in the parent, then close every fd but the pipe in the child, then dup2 the pipe file descriptor over the (now recently closed) file descriptor 1. By this point you've probably had to do several non-trivial operations and utilize a handful of variables from the parent process space, which hopefully were on the stack so that we don't end up copying segments into the new process space anyway. These problems, however, pale in comparison to my number one complaint with the fork model. Fork is the direct cause of the stupidest component I've ever heard of in an operating system: the out-of-memory (aka OOM) killer. Say you have a process which is using half of the physical memory on your system, and wants to spawn a tiny program. Since fork “copies” the entire process, you might be inclined to think that this would make fork fail. But, on Linux and many other operating systems since, it does not fail! They agree that it's stupid to copy the entire process just to exec something else, but because fork is Important for Backwards Compatibility, they just fake it and reuse the same memory map (except read-only), then trap the faults and actually copy later. The hope is that the child will get on with it and exec before this happens. However, nothing prevents the child from doing something other than exec - it's free to use the memory space however it desires! This approach now leads to memory overcommittment - Linux has promised memory it does not have. As a result, when it really does run out of physical memory, Linux will just kill off processes until it has some memory back. Linux makes an awfully big fuss about “never breaking userspace” for a kernel that will lie about memory it doesn't have, then kill programs that try to use the back-alley memory they were given. That this nearly 50 year old crappy design choice has come to this astonishes me. Alas, I cannot rant forever without discussing the alternatives. There are better process models that have been developed since Unix! The first attempt I know of is BSD's vfork syscall, which is, in a nutshell, the same as fork but with severe limitations on what you do in the child process (i.e. nothing other than calling exec straight away). There are loads of problems with vfork. It only handles the most basic of use cases: you cannot set up a pipe, cannot set up a pty, and can't even close open file descriptors you inherited from the parent. Also, you couldn't really be sure of what variables you were and weren't editing or allowed to edit, considering the limitations of the C specification. Overall this syscall ended up being pretty useless. Another model is posixspawn, which is a hell of an interface. It's far too complicated for me to detail here, and in my opinion far too complicated to ever consider using in practice. Even if it could be understood by mortals, it's a really bad implementation of the spawn paradigm — it basically operates like fork backwards, and inherits many of the same flaws. You still have to deal with children inheriting your file descriptors, for example, only now you do it in the parent process. It's also straight-up impossible to make a genuine pipe with posixspawn. (Note: a reader corrected me - this is indeed possible via posixspawnfileactionsadddup2.) Let's talk about the good models - rfork and spawn (at least, if spawn is done right). rfork originated from plan9 and is a beautiful little coconut of a syscall, much like the rest of plan9. They also implement fork, but it's a special case of rfork. plan9 does not distinguish between processes and threads - all threads are processes and vice versa. However, new processes in plan9 are not the everything-must-go fuckfest of your typical fork call. Instead, you specify exactly what the child should get from you. You can choose to include (or not include) your memory space, file descriptors, environment, or a number of other things specific to plan9. There's a cool flag that makes it so you don't have to reap the process, too, which is nice because reaping children is another really stupid idea. It still has some problems, mainly around creating pipes without tremendous file descriptor fuckery, but it's basically as good as the fork model gets. Note: Linux offers this via the clone syscall now, but everyone just fork+execs anyway. The other model is the spawn model, which I prefer. This is the approach I took in my own kernel for KnightOS, and I think it's also used in NT (Microsoft's kernel). I don't really know much about NT, but I can tell you how it works in KnightOS. Basically, when you create a new process, it is kept in limbo until the parent consents to begin. You are given a handle with which you can configure the process - you can change its environment, load it up with file descriptors to your liking, and so on. When you're ready for it to begin, you give the go-ahead and it's off to the races. The spawn model has none of the flaws of fork. Both fork and exec can be useful at times, but spawning is much better for 90% of their use-cases. If I were to write a new kernel today, I'd probably take a leaf from plan9's book and find a happy medium between rfork and spawn, so you could use spawn to start new threads in your process space as well. To the brave OS designers of the future, ready to shrug off the weight of legacy: please reconsider fork. Enable ld.lld as bootstrap linker by default on amd64 (https://svnweb.freebsd.org/changeset/base/327783) Enable ld.lld as bootstrap linker by default on amd64 For some time we have been planning to migrate to LLVM's lld linker. Having a man page was the last blocking issue for using ld.lld to link the base system kernel + userland, now addressed by r327770. Link the kernel and userland libraries and binaries with ld.lld by default, for additional test coverage. This has been a long time in the making. On 2013-04-13 I submitted an upstream tracking issue in LLVM PR 23214: [META] Using LLD as FreeBSD's system linker. Since then 85 individual issues were identified, and submitted as dependencies. These have been addressed along with two and a half years of other lld development and improvement. I'd like to express deep gratitude to upstream lld developers Rui Ueyama, Rafael Espindola, George Rimar and Davide Italiano. They put in substantial effort in addressing the issues we found affecting FreeBSD/amd64. To revert to using ld.bfd as the bootstrap linker, in /etc/src.conf set WITHOUTLLDBOOTSTRAP=yes If you need to set this, please follow up with a PR or post to the freebsd-toolchain mailing list explaining how default WITHLLDBOOTSTRAP failed for your use case. Note that GNU ld.bfd is still installed as /usr/bin/ld, and will still be used for linking ports. ld.lld can be installed as /usr/bin/ld by setting in /etc/src.conf WITH_LLD_IS_LLD=yes A followup commit will set WITHLLDIS_LD by default, possibly after Clang/LLVM/lld 6.0 is merged to FreeBSD. Release notes: Yes Sponsored by: The FreeBSD Foundation Followup: https://www.mail-archive.com/svn-src-all@freebsd.org/msg155493.html *** Beastie Bits BSDCAN2017 Interview with Peter Hessler, Reyk Floeter, and Henning Brauer (https://undeadly.org/cgi?action=article;sid=20171229080944) video (https://www.youtube.com/watch?v=e-Xim3_rJns) DSBMD (https://freeshell.de/~mk/projects/dsbmd.html) ccc34 talk - May contain DTraces of FreeBSD (https://media.ccc.de/v/34c3-9196-may_contain_dtraces_of_freebsd) [scripts to run an OpenBSD mirror, rsync and verify])(https://github.com/bluhm/mirror-openbsd) Old School PC Fonts (https://int10h.org/oldschool-pc-fonts/readme/) Feedback/Questions David - Approach and Tools for Snapshots and Remote Replication (http://dpaste.com/33HKKEM#wrap) Brian - Help getting my FreeBSD systems talking across the city (http://dpaste.com/3QWFEYR#wrap) Malcolm - First BSD Meetup in Stockholm happened and it was great (http://dpaste.com/1Z9Y8H1) Brad - Update on TrueOS system (http://dpaste.com/3EC9RGG#wrap) ***

FreeBSD 11.1-RELEASE is out, we look at building at BSD home router, how to be your own OpenBSD VPN provider, and find that glob matching can be simple and fast. This episode was brought to you by Headlines FreeBSD 11.1-RELEASE (https://www.freebsd.org/releases/11.1R/relnotes.html) FreeBSD 11.1 was released on July 26th (https://www.freebsd.org/releases/11.1R/announce.asc) You can download it as an ISO or USB image, a prebuilt VM Image (vmdk, vhd, qcow2, or raw), and it is available as a cloud image (Amazon EC2, Microsoft Azure, Google Compute Engine, Vagrant) Thanks to everyone, including the release engineering team who put so much time and effort into managing this release and making sure it came out on schedule, all of the FreeBSD developers who contributed the features, the companies that sponsored that development, and the users who tested the betas and release candidates. Support for blacklistd(8) has been added to OpenSSH The cron(8) utility has been updated to add support for including files within /etc/cron.d and /usr/local/etc/cron.d by default. The syslogd(8) utility has been updated to add the include keyword which allows specifying a directory containing configuration files to be included in addition to syslog.conf(5). The default syslog.conf(5) has been updated to include /etc/syslog.d and /usr/local/etc/syslog.d by default. The zfsbootcfg(8) utility has been added, providing one-time boot.config(5)-style options The efivar(8) utility has been added, providing an interface to manage UEFI variables. The ipsec and tcpmd5 kernel modules have been added, these can now be loaded without having to recompile the kernel A number of new IPFW modules including Network Prefix Translation for IPv6 as defined in RFC 6296, stateless and stateful NAT64, and a module to modify the TCP-MSS of packets A huge array of driver updates and additions The NFS client now supports the Amazon® Elastic File System™ (EFS) The new ZFS Compressed ARC feature was added, and is enabled by default The EFI loader has been updated to support TFTPFS, providing netboot support without requiring an NFS server For a complete list of new features and known problems, please see the online release notes and errata list, available at: FreeBSD 11.1-RELEASE Release Notes (https://www.freebsd.org/releases/11.1R/relnotes.html) FreeBSD 11.1-RELEASE Errata (https://www.freebsd.org/releases/11.1R/errata.html) For more information about FreeBSD release engineering activities, please see: Release Engineering Information (https://www.freebsd.org/releng/) Availability FreeBSD 11.1-RELEASE is now available for the amd64, i386, powerpc, powerpc64, sparc64, armv6, and aarch64 architectures. FreeBSD 11.1-RELEASE can be installed from bootable ISO images or over the network. Some architectures also support installing from a USB memory stick. The required files can be downloaded as described in the section below. SHA512 and SHA256 hashes for the release ISO, memory stick, and SD card images are included at the bottom of this message. PGP-signed checksums for the release images are also available at: FreeBSD 11.1 Release Checksum Signatures (https://www.freebsd.org/releases/11.1R/signatures.html) A PGP-signed version of this announcement is available at: FreeBSD 11.1-RELEASE Announcement (https://www.FreeBSD.org/releases/11.1R/announce.asc) *** Building a BSD home router - ZFS and Jails (https://eerielinux.wordpress.com/2017/07/15/building-a-bsd-home-router-pt-8-zfs-and-jails/) Part of a series of posts about building a router: Part 1 (https://eerielinux.wordpress.com/2017/05/30/building-a-bsd-home-router-pt-1-hardware-pc-engines-apu2/) -- discussing why you want to build your own router and how to assemble the APU2 Part 2 (https://eerielinux.wordpress.com/2017/06/03/building-a-bsd-home-router-pt-2-the-serial-console-excursion) -- some Unix history explanation of what a serial console is Part 3 (https://eerielinux.wordpress.com/2017/06/10/building-a-bsd-home-router-pt-3-serial-access-and-flashing-the-firmware/) -- demonstrating serial access to the APU and covering firmware update Part 4 (https://eerielinux.wordpress.com/2017/06/15/building-a-bsd-home-router-pt-4-installing-pfsense/) -- installing pfSense Part 5 (https://eerielinux.wordpress.com/2017/06/20/building-a-bsd-home-router-pt-5-installing-opnsense/) -- installing OPNsense instead Part 6 (https://eerielinux.wordpress.com/2017/06/30/building-a-bsd-home-router-pt-7-advanced-opnsense-setup/) -- Comparison of pfSense and OPNsense Part 7 (https://eerielinux.wordpress.com/2017/06/30/building-a-bsd-home-router-pt-7-advanced-opnsense-installation/) -- Advanced installation of OPNsense After the advanced installation in part 7, the tutorials covers converting an unused partition into swap space, and converting the system to ZFS After creating a new pool using the set aside partition, some datasets are created, and the log files, ports, and obj ZFS datasets are mounted The tutorial then goes on to cover how to download the ports tree, and install additional software on the router I wonder what part 9 will be about. *** Be your own VPN provider with OpenBSD (v2) (https://networkfilter.blogspot.com/2017/04/be-your-own-vpn-provider-with-openbsd-v2.htm) This article covers how to build your own VPN server with some advanced features including: Full Disk Encryption (FDE) Separate CA/signing machine (optional) Multiple DNSCrypt proxy instances for failover OpenVPN: Certificate Revocation List/CRL (optional) OpenVPN: TLS 1.2 only OpenVPN: TLS cipher based on AES-256-GCM only OpenVPN: HMAC-SHA512 instead of HMAC-SHA1 OpenVPN: TLS encryption of control channel (makes it harder to identify OpenVPN traffic) The article starts with an explanation of the differences between OpenVPN and IPSEC. In the end the author chose OpenVPN because you can select the port it runs on, and it has a better chance of working from hotel or coffee shop WiFi. The guide them walks through doing an installation on an encrypted disk, with a caution about the limitations of encrypted disk with virtual machines hosted by other parties. The guide then locks down the newly installed system, configuring SSH for keys only, adding some PF rules, and configuring doas Then networking is configured, including enabling IP forwarding since this machine is going to act as the VPN gateway Then a large set of firewall rules are created that NAT the VPN traffic out of the gateway, except for DNS requests that are redirected to the gateways local unbound Then some python scripts are provided to block brute force attempts We will use DNSCrypt to make our DNS requests encrypted, and Unbound to have a local DNS cache. This will allow us to avoid using our VPS provider DNS servers, and will also be useful to your future VPN clients which will be able to use your VPN server as their DNS server too Before configuring Unbound, which is the local DNS cache which will make requests to dnscrypt_proxy, we can configure an additional dnscrypt instance, as explained in the pkg readme. Indeed, dnscrypt DNS servers being public ones, they often goes into maintenance, become offline or temporarily unreachable. To address this issue, it is possible to setup multiple dnscrypt instances. Below are the steps to follow to add one, but you can add more if you wish Then a CA and Certificate are created for OpenVPN OpenVPN is installed and configured as a server Configuration is also provided for a client, and a mobile client Thanks to the author for this great tutorial You might also want to check out this section from their 2015 version of this post: Security vs Anonymity (https://networkfilter.blogspot.nl/2015/01/be-your-own-vpn-provider-with-openbsd.html#security_anonymity) *** Essen Hackathon Trip - Benedict Reuschling (https://www.freebsdfoundation.org/blog/2017-essen-hackathon-trip-report-benedict-reuschling/) Over on the FreeBSD Foundation Blog, Benedict provides a detailed overview of the Essen Hackathon we were at a few weeks ago. Head over there and give it a read, and get a feel for what these smaller type of community events are like. Hopefully you can attend, or better yet, organize, a similar event in your area. News Roundup Blog about my self-hosted httpd blog (https://reykfloeter.com/posts/blog-about-my-blog) I really like Twitter because it allows me to share short messages, we have a great community, and 140 characters are enough for everybody. And this statement was exactly 140 characters, but sometimes I want to say more than that. And that's why I finally created this new blog. I was never really into blogging because I barely had time or the audience to write long articles. I sometimes wrote short stories for sites like undeadly.org, I collected some of them here, but my own blog was hosted on tumblr and never saw any activity. I want to try it again, and this time I decided to create a self-hosted blog. Something that runs on my own server and with httpd, the web server that I wrote for OpenBSD. So I was looking for potential blogging tools that I could use to run my own blog. Besides the popular and heavyweight ones such as WordPress, there are countless other options: I looked at blogs from fellow developers, such as Ted Unangst's flak (I like the fact that it is written in Lua but the implementation is a bit over my head), or Pelican that is used by Peter Hessler for bad.network (but, sorry, I don't like Python), and finally Kristaps Dzonsons' sblg that is used for all of his projects and blogs. I decided to use sblg. Kristaps keeps on releasing very useful free software. Most well-known is mandoc, at least everyone is using it for manpages these days, but there is is also his BCHS (beaches) web stack which strongly advertises OpenBSD's httpd. Great. I also use kcgi whenever I have to write small CGIs. So sblg seemed like the right choice to me. Let me quickly iterate over my current Makefile. I keep on tweaking this file, so it might have been changed by the time you are reading this article. Please note that the Makefile is written for OpenBSD's make, a distant derivative of pmake which is not like GNU make. I'm not a designer or web developer, but I appreciate good looking web pages. I wanted to have something that is responsive, works on desktops and mobiles, looks somewhat modern, works without JavaScript, but doesn't disqualify me for all the eye candy from a geek point of view. I bootstrapped the theme by creating a simple grid layout with a fairly typical blog style: banner, top menu, middle text, sidebar. In 2017, bootstrap is probably a vintage (or retro) framework but it makes it very easy to create responsive pages with a proper layout and without caring about all the CSS and HTML5 madness too much. I also use Font Awesome because it is awesome, provides some fancy icons, and was suggested in sblg's example templates (let's blame Kristaps for it). I do not include any JavaScript which prevents me from using bootstrap's responsive hamburger menu. I have to admit that "reykfloeter" is not an ideal name for a blog. My actual name is "Reyk Flöter", and I normally just use my first name "reyk" as a user- and nickname, but it was taken when I registered my Twitter account and the related domain. So I picked reykfloeter in a few places. I'm aware that my German last name is nearly unpronounceable for others, so "reykfloeter" appears like a random concatenation of letters. As most of us, I own a number of domains and maybe I should move the blog to bsd.plumbing (which is used as a home for relayd and httpd), arc4random.com (but I intended to use it as a fine OpenBSD-powered Entropy-as-a-Service for poor Linuxers), or even copper.coffee? In addition to the domain, I also need a good blog name or tag line. A very memorable example in the BSD world is Peter Hansteen's THAT GRUMPY BSD GUY blog. So what should I use? Reyk Flöter's blog OpenBSD hacker. Coffee nerd. Founder. Ask Reyk (imaginary how-tos and 10 step guides) Sewage, Drainage and BSD Plumbing (bsd.plumbing/blog) A Replacement Call for Random (arc4random.com) Coffee with Reyk (copper.coffee) For now it will just be reykfloeter - blog iXsystems releases the X10 (https://www.ixsystems.com/blog/serverenvy-truenas-x10/) TrueNAS X10 is the the 3rd generation of the TrueNAS unified storage line. The X10 is the first of a new TrueNAS series, and will be expandable to up to 360TB with the TrueNAS ES12 expansion shelf. The X10 is cost effective, at a 30% lower price point than the Z20, making it an effective addition to your backup/DR infrastructure. The street price of a 20TB non-HA model falls under $10K. It's designed to move with six predefined configurations that match common use cases. The dual controllers for high availability are an optional upgrade to ensure business continuity and avoid downtime. The X10 boasts 36 hot swap SAS using two expansion shelves, for up to 360TB of storage, allowing you to backup thousands of VMs or share tens of thousands of files. One of the use cases for TrueNAS X10 is for backup, so users can upgrade the X10 to two ports of blazing 10GigE connectivity. The 20TB non-HA model enables you to backup over 7,000 VDI VMs for under $3.00 per VM. Overall, the X10 is a greener solution than the TrueNAS Z product line, with the non-HA version boasting only 138 watts of power and taking up only 2U of space. Best of all, the TrueNAS X10 starts at $5,500 street. You can purchase a 120TB configuration today for under $20K street. Glob Matching Can Be Simple And Fast Too (https://research.swtch.com/glob) Here's a straightforward benchmark. Time how long it takes to run ls (a)nb in a directory with a single file named a100, compared to running ls | grep (a.)nb. Superscripts denote string repetition and parentheses are for grouping only, so that when n is 3, we're running ls aaab in a directory containing the single file aaa…aaa (100 a's), compared against ls | grep a.a.a.b in the same directory. The exception seems to be the original Berkeley csh, which runs in linear time (more precisely, time linear in n). Looking at the source code, it doesn't attempt to perform glob expansion itself. Instead it calls the C library implementation glob(3), which runs in linear time, at least on this Linux system. So maybe we should look at programming language implementations too. Most programming languages provide some kind of glob expansion, like C's glob. Let's repeat the experiment in a variety of different programming languages: Perhaps the most interesting fact evident in the graph is that GNU glibc, the C library used on Linux systems, has a linear-time glob implementation, but BSD libc, the C library used on BSD and macOS systems, has an exponential-time implementation. PHP is not shown in the graph, because its glob function simply invokes the host C library's glob(3), so that it runs in linear time on Linux and in exponential time on non-Linux systems. (I have not tested what happens on Windows.) All the languages shown in the graph, however, implement glob matching without using the host C library, so the results should not vary by host operating system. The netkit ftpd runs quickly on Linux because it relies on the host C library's glob function. If run on BSD, the netkit ftpd would take exponential time. ProFTPD ships a copy of the glibc glob, so it should run quickly even on BSD systems. Ironically, Pure-FTPd and tnftpd take exponential time on Linux because they ship a copy of the BSD glob function. Presumably they do this to avoid assuming that the host C library is bug-free, but, at least in this one case, the host C library is better than the one they ship. Additional Reading This post is an elaboration of an informal 2012 Google+ post showing that most shells used exponential-time glob expansion. At the time, Tom Duff, the author of Plan 9's rc shell, commented that, “I can confirm that rc gets it wrong. My excuse, feeble as it is, is that doing it that way meant that the code took 10 minutes to write, but it took 20 years for someone to notice the problem. (That's 10 ‘programmer minutes', i.e. less than a day.)” I agree that's a reasonable decision for a shell. In contrast, a language library routine, not to mention a network server, today needs to be robust against worst-case inputs that might be controlled by remote attackers, but nearly all of the code in question predates that kind of concern. I didn't realize the connection to FTP servers until I started doing additional research for this post and came across a reference to CVE-2010-2632 in FreeBSD's glob implementation. BSD VPS Providers Needed (https://torbsd.github.io/blog.html#bsd-vps) One of TDP's recent projects is accumulating a list of virtual private server services (VPS) that provide a BSD option. VPS's are generally inexpensive services that enable the user to only concern themselves with software configuration, and not be bothered with hardware or basic operating system setup. In the pre-Cloud era, VPS providers were the “other people's computers” that users outsourced their systems to. The same shortcomings of cloud services apply to VPS providers. You don't control the hardware. Your files are likely viewable by users up the directory hierarchy. The entropy source or pool is a single source for multiple systems. The same time drift applies to all time-keeping services. Nevertheless, VPS services are often cheap and provide a good spread in terms of geography. All a provider really needs is a few server-grade computers and a decent network connection. VPS's are still a gateway drug to bare-metal servers, although it seems more and more of these gateway users stop at stage one. Cheap systems with a public IP are also a great way to tinker with a new operating system. For this reason, TDP created this list of BSD VPS providers. Some explicitly deny running Tor as a server. Some just reference vague “proxy services.” Others don't mention Tor or proxies at all. The list is a start with currently just under 70 VPS providers listed. Input through various channels already started, and TDP intends to update the list over the coming months. A first draft email and open letter addressed to the providers were drafted, and we are looking to speak directly to at least some of the better-known BSD VPS providers. We may be able to convince a few to allow public Tor relays, or at least published bridges. These providers could be new BSD users' gateway drug into the world of BSD Tor nodes. Running a Tor relay shouldn't be considered a particularly risky activity. Maybe we can adjust that perception. Let us know any input via email or GitHub, and we'll be glad to make updates. Beastie Bits Avoid OS Detection with OpenBSD (https://blog.cagedmonster.net/avoid-os-detection-openbsd/) TrueOS update to fix updating (https://www.trueos.org/blog/update-fix-updating/) MidnightBSD 0.8.5 VirtualBox Install (https://www.youtube.com/watch?v=I08__ZWaJ0w) BSD Pizza Night in Portland (http://calagator.org/events/tag/BSD) *** Feedback/Questions Andrew - BSDCan videos? (http://dpaste.com/08E90PX) Marc - The Rock64 Board (http://dpaste.com/08KE40G) Jason - Follow up on UEFI and Bhyve (http://dpaste.com/2EP7BFC) Patrick - EFI booting (http://dpaste.com/34Z9SFM) ***

This week on the show, we'll be talking to Petra about the NetBSD foundation, about how they operate and assist NetBSD behind the scenes. That plus lots of news This episode was brought to you by Headlines What is new on EC2 for FreeBSD 11.0-RELEASE (http://www.daemonology.net/blog/2016-10-03-FreeBSD-EC2-11-0-RELEASE.html) “FreeBSD 11.0-RELEASE is just around the corner, and it will be bringing a long list of new features and improvements — far too many for me to list here. I think there are some improvements in FreeBSD 11.0 which are particularly noteworthy for EC2 users.” “First, the EC2 Console Screenshot functionality now works with FreeBSD. This provides a "VGA" output as opposed to the traditional "serial port" which EC2 has exposed as "console output" for the past decade, and is useful largely because the "VGA" output becomes available immediately whereas the "serial port" output can lag by several minutes. This improvement is a simple configuration change — older releases didn't waste time writing to a non-serial console because it didn't go anywhere until Amazon added support on their side — and can be enabled on older FreeBSD releases by changing the line console="comconsole" to boot_multicons="YES" in /boot/loader.conf.” “The second notable change is support for EC2 "Enhanced Networking" using Intel 82599 hardware; on the C3, C4, R3, I2, D2, and M4 (excluding m4.16xlarge) families, this provides increased network throughput and reduced latency and jitter, since it allows FreeBSD to talk directly to the networking hardware rather than via a Xen paravirtual interface. Getting this working took much longer than I had hoped, but the final problem turned out not to be in FreeBSD at all — we were tickling an interrupt-routing bug in a version of Xen used in EC2. Unfortunately FreeBSD does not yet have support for the new "Elastic Network Adapter" enhanced networking used in P2 and X1 instance families and the m4.16xlarge instance type; I'm hoping that we'll have a driver for that before FreeBSD 11.1 arrives.” “The third notable change is an improvement in EC2 disk throughput. This comes thanks to enabling indirect segment I/Os in FreeBSD's blkfront driver; while the support was present in 10.3, I had it turned off by default due to performance anomalies on some EC2 instances. (Those EC2 performance problems have been resolved, and disk I/O performance in EC2 on FreeBSD 10.3 can now be safely improved by removing the line hw.xbd.xbdenableindirect="0" from /boot/loader.conf.)” “Finally, FreeBSD now supports all 128 CPUs in the x1.32xlarge instance type. This improvement comes thanks to two changes: The FreeBSD default kernel was modified in 2014 to support up to 256 CPUs (up from 64), but that resulted in a (fixed-size) section of preallocated memory being exhausted early in the boot process on systems with 92 or more CPUs; a few months ago I changed that value to tune automatically so that FreeBSD can now boot and not immediately panic with an out-of-the-box setup on such large systems.” “I think FreeBSD/EC2 users will be very happy with FreeBSD 11.0-RELEASE; but I'd like to end with an important reminder: No matter what you might see on FTP servers, in EC2, or available via freebsd-update, the new release has not been released until you see a GPG-signed email from the release engineer. This is not just a theoretical point: In my time as a FreeBSD developer I've seen multiple instances of last-minute release re-rolls happening due to problems being discovered very late, so the fact that you can see bits doesn't necessarily mean that they are ready to be downloaded. I hope you're looking forward to 11.0-RELEASE, but please be patient.” *** Upgrading Amazon EC2 instance from 10.3 to 11.0-PRERELEASE results in hang at boot (https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=213196) As if to underscore that last point, a last minute bug was found on sunday night A user reported that they used freebsd-update to upgrade an EC2 instance from 10.3 to 11.0 and it started hanging during boot After some quick investigation by Colin, the problem was reproduced Since I had done a lot of work in the loader recently, I helped Colin build a version of the loader with a lot of the debugging enabled, and some more added to try to isolate where in the loader the freeze was happening Colin and I worked late into the night, but eventually found the read from disk that was causing the hang Unlike most of the other reads, that were going into the heap, this read was into a very low memory address, right near the 640kb border. This initially distracted us from the real cause of the problem With more debugging added, it was determined that the problem was in the GELIBoot code, when reading the last sector of each partition to determine if it is encrypted. In cases where the partition is not 4k aligned, and butts up against the end of the disk, the formula used could result in a read past the end of the disk The formula rounds the last sector byte address down to the nearest factor of 4096, then reads 4096 bytes. Then that buffer is examined to determine if the partition is encrypted. If it is a 512b sector drive, the metadata will be in the last 512 bytes of that 4096 byte buffer. However, if the partition is not 4k aligned, the rounding will produce a value that is less than 4096 bytes from the end of the disk, and attempting to read 4096 bytes, will read past the end of the disk Normally this isn't that big of a problem, the BIOS will just return an error. The loader will retry up to three times, then give up and move on, continuing to boot normally. Some BIOSes are buggy, and will initiate their own retries, and the combination might result in a stall of up to 30 seconds for each attempt to read past the end of the disk But it seems that Amazon EC2 instances, (and possibly other virtual instances), will just hang in this case. This bug has existed for 6 months, but was not caught because almost all installations are 4k aligned thanks to changes made to the installer over the last few years, and most hardware continues to boot with no sign of a problem Even the EC2 snapshot images of 11.0 do not have the problem, as they use a newer disk layout that is 4k aligned by default now. The problem only seems to happen when older disk images are upgraded The fix has been committed and will be merged the the branches over the next few days An Errata notice will be issues, and the fix will be available via freebsd-update It is recommended that EC2 users, and anyone who wants to be especially cautious, wait until this errata notice goes out before attempting to upgrade from FreeBSD 10.3 to 11.0 You can determine if your partitions are 4k aligned by running ‘gpart show'. If there is free space after your last partition, you won't have any issues. *** OpenBSD 6.0 Limited Edition CD set (signed by developers) (http://undeadly.org/cgi?action=article&sid=20160929230557&mode=expanded) The first one went for .$4,200.00 (http://www.ebay.com/itm/-/331985953783) + Looking for your piece of OpenBSD history? At the recent g2k16 hackathon in Cambridge UK, 40 OpenBSD developers put pen to paper and signed 5 copies of the new 6.0 release. + Each of these will be auctioned off on ebay, with the proceeds to benefit the OpenBSD foundation. + The first auction has already ended, and CD set went for a whopping $4200! + The next set only has 2 days left, and currently stands at $3000! (http://www.ebay.com/itm/-/331990536246) + Get your bids in soon, these are VERY unique, the odds of getting the same 40 developers in a room together and signing a new .0 release may make this a once-in-a-lifetime opportunity. + Additionally, if you are just starting your OpenBSD collection, here's a nice image to make you envious: A nice collection of OpenBSD CD Sets (http://i.imgur.com/OrE0Gsa.png) [What typing ^D really does on Unix ](https://utcc.utoronto.ca/~cks/space/blog/unix/TypingEOFEffects) + How often have you used a ^D to generate an EOF? Do you really know what that does? + Chris Siebenmann has posted a look at this on his blog, which might not be what you think “Typing ^D causes the tty driver to immediately finish a read().” He continues on: Normally doing a read() from a terminal is line-buffered inside the tty driver; your program only wakes up when the tty driver sees the newline, at which point you get back the full line. (Note that this buffering is distinct from anything that your language's IO system may be doing.) Typing ^D causes the tty driver to stop waiting for a newline and immediately return from the read() with however much of the line has been accumulated to date. If you haven't typed anything on the line yet, there is nothing accumulated and the read() will return 0 bytes, which is conveniently the signal for end of file. If you have typed something the program will get it; because it doesn't have a trailing newline, the program's own line-buffering may take over and keep read()ing to get the rest of the line. (Other programs will immediately process the partial line with no buffering; cat is one example of this.) Once you've typed ^D on a partial line, that portion of the line is immutable because it's already been given to the program. Most Unixes won't let you backspace over such partial lines; effectively they become output, not input. (Note that modern shells are not good examples of this, because they don't do line-buffered input; to support command line editing, they switch terminal input into an uninterpreted mode. So they get the raw ^D and can do whatever they want with it, and they can let you edit as much of the pending line as they want.) Fascinating stuff, and interesting to see behind the curtain at exactly what's going on with your programs buffering and tty driver interaction. Interview - Petra Zeidler - spz@netbsd.org (mailto:spz@netbsd.org) NetBSD Foundation *** News Roundup Running FreeBSD in Travis-CI Thanks to KQEmu (http://erouault.blogspot.com/2016/09/running-freebsd-in-travis-ci.html) Travis-CI is the most popular testing framework on Github, but it doesn't support any of the BSDs This didn't discourage Even Rouault, who managed to run FreeBSD in KQEMU on the Linux instances provided by Travis-CI “Travis-CI has a free offer for software having public repository at GitHub. Travis-CI provides cloud instances running Linux or Mac OS X. To increase portability tests of GDAL, I wondered if it was somehow possible to run another operating system with Travis-CI, for example FreeBSD. A search lead me to this question (https://github.com/travis-ci/travis-ci/issues/1818) in their bug tracker but the outcome seems to be that it is not possible, nor in their medium or long term plans.” “One idea that came quickly to mind was to use the QEMU machine emulator that can simulate full machines, of several hardware architectures.” They found an existing image of FreeBSD 9.2 and configured the Travis job to download it and fire it up in QEMU. “Here we go: ./configure && make ! That works, but 50 minutes later (the maximum length of a Travis-CI job), our job is killed with perhaps only 10% of the GDAL code base being compiled. The reason is that we used the pure software emulation mode of QEMU that involves on-the-fly disassembling of the code to be run and re-assembling.” Travis-CI runs in Google Compute Engine, which does not allow nested virtualization, so hardware virtualization is not an option to speed up QEMU “Here comes the time for good old memories and a bit of software archeology. QEMU was started by Fabrice Bellard. If you didn't know his name yet, F. Bellard created FFMPEG and QEMU, holds a world record for the number of decimals of Pi computed on a COTS PC, has ported QEMU in JavaScript to run the Linux kernel in your browser, devised BPG, a new compression based on HEVC, etc....” “At the time where his interest was focused on QEMU, he created KQemu, a kernel module (for Linux, Windows, FreeBSD hosts), that could significantly enhance QEMU performance when the guest and hosts are x86/x86_64 and does not require (nor use) hardware virtualization instructions.” “Running it on Travis-CI was successful too, with the compilation being done in 20 minutes, so probably half of the speed of bare metal, which is good enough.” “I could also have potentially tried VirtualBox because, as mentioned above, it supports software virtualization with acceleration. But that is only for 32 bit guests (and I didn't find a ready-made FreeBSD 32bit image that you can directly ssh into). For 64 bit guests, VirtualBox require hardware virtualization to be available in the host. To the best of my knowledge, KQemu is (was) the only solution to enable acceleration of 64 bit guests without hardware requirements.” It will be interesting to see if enough people do this hack, maybe Travis-CI will consider properly supporting FreeBSD *** OpenBSD EuroBSDcon 2016 Papers are online (https://www.openbsd.org/events.html) Slides from the OpenBSD talks at EuroBSDCon are online now Landry Breuil, Building packages on exotic architectures (https://rhaalovely.net/~landry/eurobsdcon2016/) Peter Hessler, Bidirectional Forwarding Detection (BFD) implementation and support in OpenBSD (https://www.openbsd.org/papers/eurobsdcon2016-bfd.pdf) Ingo Schwarze, Why and how you ought to keep multibyte character support simple (https://www.openbsd.org/papers/eurobsdcon2016-utf8.pdf) (roff/mm/gpresent source code (https://www.openbsd.org/papers/eurobsdcon2016-utf8.roff)) Stefan Sperling, OpenBSD meets 802.11n (https://www.openbsd.org/papers/eurobsdcon2016-openbsd-11n.pdf) Antoine Jacoutot, OpenBSD rc.d(8) (https://www.bsdfrog.org/pub/events/openbsd-rcd-EuroBSDcon2016.pdf) Marc Espie, Retrofitting privsep into dpb and pkg_add (https://www.openbsd.org/papers/eurobsdcon2016-privsep.pdf) Martin Pieuchot, Embracing the BSD routing table (https://www.openbsd.org/papers/eurobsdcon2016-embracingbsdrt.pdf) I am working to build a similar website for the FreeBSD project, but there is still a lot of work to do I also managed to find the slides from the keynotes: Opening Keynote: George Neville-Neil: Looking Backwards: The coming decades of BSD (https://papers.freebsd.org/2016/EuroBSDCon/LookingBackwards.pdf) Closing Keynote: Gert Döring: Internet Attacks, Self-Governance, and the Consequences (http://www.monobsd.com/files/16_ddos_and_consequences.pptx) *** VirtualBox Shared Folders on FreeBSD: progress report (https://kernelnomicon.org/?p=650) In the past month or so, VirtualBox in the FreeBSD ports tree got bumped to version 5, which while bringing new features, did cause a regression in Shared Folders. FreeBSD developer gonzo@ (Oleksandr Tymoshenko) has been tackling this issue in recent days and provides us with a look behind the curtain at the challenges involved. Specifically he started by implementing the various needed VOPs: “lookup, access, readdir, read, getattr, readlink, remove, rmdir, symlink, close, create, open, write.” He then continues with details about how complete this is: ““Kind of implemented” means that I was able to mount directory, traverse it, read file, calculate md5 sums and compare with host's md5sum, create/remove directories, unzip zip file, etc but I doubt it would survive stress-test. Locking is all wrong at the moment and read/write VOPs allocate buffers for every operation.” The bigger issue faced is with the rename VOP though: I hit a roadblock with rename VOP: it involves some non-trivial locking logic and also there is a problem with cached paths. VBox hypervisor operates on full paths so we cache them in vboxfs nodes, but if one of parent directories is renamed, all cached names should be modified accordingly. I am going to tackle these two problems once I have long enough stretch of time time sit and concentrate on task. + We wish him luck in getting those issues solved. I know quite a few of our users rely on shared folders as well. FreeBSD News Issue #1 (http://support.rossw.net/FreeBSD-Issue1.pdf) Issue #1 of FreeBSD News, from summer of 1997 Contains an article by Yahoo! co-founder David Filo about their early use of FreeBSD, on 100mhz Pentium machines with 64MB of ram Java Development Kit 1.0.2 ported to FreeBSD What is FreeBSD? Running the world's busiest FTP site (cdrom.com) on FreeBSD Xi Graphics announces the release of CDE Business Desktop, the first and only integrated desktop for FreeBSD, on AcceleratedX, a fully supported commercial grade X display server Get FreeBSD 2.2.2 Today! *** Beastie Bits Call for testing: newly MPSAFE nvme(4) (http://mail-index.netbsd.org/current-users/2016/09/21/msg030183.html) Thinking about starting a BUG in Indianapolis, IN USA (http://lists.dragonflybsd.org/pipermail/users/2016-September/313061.html) The cost of forsaking C: Why students still need to learn C (https://medium.com/bradfield-cs/the-cost-of-forsaking-c-113986438784#.o2m5gv8y7) OpenBSD (U)EFI bootloader howto (https://blog.jasper.la/openbsd-uefi-bootloader-howto/) Michael Lucas sets his eyes on OpenBSD's web stack for his next book (http://blather.michaelwlucas.com/archives/2780) LibreSSL 2.5.0 released (http://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-2.5.0-relnotes.txt) OPNsense 16.7.5 released (https://opnsense.org/opnsense-16-7-5-released/) Feedback/Questions Jonas - ZFS on DO (http://pastebin.com/XeJhK0AJ) Ricardo - OpenBSD Encrypted Disk (http://pastebin.com/Z9JRjcvb) WiskerTickle - Storage Benchmark (http://pastebin.com/XAD0UevP) Phil - Thanks (http://pastebin.com/N52JhYru) Luis - Misc Questions (http://pastebin.com/57qS0wrx) ***

This week on BSDNow, Allen is away in the UK (For BSDCam), but we still have a full episode for you! Don't miss our interview with This episode was brought to you by Headlines My two year journey to becoming an OS Developer (http://zinascii.com/2016/going-to-joyent.html) A blog post by Ryan Zezeski about how he ended doing OS Development instead of working on application We have featured his posts before, including The illumos SYSCALL Handler (http://zinascii.com/2016/the-illumos-syscall-handler.html) It started in the summer of 2014: I had just left Basho after 3.5 years of working on Riak, when I decided I wanted to become an OS developer. I purchased Solaris Internals, cloned illumos-gate, fired up cscope, and got to work. I hardly knew any C, x86 might as well have been Brainfuck, and, frankly, I knew shit about operating systems. But I was determined. I've always learned best by beating my head against something until it makes sense. I'm not a fast learner; I'm persistent. What others have in ability I make up for in effort. And when it comes to OS internals it's all about work ethic. The more you look, the more you realize it's just another program. The main difference being: it's the program all the other programs run on. My strategy: to pick something, anything, that looked interesting, and write a post describing how it works. I wrote several of these posts in 2014 and 2015. More important, it put me in touch with Roger Faulkner: the creator of truss(1), the Solaris process model, and the real /proc filesystem. At the time I didn't like my interaction with Roger. He explained, in what I would later find out to be his typical gruff manner, that I was wrong; so I concluded he is a prick. But over the years I realized that I was being a brat—he was trying to teach me something and I let my ego get in the way. I've come to view that interaction as a blessing. I interacted with one of the greats, a mentor of my mentor's mentor (a Great Great Mentor). A couple of weeks later something even more surreal happened, at illumos Day 2014. Bryan Cantrill was the last speaker of the day. One of my mentors and someone I admire greatly. He was there to regale us with the story of Joyent's resurrection of lx-branded zones: Linux system call emulation on top of the illumos kernel. But before he would do that he decided to speak about me! I couldn't believe it. I was so overwhelmed that I don't remember most of what he said. I was too busy flipping shit—Bryan Cantrill is on stage, in front of other kernel developers I look up to, saying my name. I was in a dream. It turns out, unknown to me at the time, that he wrote the POSIX queue code for both Solaris and QNX, which I wrote about. He compared me to the great expository technical writers Elliott Organick and Richard Stevens. And it was at this moment that I knew I could do this: I could become an OS developer. Never underestimate the effect kind words can have on someone that looks up to you. There is a lot more to the story, and it is definitely worth the read The story then goes on to talk about his recent run in with Bryan Cantrill > A week from now my two year journey to become an OS developer comes to an end; and a new chapter begins. I don't know what specific things I'm going to work on, but I'm sure it will push me to the limit. I look forward to the challenge. *** Version 1.0 of the Lumina Desktop released (https://lumina-desktop.org/version-1-0-0-released/) After 4 years of development, Lumina Desktop has now hit version 1.0! This release brings with it a slew of new features and support: Completely customizable interface! Rather than having to learn how to use a new layout, change the desktop to suit you instead! Simple shortcuts for any application! The “favorites” system makes it easy to find and launch applications at any time. Extremely lightweight! Allows applications to utilize more of your system hardware and revitalizes older systems! Multiple-monitor support! Each monitor is treated as an independent entity – making it great for presentation systems which use a temporary monitor or for workstations which utilize an array of monitors for various tasks. While originally developed on PC-BSD, it already has been ported to a variety of different platforms, including OpenBSD, DragonFly, NetBSD, Debian and Gentoo Lumina has become the defacto desktop environment for TrueOS (Formerly PC-BSD), and looks like will provide a solid framework to continue growing desktop features. *** n2k16 hackathon report: Ken Westerback on dhclient, bridges, routing and more (http://undeadly.org/cgi?action=article&sid=20160804200232) Next up, we have a report from Ken Westerback talking about the recent OpenBSD hackathon in Prague He starts by telling us about the work in bpf: First order of business, stsp@'s weird setup involving bridges and multiple dhclient clients. A bit of bpf(4) programming to restrict dhclient to handling ethernet packets unicast to its interface worked. Cool. Unfortunately it turned out some lazy dhcp servers always use ethernet broadcasts just because some lesser, non-OpenBSD clients ignore unicast packets until they have configured IP. Classic chicken and egg. So this was backed out just before 6.0. Sigh. Next up, he talks about an idea he had on the flight over, specifically with regard to how DHCP leases are stored, and how keeping the SSID information with them could speed up re-connection times, by only trying leases for current SSID's connected. After a day or so of hacking, it was working! However for $REASONS it was shelved for post 6.0, bummer! He then discusses an on-going project with Peter Hessler on passing along relevant PIDs in response to routing messages generated by kernel from ioctl events. This is something they've been hacking at, in order to allow dhclient to recognize its own routing messages. Sounds like they are both still works-in-progress. However, Ken did get something in for 6.0: Diving back into dhclient code I discovered that in situations where multiple offers were received the unused offers were not being declined and discarded. Despite a clear comment saying that's what was being done! Thus dhclient might gradually use up more and more memory. And possibly be retrying offers that should have been discarded. The fix for this did make 6.0! Yay! In Memoriam Roger Faulkner (https://www.usenix.org/memoriam-roger-faulkner) USENIX has re-released Roger Faulkner's original paper on /proc as a free download The UNIX community recently lost one of its original pioneers, Roger Faulkner, whom one commenter described as “The godfather of post-AT&T UNIX” In his memory, the USENIX group as re-released his original paper on the /proc file-system from 1991. Roger worked in many area's of UNIX, however the process file system /proc was his special baby. “/proc began as a debugger interface superseding ptrace(2) but has evolved into a general interface to the process model.” The original /proc only had a file for each process, not a directory. "Data may be transferred from or to any valid locations in the process's address space by applying lseek(2) to position the file at the virtual address of interest followed by read(2) or write(2)." Processes could be controlled using IOCTLs on the file As the USENIX article states: Roger believed that terrible things were sometimes required to create beautiful abstractions, and his trailblazing work on /proc embodies this burden: the innards may be delicate and nasty ("vile," as Roger might say in his distinguished Carolinian accent)—but the resulting abstractions are breathtaking in their power, scope and robustness. RIP Roger, and thanks for the wonderful UNIX legacy you've left us all. Interview - Myke Geiger - myke@servernorth.net (mailto:myke@servernorth.net) / @mWare (https://twitter.com/mWare) Using FreeBSD at a DSL/Cable ISP *** News Roundup New options in bsdinstall - some sysctls and date/time settings (https://www.reddit.com/r/freebsd/comments/4vxnw3/new_options_in_bsdinstall_some_sysctls_and/) bsdinstall in FreeBSD 11.0 will feature a number of new menus. The first, well allow you to set the date and time. Often on computers that have been in storage, or some embedded type devices that have no RTC, the date will be wildly wrong, and ntpd will refuse to run until the date is correctly set. This feature makes it easy to enter the date and time using dialog(1) The second menu, inspired by the existing ‘services' menu, offers a number of ‘hardening' options This menu allows users to easily enable a number of security features, including: Hide processes running as other users/groups Disable reading the kernel message buffer and debugging processes for unprivileged users Randomize the PID of newly created processes Enable the stack guard Erase /tmp at boot Disable remote syslog Disable sendmail All of these options are off by default, so that an install done with the installer will be the same as an install from source, or an upgrade. A number of these options are candidates to become on-by-default in the future, so the hope is that this menu will get more users to test these features and find any negative interactions with applications or general use, so they can be fixed. *** Rawrite32: the NetBSD image writing tool (https://www.netbsd.org/~martin/rawrite32/) Martin of the NetBSD project has released a new version of his USB imaging tool, rawrite32 For those who've not used this tool before, it is a Windows Application that allows writing NetBSD images directly to USB media (other other disk media) This update brings with it support for writing .xz file, and binary signing This may come in handy for writing other OS images to memory sticks as well, especially for those locked into a windows environment who need to switch. *** ZFS-Snap-Diff -- A pretty interface for viewing what changed after a ZFS snapshot (https://github.com/j-keck/zfs-snap-diff) There are lots of nice little utilities to help create and maintain your ZFS snapshots. However today we have something unique to look at, ‘zfs-snap-diff'. What makes it unique, is that it ships with a built-in golang / angularjs GUI for snapshot management It looks very powerful, including a built-in diff utility, so you can even see the changes in text-files, in addition to downloading files, restoring old versions and more. Its nice to see so many ZFS utilities starting to take off, and evolve file-management further. *** Dtrace Conf 2016 Event Videos (https://www.joyent.com/about/events/2016/dtrace-conf) The videos from Dtrace.conf 2016 have been posted Some highlights: Useful DTrace Intro CTF Everywhere Distributed DTrace DTrace for Apps DTrace json() subroutine Implementing (or not) fds[] in FreeBSD OpenDTrace DTrace performance improvements with always-on instrumentation D Syntactic Sugar DTrace and Go, DTrace and Postgres dtrace.conf(16) wrap-up by Bryan Cantrill (https://www.joyent.com/blog/dtrace-conf-16-wrap-up) Once again, it was an eclectic mix of technologists — and once again, the day got kicked off with me providing an introduction to dtrace.conf and its history. (Just to save you the time filling out your Cantrill Presentation Bingo Card: you can find me punching myself at 16:19, me offering unsolicited personal medical history at 20:11, and me getting trolled by unikernels at 38:25.) The next DTrace.conf isn't until 2020 *** Beastie Bits The BSD Daemon features in Mexican candy packaging (https://www.reddit.com/r/BSD/comments/4vngmw/the_bsd_daemon_feature_in_mexican_candy_packaging/) Remove PG_ZERO and zeroidle (page-zeroing) entirely (http://lists.dragonflybsd.org/pipermail/commits/2016-August/624202.html) OpenBSD: Release Songs: 6.0: "Black Hat" (https://www.openbsd.org/lyrics.html#60b) OpenBSD Gaming Resource (http://satterly.neocities.org/openbsd_games.html) LibreSSL 2.4.2 and 2.3.7 Released (http://bsdsec.net/articles/libressl-2-4-2-and-2-3-7-released) Feedback/Questions Pedja - Bhyve GUI (http://pastebin.com/LJcJmNsR) Tim - Jail Management (http://pastebin.com/259x94Rh) Don - X260 (http://pastebin.com/A86yHnzz) David - Updates (http://pastebin.com/wjtcuVSA) Ghislain - Jail Management (http://pastebin.com/DgH9G7p5) ***

This episode was brought to you by iX Systems Mission Complete (https://www.ixsystems.com/missioncomplete/) Submit your story of how you accomplished a mission with FreeBSD, FreeNAS, or iXsystems hardware, and you could win monthly prizes, and have your story featured in the FreeBSD Journal! *** Headlines Why did I choose the DragonFlyBSD Operating System by Siju George (http://bsdmag.org/siju_george/) We have a new article this week by Siju George posted over at BSDMag, talking about his reasons for using DragonFlyBSD in production. He ran through periods of using both Free/OpenBSD, but different reasons led him away from each. Specifically problems doing port upgrades on FreeBSD, and the time required to do fsck / raid parity checks on OpenBSD. During his research, he had heard about the HAMMER file-system, but didn't know of anybody running it in production. After some mailing list conversions, and pointers from Matthew Dillon, he took the plunge and switched. Now he has fallen in love with the operating system, some of the key strengths he notes at: Rolling-Release model, which can be upgraded every few weeks or whenever he has the time No time-consuming fsck after a unclean shutdown No RAID parity checks while still having redundancy Able to add volumes to HAMMER on the fly He also mentions looking forward to HAMMER2, and its potential for easy clustering support, along with eventual CARP implementation so he can run two systems on the same IP. *** The Devil & BSD - Larry Cafiero (http://fossforce.com/2015/11/devil-bsd-leaving-linux-behind/) A story that has been making the rounds on social media is by Larry Cafiero, on his reasons for deciding to switch from Linux over to the BSD side of things. While most of the reasons are over the conflicts surrounding behavior by Linux leaders towards those in the community, he does mention that he has converted his main workstation over to PC-BSD. According to Larry, “With a couple of hours of adding backup files and tweaking (augmented by a variety of “oh, look” moments which could easily make me the ADHD Foundation Poster Boy), it looks exactly like my personally modified Korora 22 Xfce which graced the machine earlier. “ He also gave a great compliment to the quality of the docs / applications in PC-BSD: “In addition, you have to like a operating system which gives you a book — in this case, the PC-BSD Handbook — which should be the gold standard of documentation. It's enviable, as in, “man, I wish I had written that.” Also programs like AppCafe provide a plethora of FOSS software, so there's no shortage of programs. Side by side, there's nothing on the Linux side of things that is lacking on the BSD side of things.” Regardless the initial reason for the switch, we are glad to have him and any other switchers join us on the BSD side of FOSS. *** New resource for BSD-schoolin' (http://teachbsd.org/) “The initial repository (https://github.com/teachbsd/course) contains all of the material for the practitioner and masters style courses as well as a PDF for the teaching guide. All of the material is licensed under a BSD doc team license, also visible in the repo and on the github site.” “we expect all other work, including the extension of the practitioner course to 5 days, and the adaptation of the graduate course to undergraduates will be in the github repo” “Our goal now is to recruit a small number of universities to partner with us to teach this material. We will keep you posted on our progress.” We are working on getting an interview lined up to talk more about this project If I somehow find the time, I am try to contribute towards a sysadmin course similar to what I used to teach at an Arts&Tech College here in Canada *** A Few thoughts on OpenBSD 5.8 (http://lippard.blogspot.co.uk/2015/11/a-few-thoughts-on-openbsd-58.html) A user details their thoughts, reactions, and concerns after upgrading to OpenBSD 5.8 Among the changes: sudo was removed and replaced as doas. The user decided to make the switch, but ran into a bug with line continuation ( to escape newline to continue a long line) The removal of TCP Wrappers support from ssh - this caused a number of rules in hosts.allow to no longer be respected. The FreeBSD port of openssh-portable has a patch to readd TCP wrappers because many people find it useful, including myself, when the ssh is in a jail and cannot run a firewall The removal of the pfrules= rc.conf variable. “I used to just put the default pf.conf rules file in place with each release and upgrade, and keep my changes in a pf.conf.local file that was specified in the pfrules variable. The effect was that from the period after the upgrade until I noticed the change, my systems were using the default rules and thus more exposed than they were supposed to be” This is what is often called a “POLA Violation”, Policy of Least Astonishment. When deciding what the system should do after some change or new feature is introduced, it should be the thing that will be the least “surprising” to the user. Having your firewall rules suddenly not apply, is surprising. “A minor annoying change that was made in 5.8 was putting the file /var/unbound/db/root.key into /etc/changelist, so that the file gets checked daily by the security script. The issue with this is that if you are actually using unbound with DNSSEC, this file changes daily, though only in the comments” It is very helpful to see a list of feedback like this after a release, so that the next release can be better I would be interested in seeing similar feedback for the other BSDs *** Interview - Bryan Cantrill - @bcantrill (https://twitter.com/bcantrill) Linux Interface Rants News Roundup FreeBSD AMI building AMI - Colin's Corner (http://www.daemonology.net/blog/2015-11-21-FreeBSD-AMI-builder-AMI.html) Colin Percival (Of TarSnap Fame) has brought us a new article this week on how to create your own custom EC2 AMI builds. This new tool and instructions allows the creation of AMI files, without needing to go through the hassle of doing a fresh FreeBSD release build each time. Essentially it works similar to Colin's previous “de-penguinator” utility, by running a FreeBSD in a memory instance, allowing the disk to be unmounted and prepped for becoming an AMI. The hope is that this new work allows easier creation of a new variety of “customized” FreeBSD instances, for end users to download and deploy at will. *** Peter Hessler on OpenBSD / OpenBGPd (https://ripe71.ripe.net/archives/video/1200/) Last week a new video landed of Peter Hessler giving us a status update on OpenBSD tech, and OpenBGPd specifically Of interest, he notes that LibreSSL is being used in iOS / OSX, and of course PF is used all over, Apple, BSD, Solaris and even a Windows port! OpenNTPD gets a mention as well, still ZERO CVEs for the lifetime of the project On the OpenBGPd side, it is considered production ready, so no reason to hold back deployment Very “feature-complete”, able to handle Edge Router, Route server, Multi-RIB. Slew of optional features like route reflector, looking glass, mrt dumps, mpls / mpls vpn. Bugs fixed, crashers, memory constraints and performance has been improved Filtering Performance, in example provided, importing 561K rules / 60K prefixes, went from 35 minutes down to 30 seconds. *** Onion Omega Updates (https://github.com/freebsd/freebsd-wifi-build/wiki/Onion-Omega) I have a newer kernel config that will be committed soon that hooks up the system LED, and the three LEDs on the expansion dock via /dev/led I also have the I2C interface working to talk to the Relay and Servo expansions I have not determined the exact protocol for the Servo expansions, but the relay expansion is fairly simple to operate Instructions have been added to the wiki I have managed to use the GPIO to toggle external LEDs and to read the value from a switch I have also used the Servo PWM controller to dim an LED and control the speed of a PWM computer case fan My plan is to operate a 32x32 multi colour LED matrix from the device for an interactive christmas display *** FreeBSD Mastery: ZFS Book review (http://www.cyberciti.biz/datacenter/book-review-freebsd-mastery-zfs/) Book can be purchased here (http://smile.amazon.com/FreeBSD-Mastery-ZFS-7/dp/0692452354/) or from the list of vendors including directly from the author here (http://www.zfsbook.com/) *** Beastie Bits Computer History Museum is looking for Bell Labs UNIX (http://www.computerhistory.org/artifactdonation/) ACM Queue Portrait: Robert Watson (https://youtu.be/rA_5Cz99z28) Video Collection about BSD History, put together by FreeBSDNews (https://www.freebsdnews.com/2015/11/12/bsd-videos/) Minix announces its 2016 conference (http://www.minix3.org/conference/2016/) Chris Henschen from fP Technologies' talk about BSD is now online (http://bsdtalk.blogspot.com/2015/10/bsdtalk258-chris-henschen-from-fp.html) Mike Larkin and Theo de Raadt's talks from Hackfest this year in Quebec are online (http://undeadly.org/cgi?action=article&sid=20151123161651&mode=expanded) FreeBSD on a BeagleBoneBlack with a Touchscreen Display (http://kernelnomicon.org/?p=534) Dan Langille will be talking at CINLUG (http://www.cinlug.org/meetings/2015/December) Feedback/Questions John - Rpi2 and BSD (http://slexy.org/view/s2Gm06eC0Y) Roger - Win10 + FreeBSD (http://slexy.org/view/s2Kf2FG84H) Anonymous - Sharing Socket (http://slexy.org/view/s21bOG5UhS) Brad - Scrub Repaired (http://slexy.org/view/s20bKjCNXW) Kelly - Automated Provisioning (http://slexy.org/view/s2qb07BC2G) ***

This time on the show, we'll be talking with Justin Cormack about NetBSD rump kernels. We'll learn how to run them on other operating systems, what's planned for the future and a lot more. As always, answers to viewer-submitted questions and all the news for the week, on BSD Now - the place to B.. SD. This episode was brought to you by Headlines EuroBSDCon 2014 talks and tutorials (http://2014.eurobsdcon.org/talks-and-schedule/) The 2014 EuroBSDCon videos have been online for over a month, but unannounced - keep in mind these links may be temporary (but we'll mention their new location in a future show and fix the show notes if that's the case) Arun Thomas, BSD ARM Kernel Internals (https://va.ludost.net/files/eurobsdcon/2014/Rodopi/03.Saturday/01.BSD-ARM%20Kernel%20Internals%20-%20Arun%20Thomas.mp4) Ted Unangst, Developing Software in a Hostile Environment (https://va.ludost.net/files/eurobsdcon/2014/Rodopi/03.Saturday/02.Developing%20Software%20in%20a%20Hostile%20Environment%20-%20Ted%20Unangst.mp4) Martin Pieuchot, Taming OpenBSD Network Stack Dragons (https://va.ludost.net/files/eurobsdcon/2014/Rodopi/03.Saturday/03.Taming%20OpenBSD%20Network%20Stack%20Dragons%20-%20Martin%20Pieuchot.mp4) Henning Brauer, OpenBGPD turns 10 years (https://va.ludost.net/files/eurobsdcon/2014/Rodopi/03.Saturday/04.OpenBGPD%20turns%2010%20years%20-%20%20Henning%20Brauer.mp4) Claudio Jeker, vscsi and iscsid iSCSI initiator the OpenBSD way (https://va.ludost.net/files/eurobsdcon/2014/Rodopi/03.Saturday/05.vscsi(4)%20and%20iscsid%20-%20iSCSI%20initiator%20the%20OpenBSD%20way%20-%20Claudio%20Jeker.mp4) Paul Irofti, Making OpenBSD Useful on the Octeon Network Gear (https://va.ludost.net/files/eurobsdcon/2014/Rodopi/03.Saturday/06.Making%20OpenBSD%20Useful%20on%20the%20Octeon%20Network%20Gear%20-%20Paul%20Irofti.mp4) Baptiste Daroussin, Cross Building the FreeBSD ports tree (https://va.ludost.net/files/eurobsdcon/2014/Rodopi/04.Sunday/01.Cross%20Building%20the%20FreeBSD%20ports%20tree%20-%20Baptiste%20Daroussin.mp4) Boris Astardzhiev, Smartcom's control plane software, a customized version of FreeBSD (https://va.ludost.net/files/eurobsdcon/2014/Rodopi/04.Sunday/02.Smartcom%e2%80%99s%20control%20plane%20software,%20a%20customized%20version%20of%20FreeBSD%20-%20Boris%20Astardzhiev.mp4) Michał Dubiel, OpenStack and OpenContrail for FreeBSD platform (https://va.ludost.net/files/eurobsdcon/2014/Rodopi/04.Sunday/03.OpenStack%20and%20OpenContrail%20for%20FreeBSD%20platform%20-%20Micha%c5%82%20Dubiel.mp4) Martin Husemann & Joerg Sonnenberger, Tool-chaining the Hydra, the ongoing quest for modern toolchains in NetBSD (https://va.ludost.net/files/eurobsdcon/2014/Rodopi/04.Sunday/04.(Tool-)chaining%20the%20Hydra%20The%20ongoing%20quest%20for%20modern%20toolchains%20in%20NetBSD%20-%20Martin%20Huseman%20&%20Joerg%20Sonnenberger.mp4) Taylor R Campbell, The entropic principle: /dev/u?random and NetBSD (https://va.ludost.net/files/eurobsdcon/2014/Rodopi/04.Sunday/05.The%20entropic%20principle:%20dev-u%3frandom%20and%20NetBSD%20-%20Taylor%20R%20Campbell.mp4) Dag-Erling Smørgrav, Securing sensitive & restricted data (https://va.ludost.net/files/eurobsdcon/2014/Rodopi/04.Sunday/06.Securing%20sensitive%20&%20restricted%20data%20-%20Dag-Erling%20Sm%c3%b8rgrav.mp4) Peter Hansteen, Building The Network You Need (https://va.ludost.net/files/eurobsdcon/2014/Pirin/01.Thursday/01.Building%20The%20Network%20You%20Need%20With%20PF%20-%20Peter%20Hansteen.mp4) With PF (https://va.ludost.net/files/eurobsdcon/2014/Pirin/01.Thursday/02.Building%20The%20Network%20You%20Need%20With%20PF%20-%20Peter%20Hansteen.mp4) Stefan Sperling, Subversion for FreeBSD developers (https://va.ludost.net/files/eurobsdcon/2014/Pirin/01.Thursday/03.Subversion%20for%20FreeBSD%20developers%20-%20Stefan%20Sperling.mp4) Peter Hansteen, Transition to (https://va.ludost.net/files/eurobsdcon/2014/Pirin/02.Friday/01.Transition%20to%20OpenBSD%205.6%20-%20Peter%20Hansteen.mp4) OpenBSD 5.6 (https://va.ludost.net/files/eurobsdcon/2014/Pirin/02.Friday/02.Transition%20to%20OpenBSD%205.6%20-%20Peter%20Hansteen.mp4) Ingo Schwarze, Let's make manuals (https://va.ludost.net/files/eurobsdcon/2014/Pirin/02.Friday/03.Let%e2%80%99s%20make%20manuals%20more%20useful%20-%20Ingo%20Schwarze.mp4) more useful (https://va.ludost.net/files/eurobsdcon/2014/Pirin/02.Friday/04.Let%e2%80%99s%20make%20manuals%20more%20useful%20-%20Ingo%20Schwarze.mp4) Francois Tigeot, Improving DragonFly's performance with PostgreSQL (https://va.ludost.net/files/eurobsdcon/2014/Pirin/03.Saturday/01.Improving%20DragonFly%e2%80%99s%20performance%20with%20PostgreSQL%20-%20Francois%20Tigeot.mp4) Justin Cormack, Running Applications on the NetBSD Rump Kernel (https://va.ludost.net/files/eurobsdcon/2014/Pirin/03.Saturday/02.Running%20Applications%20on%20the%20NetBSD%20Rump%20Kernel%20-%20Justin%20Cormack.mp4) Pierre Pronchery, EdgeBSD, a year later (https://va.ludost.net/files/eurobsdcon/2014/Pirin/03.Saturday/04.EdgeBSD,%20a%20year%20later%20-%20%20Pierre%20Pronchery.mp4) Peter Hessler, Using routing domains or tables in a production network (https://va.ludost.net/files/eurobsdcon/2014/Pirin/03.Saturday/05.Using%20routing%20domains%20or%20tables%20in%20a%20production%20network%20-%20%20Peter%20Hessler.mp4) Sean Bruno, QEMU user mode on FreeBSD (https://va.ludost.net/files/eurobsdcon/2014/Pirin/03.Saturday/06.QEMU%20user%20mode%20on%20FreeBSD%20-%20%20Sean%20Bruno.mp4) Kristaps Dzonsons, Bugs Ex Ante (https://va.ludost.net/files/eurobsdcon/2014/Pirin/04.Sunday/01.Bugs%20Ex%20Ante%20-%20Kristaps%20Dzonsons.mp4) Yann Sionneau, Porting NetBSD to the LatticeMico32 open source CPU (https://va.ludost.net/files/eurobsdcon/2014/Pirin/04.Sunday/02.Porting%20NetBSD%20to%20the%20LatticeMico32%20open%20source%20CPU%20-%20Yann%20Sionneau.mp4) Alexander Nasonov, JIT Code Generator for NetBSD (https://va.ludost.net/files/eurobsdcon/2014/Pirin/04.Sunday/03.JIT%20Code%20Generator%20for%20NetBSD%20-%20Alexander%20Nasonov.mp4) Masao Uebayashi, Porting Valgrind to NetBSD and OpenBSD (https://va.ludost.net/files/eurobsdcon/2014/Pirin/04.Sunday/04.Porting%20Valgrind%20to%20NetBSD%20and%20OpenBSD%20-%20Masao%20Uebayashi.mp4) Marc Espie, parallel make, working with legacy code (https://va.ludost.net/files/eurobsdcon/2014/Pirin/04.Sunday/05.parallel%20make:%20working%20with%20legacy%20code%20-%20Marc%20Espie.mp4) Francois Tigeot, Porting the drm-kms graphic drivers to DragonFly (https://va.ludost.net/files/eurobsdcon/2014/Pirin/04.Sunday/06.Porting%20the%20drm-kms%20graphic%20drivers%20to%20DragonFly%20-%20Francois%20Tigeot.mp4) The following talks (from the Vitosha track room) are all currently missing: Jordan Hubbard, FreeBSD, Looking forward to another 10 years (but we have another recording) Theo de Raadt, Randomness, how arc4random has grown since 1998 (but we have another recording) Kris Moore, Snapshots, Replication, and Boot-Environments Kirk McKusick, An Introduction to the Implementation of ZFS John-Mark Gurney, Optimizing GELI Performance Emmanuel Dreyfus, FUSE and beyond, bridging filesystems Lourival Vieira Neto, NPF scripting with Lua Andy Tanenbaum, A Reimplementation of NetBSD Based on a Microkernel Stefano Garzarella, Software segmentation offloading for FreeBSD Ted Unangst, LibreSSL Shawn Webb, Introducing ASLR In FreeBSD Ed Maste, The LLDB Debugger in FreeBSD Philip Guenther, Secure lazy binding *** OpenBSD adopts SipHash (https://www.marc.info/?l=openbsd-tech&m=141614801713457&w=2) Even more DJB crypto somehow finds its way into OpenBSD's base system This time it's SipHash (https://131002.net/siphash/), a family of pseudorandom functions that's resistant to hash bucket flooding attacks while still providing good performance After an initial import (http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sys/crypto/siphash.c?rev=1.1&content-type=text/x-cvsweb-markup) and some clever early usage (https://www.marc.info/?l=openbsd-cvs&m=141604896822253&w=2), a few developers agreed that it would be better to use it in a lot more places It will now be used in the filesystem, and the plan is to utilize it to protect all kernel hash functions Some other places (http://www.bsdnow.tv/episodes/2013_12_18-cryptocrystalline) that Bernstein's work can be found in OpenBSD include the ChaCha20-Poly1305 authenticated stream cipher and Curve25519 KEX used in SSH, ChaCha20 used in the RNG, and Ed25519 keys used in signify (http://www.bsdnow.tv/episodes/2014_02_05-time_signatures) and SSH *** FreeBSD 10.1-RELEASE (https://www.freebsd.org/releases/10.1R/announce.html) FreeBSD's release engineering team (http://www.bsdnow.tv/episodes/2013-09-11_engineering_powder_kegs) likes to troll us by uploading new versions just a few hours after we finish recording an episode The first maintenance update for the 10.x branch is out, improving upon a lot of things found in 10.0-RELEASE The vt driver was merged from -CURRENT and can now be enabled with a loader.conf switch (and can even be used on a PlayStation 3) Bhyve has gotten quite a lot of fixes and improvements from its initial debut in 10.0, including boot support for ZFS Lots of new ARM hardware is supported now, including SMP support for most of them A new kernel selection menu was added to the loader, so you can switch between newer and older kernels at boot time 10.1 is the first to support UEFI booting on amd64, which also has serial console support now Lots of third party software (OpenSSH, OpenSSL, Unbound..) and drivers have gotten updates to newer versions It's a worthy update from 10.0, or a good time to try the 10.x branch if you were avoiding the first .0 release, so grab an ISO (http://ftp.freebsd.org/pub/FreeBSD/ISO-IMAGES-amd64/10.1/) or upgrade (https://www.freebsd.org/cgi/man.cgi?query=freebsd-update) today Check the detailed release notes (https://www.freebsd.org/releases/10.1R/relnotes.html) for more information on all the changes Also take a look at some of the known problems (https://www.freebsd.org/releases/10.1R/errata.html#open-issues) to see if (https://forums.freebsd.org/threads/segmentation-fault-while-upgrading-from-10-0-release-to-10-1-release.48977/) you'll (https://lists.freebsd.org/pipermail/freebsd-stable/2014-October/080599.html) be (https://forums.freebsd.org/threads/10-0-10-1-diocaddrule-operation-not-supported-by-device.49016/) affected (https://www.reddit.com/r/freebsd/comments/2mmzzy/101release_restart_problems_anyone/) by any of them PC-BSD was also updated accordingly (http://wiki.pcbsd.org/index.php/What%27s_New/10.1) with some of their own unique features and changes *** arc4random - Randomization for All Occasions (https://www.youtube.com/watch?v=aWmLWx8ut20) Theo de Raadt gave an updated version of his EuroBSDCon presentation at Hackfest 2014 in Quebec The presentation is mainly about OpenBSD's arc4random function, and outlines the overall poor state of randomization in the 90s and how it has evolved in OpenBSD over time It begins with some interesting history on OpenBSD and how it became a security-focused OS - in 1996, their syslogd got broken into and "suddenly we became interested in security" The talk also touches on how low-level changes can shake up the software ecosystem and third party packages that everyone uses There's some funny history on the name of the function (being called arc4random despite not using RC4 anymore) and an overall status update on various platforms' usage of it Very detailed and informative presentation, and the slides can be found here (http://www.openbsd.org/papers/hackfest2014-arc4random/index.html) A great quote from the beginning: "We consider ourselves a community of (probably rather strange) people who work on software specifically for the purpose of trying to make it better. We take a 'whole-systems' approach: trying to change everything in the ecosystem that's under our control, trying to see if we can make it better. We gain a lot of strength by being able to throw backwards compatibility out the window. So that means that we're able to do research and the minute that we decide that something isn't right, we'll design an alternative for it and push it in. And if it ends up breaking everybody's machines from the previous stage to the next stage, that's fine because we'll end up in a happier place." *** Interview - Justin Cormack - justin@netbsd.org (mailto:justin@netbsd.org) / @justincormack (https://twitter.com/justincormack) NetBSD on Xen, rump kernels, various topics News Roundup The FreeBSD foundation's biggest donation (http://freebsdfoundation.blogspot.com/2014/11/freebsd-foundation-announces-generous.html) The FreeBSD foundation has a new blog post about the largest donation they've ever gotten From the CEO of WhatsApp comes a whopping one million dollars in a single donation It also has some comments from the donor about why they use BSD and why it's important to give back Be sure to donate to the foundation of whatever BSD you use when you can - every little bit helps, especially for OpenBSD (http://www.openbsd.org/donations.html), NetBSD (https://www.netbsd.org/donations/) and DragonFly (http://www.dragonflybsd.org/donations/) who don't have huge companies supporting them regularly like FreeBSD does *** OpenZFS Dev Summit 2014 videos (http://open-zfs.org/wiki/OpenZFS_Developer_Summit) Videos from the recent OpenZFS developer summit are being uploaded, with speakers from different represented platforms and companies Matt Ahrens (http://www.bsdnow.tv/episodes/2014_05_14-bsdcanned_goods), opening keynote (https://www.youtube.com/watch?v=XnTzbisLYzg) Raphael Carvalho, Platform Overview: ZFS on OSv (https://www.youtube.com/watch?v=TJLOBLSRoHE) Brian Behlendorf, Platform Overview: ZFS on Linux (https://www.youtube.com/watch?v=_MVOpMNV7LY) Prakash Surya, Platform Overview: illumos (https://www.youtube.com/watch?v=UtlGt3ag0o0) Xin Li, Platform Overview: FreeBSD (https://www.youtube.com/watch?v=xO0x5_3A1X4) All platforms, Group Q&A Session (https://www.youtube.com/watch?v=t4UlT0RmSCc) Dave Pacheco, Manta (https://www.youtube.com/watch?v=BEoCMpdB8WU) Saso Kiselkov, Compression (https://www.youtube.com/watch?v=TZF92taa_us) George Wilson (http://www.bsdnow.tv/episodes/2013_12_04-zettabytes_for_days), Performance (https://www.youtube.com/watch?v=deJc0EMKrM4) Tim Feldman, Host-Aware SMR (https://www.youtube.com/watch?v=b1yqjV8qemU) Pavel Zakharov, Fast File Cloning (https://www.youtube.com/watch?v=-4c4gsLi1LI) The audio is pretty poor (https://twitter.com/OpenZFS/status/534005125853888512) on all of them unfortunately *** BSDTalk 248 (http://bsdtalk.blogspot.com/2014/11/bsdtalk248-dragonflybsd-with-matthew.html) Our friend Will Backman is still busy getting BSD interviews as well This time he sits down with Matthew Dillon, the lead developer of DragonFly BSD We've never had Dillon on the show, so you'll definitely want to give this one a listen They mainly discuss all the big changes coming in DragonFly's upcoming 4.0 release *** MeetBSD 2014 videos (https://www.meetbsd.com/) The presentations from this year's MeetBSD conference are starting to appear online as well Kirk McKusick (http://www.bsdnow.tv/episodes/2013-10-02_stacks_of_cache), A Narrative History of BSD (https://www.youtube.com/watch?v=DEEr6dT-4uQ) Jordan Hubbard (http://www.bsdnow.tv/episodes/2013_11_27-bridging_the_gap), FreeBSD: The Next 10 Years (https://www.youtube.com/watch?v=Mri66Uz6-8Y) Brendan Gregg, Performance Analysis (https://www.youtube.com/watch?v=uvKMptfXtdo) The slides can be found here (https://www.meetbsd.com/agenda/) *** Feedback/Questions Dominik writes in (http://slexy.org/view/s20PXjp55N) Steven writes in (http://slexy.org/view/s2LwEYT3bA) Florian writes in (http://slexy.org/view/s2ubK8vQVt) Richard writes in (http://slexy.org/view/s216Eq8nFG) Kevin writes in (http://slexy.org/view/s21D2ugDUy) *** Mailing List Gold Contributing without code (https://www.marc.info/?t=141600819500004&r=1&w=2) Compression isn't a CRIME (https://lists.mindrot.org/pipermail/openssh-unix-dev/2014-November/033176.html) Securing web browsers (https://www.marc.info/?t=141616714600001&r=1&w=2) ***

This time on the show we'll be talking with Jon Anderson about Capsicum and Casper to securely sandbox processes. After that, our tutorial will show you how to encrypt all your DNS lookups, either on a single system or for your whole network. News, emails and all the usual fun, on BSD Now - the place to B.. SD. This episode was brought to you by Headlines BSDCan 2014 talks and reports (https://www.bsdcan.org/2014/schedule/) The majority of the BSDCan talks are finally uploaded, so prepare to be flooded with links Karl Lehenbauer's keynote (https://www.youtube.com/watch?v=13LiyjnTGsQ) (he's on next week's episode) Mariusz Zaborski and Pawel Jakub Dawidek, Capsicum and Casper (https://www.youtube.com/watch?v=0la06FHbdvg) (relevant to today's interview) Luigi Rizzo, In-kernel OpenvSwitch on FreeBSD (https://www.youtube.com/watch?v=Lr5o1VQMtgA) Dwayne Hart, Migrating from Linux to FreeBSD for Backend Data Storage (https://www.youtube.com/watch?v=AVuF9eFeVWs) Warner Losh, NAND Flash and FreeBSD (https://www.youtube.com/watch?v=lj0XAE6C6-k) Simon Gerraty, FreeBSD bmake and Meta Mode (https://www.youtube.com/watch?v=4s0UY0sg6vI) Bob Beck, LibreSSL - The First 30 Days (https://www.youtube.com/watch?v=oM6S7FEUfkU) Henning Brauer, OpenBGPD Turns 10 Years Old (https://www.youtube.com/watch?v=cP8AW111IKg) Arun Thomas, BSD ARM Kernel Internals (https://www.youtube.com/watch?v=ZAM7fqhGRr8) Peter Hessler, Using BGP for Realtime Spam Lists (https://www.youtube.com/watch?v=i8UAVswpagA) Pedro Giffuni, Features and Status of FreeBSD's Ext2 Implementation (https://www.youtube.com/watch?v=HMeTxViulgo) Matt Ahrens, OpenZFS Upcoming Features and Performance Enhancements (https://www.youtube.com/watch?v=EjGqVdCOIhM) Daichi Goto, Shellscripts and Commands (https://www.youtube.com/watch?v=MsRu0xIawaA) Benno Rice, Keeping Current (https://www.youtube.com/watch?v=jZp-ciB6mAg) Sean Bruno, MIPS Router Hacking (https://www.youtube.com/watch?v=LZjoFSfIv3k) John-Mark Gurney, Optimizing GELI Performance (https://www.youtube.com/watch?v=2qicD0tv_tI) Patrick Kelsey, Userspace Networking with libuinet (https://www.youtube.com/watch?v=LhIx8q8_7YY) Massimiliano Stucchi, IPv6 Transitioning Mechanisms (https://www.youtube.com/watch?v=WZoQzUZKaeo) Roger Pau Monné, Taking the Red Pill (https://www.youtube.com/watch?v=q6l9qtjlNXU) Shawn Webb, Introducing ASLR in FreeBSD (https://www.youtube.com/watch?v=jo8ObzR1tKQ) There's also a trip report (http://undeadly.org/cgi?action=article&sid=20140519164127) from Peter Hessler and one from Julio Merino (http://julipedia.meroh.net/2014/05/bsdcan-2014-summary.html) The latter report also talks about how, unfortunately, NetBSD basically had no presence in the event at all (and how that's a recurring trend) *** Defend your network and privacy with a VPN and OpenBSD (http://networkfilter.blogspot.com/2014/05/defend-your-network-and-privacy-vpn.html) After all the recent news about spying, backdoored routers, deep packet inspection and everything else, you might want to start taking steps at getting some privacy back This article describes how to set up a secure network gateway and VPN using OpenBSD and related crypto utilities There are bits for DHCP, DNS, OpenVPN, DNSCrypt and a watchdog script to make sure your tunnel is always being used You can transparently tunnel all your outbound traffic over the VPN with this configuration, nothing is needed on any of the client systems - this could also be used with Tor (but it would be very slow) It also includes a few general privacy tips, recommended browser extensions, etc The intro to the article is especially great, so give the whole thing a read He mentions our OpenBSD router guide (http://www.bsdnow.tv/tutorials/openbsd-router) and other tutorials being a big help for this setup, so hello if you're watching! *** You should try FreeBSD (http://blog.pascalj.com/article/you-should-try-freebsd/) In this blog post, the author talks a bit about how some Linux people aren't familiar with the BSDs and how we can take steps to change that He goes into some FreeBSD history specifically, then talks about some of the apparent (and not-so-apparent) differences between the two Possibly the most useful part is how to address the question "my server already works, why bother switching?" "Stackoverflow's answers assume I have apt-get installed" It includes mention of the great documentation, stability, ports, improved security and much more A takeaway quote for would-be Linux switchers: "I like to compare FreeBSD to a really tidy room where you can find everything with your eyes closed. Once you know where the closets are, it is easy to just grab what you need, even if you have never touched it before" *** OpenBSD and the little Mauritian contributor (http://hacklog.in/openbsd-and-the-little-mauritian-contributor/) This is a story about a guy from Mauritius (https://en.wikipedia.org/wiki/Mauritius) named Logan, one of OpenBSD's newest developers Back in 2010, he started sending in patched for OpenBSD's "mg" editor, among other small things, and eventually added file transfer resume support for SFTP The article talks about his journey from just a guy who submits a patch here and there to joining the developer ranks and even getting his picture taken with Theo at a recent hackathon It really shows how easy it is to get involved with the different BSDs and contribute back to the software ecosystem Congrats to Logan, and hopefully this will inspire more people to start helping out and contributing code back *** Interview - Jon Anderson - jonathan@freebsd.org (mailto:jonathan@freebsd.org) Capsicum and Casperd Tutorial Encrypting DNS lookups (http://www.bsdnow.tv/tutorials/dnscrypt) News Roundup FreeBSD Journal, May 2014 issue (http://i.imgur.com/f0qg6Ss.jpg) The newest issue of the FreeBSD Journal (http://www.bsdnow.tv/episodes/2014_01_29-journaled_news_updates) is out, following the bi-monthly release cycle This time the topics include: a letter from the foundation, a ports report, some 9.3-RELEASE plans, an events calendar, an overview of ipfw, exploring network activity with dtrace, an article about kqueue, data distribution with dnssec and finally an article about TCP scaling Pick up your (digital) copy at Amazon, Google Play or on iTunes and have a read *** LibreSSL porting update (http://insanecoding.blogspot.com/2014/05/libressl-porting-update.html) Since the last LibreSSL post we covered, a couple unofficial "portable" versions have died off Unfortunately, people still think they can just port LibreSSL to other BSDs and Linux all willy-nilly - stop doing that! This post reiterates that LibreSSL currently relies on a lot of OpenBSD-specific security functions that are not present in other systems, and also gives a very eye-opening example Please wait for an official portable version instead of wasting time with these dime-a-dozen github clones that do more harm than good *** BSDMag May 2014 issue is out (http://bsdmag.org/magazine/1862-meteorjs-on-freebsd-11-may-bsd-issue) The usual monthly release from BSDMag, covering a variety of subjects This time around the topics include: managing large development projects using RCS, working with HAMMER FS and PFSes, running MeteorJS on FreeBSD 11, another bhyve article, more GIMP tutorials and a few other things It's a free PDF, go grab it *** BSDTalk episode 241 (http://bsdtalk.blogspot.com/2014/05/bsdtalk241-bob-beck.html) A new episode of BSDTalk (http://www.bsdnow.tv/episodes/2014_03_05-bsd_now_vs_bsdtalk) is out, this time with Bob Beck He talks about the OpenBSD foundation's recent activities, his own work in the project, some stories about the hardware in Theo's basement and a lot more The interview itself isn't about LibreSSL at all, but they do touch on it a bit too Really interesting stuff, covers a lot of different topics in a short amount of time *** Feedback/Questions We got a number of replies about last week's VPN question, so thanks to everyone who sent in an email about it - the vpnc (https://www.freshports.org/security/vpnc/) package seems to be what we were looking for Tim writes in (http://slexy.org/view/s20MK7bTyc) AJ writes in (http://slexy.org/view/s2OWREQdUA) Peter writes in (http://slexy.org/view/s202obAqbT) Thomas writes in (http://slexy.org/view/s21Kye2jAc) Martin writes in (http://slexy.org/view/s2zqFVqwxN) ***

We kick off the first episode with the latest BSD news, show you how to avoid intrusion detection systems and talk to Peter Hessler about BGP spam blacklists! Headlines Radeon KMS commited (https://lists.freebsd.org/pipermail/svn-src-head/2013-August/050931.html) Committed by Jean-Sebastien Pedron Brings kernel mode setting to -CURRENT, will be in 10.0-RELEASE (ETA 12/2013) 10-STABLE is expected to be branched in October, to begin the process of stabilizing development Initial testing shows it works well May be merged to 9.X, but due to changes to the VM subsystem this will require a lot of work, and is currently not a priority for the Radeon KMS developer Still suffers from the syscons / KMS switcher issues, same as Intel video More info: https://wiki.freebsd.org/AMD_GPU *** VeriSign Embraces FreeBSD (http://www.eweek.com/enterprise-apps/verisign-embraces-open-source-freebsd-for-diversity/) "BSD is quite literally at the very core foundation of what makes the Internet work" Using BSD and Linux together provides reliability and diversity Verisign gives back to the community, runs vBSDCon "You get comfortable with something because it works well for your particular purposes and can find a good community that you can interact with. That all rang true for us with FreeBSD." *** fetch/libfetch get a makeover (http://freshbsd.org/commit/freebsd/r253680) Adds support for SSL certificate verification Requires root ca bundle (security/rootcanss) Still missing TLS SNI support (Server Name Indication, allows name based virtual hosts over SSL) *** FreeBSD Foundation Semi-Annual Newsletter (http://www.freebsdfoundation.org/press/2013Jul-newsletter) The FreeBSD Foundation took the 20th anniversary of FreeBSD as an opportunity to look at where the project is, and where it might want to go The foundation sets out some basic goals that the project should strive towards: Unify User Experience “ensure that knowledge gained mastering one task translates to the next” “if we do pay attention to consistency, not only will FreeBSD be easier to use, it will be easier to learn” Design for Human and Programmatic Use 200 machines used to be considered a large deployment, with high density servers, blades, virtualization and the cloud, that is not so anymore “the tools we provide for status reporting, configuration, and control of FreeBSD just do not scale or fail to provide the desired user experience” “The FreeBSD of tomorrow needs to give programmability and human interaction equal weighting as requirements” Embrace New Ways to Document FreeBSD More ‘Getting Started' sections in documentation Link to external How-Tos and other documentation “upgrade the cross-referencing and search tools built into FreeBSD, so FreeBSD, not an Internet search engine, is the best place to learn about FreeBSD” Spring Fundraising Campaign, April 17 - May 31, raised a total of $219,806 from 12 organizations and 365 individual donors. In the same period last year we raised a total of $23,422 from 2 organizations and 53 individuals Funds donated to the FreeBSD Foundation have been used on these projects recently: Capsicum security-component framework Transparent superpages support of the FreeBSD/ARM architecture Expanded and faster IPv6 Native in-kernel iSCSI stack Five New TCP Congestion Control Algorithms Direct mapped I/O to avoid extra memory copies Unified Extensible Firmware Interface (UEFI) boot environment Porting FreeBSD to the Genesi Efika MX SmartBook laptop (ARM-based) NAND Flash filesystem and storage stack Funds were also used to sponsor a number of BSD focused conferences: BSDCan, EuroBSDCon, AsiaBSDCon, BSDDay, NYCBSDCon, vBSDCon, plus Vendor summits and Developer summits It is important that the foundation receive donations from individuals, to maintain their tax exempt status in the USA. Even a donation of $5 helps make it clear that the FreeBSD Foundation is backed by a large community, not only a few vendors Donate Today (http://www.freebsdfoundation.org/donate) *** The place to B...SD Ohio Linuxfest, Sept. 13-15, 2013 (http://ohiolinux.org/schedule) Very BSD friendly Kirk McKusick giving the keynote BSD Certification on the 15th, all other stuff on the 14th Multiple BSD talks *** LinuxCon, Sept. 16-18, 2013 (http://events.linuxfoundation.org/events/linuxcon-north-america) Dru Lavigne and Kris Moore will be manning a FreeBSD booth Number of talks of interest to BSD users, including ZFS coop (http://linuxconcloudopenna2013.sched.org/event/b50b23f3ed3bd728fa0052b54021a2cc?iframe=yes&w=900&sidebar=yes&bg=no) EuroBSDCon, Sept. 26-29, 2013 (http://2013.eurobsdcon.org/eurobsdcon-2013/talks/) Tutorials on the 26 & 27th (plus private FreeBSD DevSummit) 43 talks spread over 3 tracks on the 28 & 29th Keynote by Theo de Raadt Hosted in the picturesque St. Julians Area, Malta (Hilton Conference Centre) *** Interview - Peter Hessler - phessler@openbsd.org (mailto:phessler@openbsd.org) / @phessler (https://twitter.com/phessler) Using BGP to distribute spam blacklists and whitelists Tutorial Using stunnel to hide your traffic from Deep Packet Inspection (http://www.bsdnow.tv/tutorials/stunnel) News Roundup NetBSD 6.1.1 released (https://blog.netbsd.org/tnf/entry/netbsd_6_1_1_released) First security/bug fix update of the NetBSD 6.1 release branch Fixes 4 security vulnerabilities Adds 4 new sysctls to avoid IPv6 DoS attacks Misc. other updates *** Sudo Mastery (http://blather.michaelwlucas.com/archives/1792) MWL is a well-known author of many BSD books Also does SSH, networking, DNSSEC, etc. Next book is about sudo, which comes from OpenBSD (did you know that?) Available for preorder now at a discounted price *** Documentation Infrastructure Enhancements (http://freebsdfoundation.blogspot.com/2013/08/new-funded-project-documentation.html) Gábor Kövesdán has completed a funded project to improve the infrastructure behind the documentation project Will upgrade documentation from DocBook 4.2 to DocBook 4.5 and at the same time migrate to proper XML tools. DSSSL is an old and dead standard, which will not evolve any more. DocBook 5.0 tree added *** FreeBSD FIBs get new features (https://svnweb.freebsd.org/base?view=revision&revision=254943) FIBs (as discussed earlier in the interview) are Forward Information Bases (technical term for a routing table) The FreeBSD kernel can be compiled to allow you to maintain multiple FIBs, creating separate routing tables for different processes or jails In r254943 ps(1) is extended to support a new column ‘fib', to display which routing table a process is using *** FreeNAS 9.1.0 and 9.1.1 released (http://www.ixsystems.com/resources/ix/news/ixsystems-announces-revolutionary-freenas-910-release.html) Many improvements in nearly all areas, big upgrade Based on FreeBSD 9-STABLE, lots of new ZFS features Cherry picked some features from 10-CURRENT New volume manager and easy to use plugin management system 9.1.1 released shortly thereafter to fix a few UI and plugin bugs *** BSD licensed "patch" becomes default (http://freshbsd.org/commit/freebsd/r253689) bsdpatch has become mature, does what GNU patch can do, but has a much better license Approved by portmgr@ for use in ports Added WITHGNUPATCH build option for people who still need it ***