Podcasts about Realtek

Realtek Semiconductor Corporation v. ITC

beğenmeyi, paylaşmayı ve takip etmeyi unutmayın.

Allyn Malventano joins us for a very special (and storage-centric) episode! We talk about some of the things at Computex that captured our interest, and have an extended discussion about the promise of DirectStorage and how it could solve the GPU VRAM problem (if anyone actually implements it beyond that one game). Plus Jeremy has a fancy new desk to talk about, Josh reviews another racing wheel stand, and much, much more!00:00 Intro01:20 Burger of the Week02:31 Solid-state SSD cooling? (plus NAND temp talk)08:14 Crucial's T700 is a passively-cooled Gen5 SSD11:41 Shouting at your PC for better performance13:56 Noctua shows a 2nd Gen D15 cooler15:43 Realtek offers low-power, low-cost 5GbE NIC19:11 Remeber AGP Pro? ASUS is making PCIe Pro (sort of)21:18 NVIDIA's trillion dollar moment - plus AI/ML chat30:53 A world where NVIDIA makes CPUs, too?33:09 Podcast sponsor: Bloomberg Careers34:24 Featured topic: can storage save PC gaming?1:07:11 WD Red power on hours warnings after 3 years in a NAS1:14:48 Security Corner1:20:19 Gaming Quick Hits1:26:29 FlexiSpot Pro Plus Standing Desk E7 review1:34:13 Monoprice Dark Matter GT Foldable Racing Stand review1:41:43 Picks of the Week2:04:36 Outro ★ Support this podcast on Patreon ★

Kia ora Mosen At Largers. A reminder that this podcast is indexed by chapter. If you listen with a podcast client that offers chapter support, you can easily skip between segments. We also make transcripts available, thanks to sponsorship by Pneuma Solutions, a global leader in accessible cloud technologies. Visit them on the web at . You can find the transcripts on our website at Here are the topics covered in this episode, and the time in the file for each. It's our penultimate edition for 2022,0:00.000 Welcome y'all in San Antonio,1:01.006 A final reminder to vote for your top 10 holiday songs and join our special party,4:01.991 Feedback from the Aira interview,7:23.719 Alternative contacts app for iOS,10:14.636 Determining if a light is active on a charger,10:45.843 Guide dog refusals and responsibility,14:54.336 Mastodon,22:38.514 Amateur radio,27:11.334 Disability labels,39:07.102 A gift can brighten someone's day,48:41.364 Chromevox granularity shortcut,54:02.685 Staticless AM radio,54:55.825 Bari Azman and Diane Ducharme from BlindShell USA,1:00:56.378 Blind people working with the International Phonetic Alphabet,1:38:43.000 HidrateSpark smart water bottle,1:39:45.528 The frustrating RealTek Windows drivers and screen readers,1:41:48.763 The Bonnie Bulletin,1:45:24.517 Closing and contact info,1:56:43.904 Share your thoughts on these topics or any others. Drop me an email in writing or with an audio attachment, Jonathan at MushroomFm.com, or phone the listener line in the United States, +1864-60Mosen, that's +18646066736. Keep up with Mosen At Large between episodes. Follow MosenAtLarge on Twitter where you'll get audio extras, links to interesting news stories, sneak peeks about what's coming up and more. If you'd like to subscribe to our announcements only email list, please send email to And if you like the show, we'd love a positive review and for you to spread the word. Thank you.

Fede Kirschbaum from Faraday Security sits down with Dave to discuss their research on "A vulnerability in Realtek's SDK for eCos OS: pwning thousands of routers." The team at Faraday found a vulnerability that made it to DEFCON 30, labeling it high severity. With more and more people working from home for their companies, the research team went looking for where there may be vulnerabilities as employees are working from home. The research states that the team was "seeking and reporting security vulnerabilities in IoT devices, which led to the finding of an exploitable bug in a consumer-grade router popular in Argentina." They also stated in the research that it was escalating quickly and shares about how protecting home networks is important while working remotely. The research can be found here: A vulnerability in Realtek´s SDK for eCos OS: pwning thousands of routers

Federico Kirschbaum from Faraday Security sits down with Dave to discuss their research on "A vulnerability in Realtek's SDK for eCos OS: pwning thousands of routers." The team at Faraday found a vulnerability that made it to DEFCON 30, labeling it high severity. With more and more people working from home for their companies, the research team went looking for where there may be vulnerabilities as employees are working from home. The research states that the team was "seeking and reporting security vulnerabilities in IoT devices, which led to the finding of an exploitable bug in a consumer-grade router popular in Argentina." They also stated in the research that it was escalating quickly and shares about how protecting home networks is important while working remotely. The research can be found here: A vulnerability in Realtek´s SDK for eCos OS: pwning thousands of routers

Electron, the backbone of Teams and Discord, has a one click RCE vulnerability uncovered.POC for a 9.8 vulnerability targeting Realtek routers released online.Callback phishing as an attack vector sees an alarming 625% spike from last quarter.

Chrome Zero-Day, Splunk, Realtek Exploit, Iran targets Israel & China Cybersecurity News CyberHub Podcast August 17th, 2022 Today's Headlines and the latest #cybernews from the desk of the #CISO: New Google Chrome Zero-Day Vulnerability Being Exploited in the Wild Quarterly Security Patches Released for Splunk Enterprise Exploit out for critical Realtek flaw affecting many networking devices Iranian Group Targeting Israeli Shipping and Other Key Sectors Researchers Link Multi-Year Mass Credential Theft Campaign to Chinese Hackers Story Links: https://thehackernews.com/2022/08/new-google-chrome-zero-day.html https://www.securityweek.com/quarterly-security-patches-released-splunk-enterprise https://www.bleepingcomputer.com/news/security/exploit-out-for-critical-realtek-flaw-affecting-many-networking-devices/ https://www.securityweek.com/iranian-group-targeting-israeli-shipping-and-other-key-sectors https://thehackernews.com/2022/08/researchers-link-multi-year-mass.html “The Microsoft Doctrine” by James Azar now on Substack https://jamesazar.substack.com/p/the-microsoft-doctrine The Practitioner Brief is sponsored by: Your BRAND here - Contact us for opportunities today! ****** Find James Azar Host of CyberHub Podcast, CISO Talk, Goodbye Privacy, Digital Debate, and Other Side of Cyber James on Linkedin: https://www.linkedin.com/in/james-azar-a1655316/ Telegram: CyberHub Podcast ****** Sign up for our newsletter with the best of CyberHub Podcast delivered to your inbox once a month: http://bit.ly/cyberhubengage-newsletter ****** Website: https://www.cyberhubpodcast.com Youtube: https://www.youtube.com/c/TheCyberHubPodcast Rumble: https://rumble.com/c/c-1353861 s Facebook: https://www.facebook.com/CyberHubpodcast/ Linkedin: https://www.linkedin.com/company/cyberhubpodcast/ Twitter: https://twitter.com/cyberhubpodcast Instagram: https://www.instagram.com/cyberhubpodcast Listen here: https://linktr.ee/cyberhubpodcast The Hub of the Infosec Community. Our mission is to provide substantive and quality content that's more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure. Thank you for watching and Please Don't forget to Like this video and Subscribe to my Channel! #cybernews #infosec #cybersecurity #cyberhubpodcast #practitionerbrief #cisotalk #ciso #infosecnews #infosec #infosecurity #cybersecuritytips #podcast #technews #tinkertribe #givingback #securitytribe #securitygang #informationsecurity

[Referências do Episódio] - RedAlpha Conducts Multi-Year Credential Theft Campaign Targeting Global Humanitarian, Think Tank, and Government Organizations - https://go.recordedfuture.com/hubfs/reports/ta-2022-0816.pdf - PF realiza operação para apurar ataques a sites do Governo Federal - https://www.gov.br/pf/pt-br/assuntos/noticias/2022/08/pf-realiza-operacao-para-apurar-ataques-a-sites-do-governo-federal - Twilio Incident: What Signal Users Need to Know - https://support.signal.org/hc/en-us/articles/4850133017242 - Disrupting SEABORGIUM's ongoing phishing operations - https://www.microsoft.com/security/blog/2022/08/15/disrupting-seaborgiums-ongoing-phishing-operations/ - Exploit out for critical Realtek flaw affecting many networking devices - https://www.bleepingcomputer.com/news/security/exploit-out-for-critical-realtek-flaw-affecting-many-networking-devices/ [Ficha técnica] Apresentação: Carlos Cabral Roteiro: Carlos Cabral e Daniel Venzi Edição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia Projeto gráfico: Julian Prieto

Kia ora Mosen At Largers. A reminder that this podcast is indexed by chapter. If you listen with a podcast client that offers chapter support, you can easily skip between segments. We also make transcripts available, thanks to funding from InternetNZ. You can find these on our website at Here's what features in this week's show, and when. Update on the We're With U event,0:00.000 CapitalisingBraille when referring to the code,5:25.034 Looking for labelling tool recommendations,13:16.045 Best choices for computer security,15:14.683 Problems with iCloud for Windows,20:10.527 Radio station memories,23:25.073 I don't like Menulog either,52:10.932 Why doesn't iPhone make a sound when it starts?,55:44.686 Hints on how to perform a two-finger scrub,57:21.149 Thoughts on Android, computers and RealTek,59:18.982 Rebecca Blaevoet talks about being a candidate for Parliament inCanada's recent federal election,1:06:50.564 Looking for an accessible way to produce synchronised DAISY text and audio,1:46:33.837 The Zoom F3 and F6 digital recorders,1:48:36.822 Blindness, dark, fear,1:50:25.122 The Brailliant from HumanWare,1:51:19.830 What's the most accessible crowd funding site?,1:51:57.721 Seeking a dictaphone that plays MP3 files,1:53:07.577 Closing and contact info,1:54:21.203 Share your thoughts on these topics or any others. Drop me an email in writing or with an audio attachment, Jonathan at MushroomFm.com, or phone the listener line in the United States, +1864-60Mosen, that's +18646066736. Keep up with Mosen At Large between episodes. Follow MosenAtLarge on Twitter where you'll get audio extras, links to interesting news stories, sneak peeks about what's coming up and more. If you'd like to subscribe to our announcements only email list, please send email to And if you like the show, we'd love a positive review and for you to spread the word. Thank you.

This is important message has been inspired by recent hardships in my life. I enjoy speaking to you while traveling in mile high city. I am here to retell old stories that are "hush hush". We are being fed food for rought not food for thought. This blast of knowledge will spring you into numerous forms of healing and awakening. Let's ride. #Paranormal #poetry #universe #Realtek #history #metaphysical #religion --- Send in a voice message: https://anchor.fm/hair-and-skin-alchemy/message

Kia ora Mosen At Largers. A reminder that this podcast is indexed by chapter. If you listen with a podcast client that offers chapter support, you can easily skip between segments. On the show this week: Introduction,0:00.000 The Beatles Get Back documentary is incredible, but it highlights a big audio description problem for blind people,2:15.048 Remembering George Harrison on the 20th anniversary of his death. To find out when the tribute is on where you live, check the Mushroom FM Schedule,11:50.131 More comments on visual description of presenters at conferences and meetings,16:06.361 Comments on Dell and Realtek compatibility issues, and my new ThinkPad is on its way. If you live in New Zealand and want to buy the Dell XPS15 9500, check out the TradeMe listing,31:26.575 A research study on the accessibility and enjoyability of video games,39:01.638 A working from home opportunity, becoming a third-party seller,41:33.371 Standardising the spelling of DeafBlind,49:21.162 How Mosen At Large is produced using Reaper,51:51.826 Concluding our Chromebook series with a look at running Android apps and managing files,1:00:20.863 How do you add shortcuts to the desktop in Windows 11?,1:24:42.206 Some handy hints for working with GPS apps on your smartphone,1:26:18.572 Hearing aids and watchingTV,1:30:01.901 Comments on a variety of recent talking points,1:32:43.189 Does anyone have experience with the accessibility of LG TVs?,1:37:48.175 The Bonnie Bulletin,1:39:54.894 Closing and contact info,1:56:43.559 Share your thoughts on these topics or any others. Drop me an email in writing or with an audio attachment, Jonathan at MushroomFm.com, or phone the listener line in the United States, +1864-60Mosen, that's +18646066736. Keep up with Mosen At Large between episodes. Follow MosenAtLarge on Twitter where you'll get audio extras, links to interesting news stories, sneak peeks about what's coming up and more. If you'd like to subscribe to our announcements only email list, please send email to And if you like the show, we'd love a positive review and for you to spread the word. Thank you. Episode Notes Notes go here

Kia ora Mosen At Largers. A reminder that this podcast is indexed by chapter. If you listen with a podcast client that offers chapter support, you can easily skip between segments. On the show this week: Introduction,0:00.000 Great Buzzfeed article on ableist language,1:38.872 The Blind man and the dell. And my new Lenovo ThinkPad X1 Carbon,2:46.456 Scribe for Personal Documents feedback,27:03.234 More thoughts on meeting presenters describing themselves,29:16.007 Our Chromebook demo continues with a look at Braille support,59:56.124 Some thoughts onChromebooks,1:28:12.780 The Bonnie Bulletin,1:46:16.444 Should Apple police third-party accessibility?,1:54:35.283 Android thoughts,1:57:19.341 Closing and contact info,1:59:30.271 Share your thoughts on these topics or any others. Drop me an email in writing or with an audio attachment, Jonathan at MushroomFm.com, or phone the listener line in the United States, +1864-60Mosen, that's +18646066736. Keep up with Mosen At Large between episodes. Follow MosenAtLarge on Twitter where you'll get audio extras, links to interesting news stories, sneak peeks about what's coming up and more. If you'd like to subscribe to our announcements only email list, please send email to And if you like the show, we'd love a positive review and for you to spread the word. Thank you.

Episode 3 Millions of WIFI devices made vulnerable from Realteks SDK Trip and Honey discuss tech like no one else Join our community!! Subscribe to the Insecurity Brief podcast now on every platform we can find Follow us on Twitter @HoneyBeez0x @trip_elix links Our Website:https://www.tripelix.com/insecurity/millions-of-wifi-devices-made-vulnerable-from-realteks-sdk Youtube : https://www.youtube.com/watch?v=P6UpwSVD5BY Itunes: https://podcasts.apple.com/us/podcast/millions-of-wifi-devices-made-vulnerable-from-realteks-sdk/id1583788677?i=1000535386017 Soundcloud: https://soundcloud.com/user-841713900/episode-3the-insecurity-brief-millions-of-wifi-devices-made-vulnerable-from-realteks-sdk Spotify : https://open.spotify.com/episode/6VBqEZYiwtYdRhS7iYqBoN Trip's books https://www.tripelix.com/merch Honey's books https://beedefense.net #realtek #Talos #zeroday #wifi # Bladehawk #android #facebook Taiwanese chip designer Realtek is warning of four security vulnerabilities in three software development kits (SDKs) accompanying its WiFi modules, which are used in almost 200 IoT devices made by at least 65 vendors https://thehackernews.com/2021/08/multiple-flaws-affecting-realtek-wi-fi.html threatpost.comMultiple Flaws Affecting Realtek Wi-Fi SDKs Impact Nearly a Million IoT Devices Talos release protection against zero-day vulnerability in Microsoft MSHTML Cisco Talos released new SNORT® rules Thursday to protect against the exploitation of a zero-day vulnerability in Microsoft MSHTML that the company warns is being actively exploited in the wild. https://blog.talosintelligence.com/2021/09/talos-release-protection-against-zero.html talosintelligence.com BladeHawk group: Android espionage against Kurdish ethnic group ESET researchers have investigated a targeted mobile espionage campaign against the Kurdish ethnic group. This campaign has been active since at least March 2020, distributing (via dedicated Facebook profiles) two Android backdoors known as 888 RAT and SpyNote, disguised as legitimate apps. https://www.welivesecurity.com/2021/09/07/bladehawk-android-espionage-kurdish/ welivesecur

A new zero-click exploit targets the iPhone, Russia fines internet companies for not storing user data in the country, and you'll soon be able to put a driver's license in Apple Wallet, but should you? Show Notes: Bahraini activists targeted with new iOS zero-click exploit WhatsApp, Facebook, and Twitter fined for not storing user data inside Russia Firefox follows Chrome and prepares to block insecure downloads Tom Cruise surprises starstruck British family by landing helicopter in garden Hundreds of thousands of Realtek-based devices under attack from IoT botnet Apple and Google must allow developers to use other in-app payment systems, per new South Korean law A Parent's Guide to In-App Purchases on iOS, iPadOS, and macOS Daring Fireball on the South Korean in-app payment law Apple adds driver's licenses, state IDs to Apple Wallet Tweet from Nilay Patel This phishing attack is using a sneaky trick to steal your passwords, warns Microsoft Intego Mac Premium Bundle X9 is the ultimate protection and utility suite for your Mac. Download a free trial now at intego.com, and use this link for a special discount when you're ready to buy.

The team discusses a new data-protection shake-up in the UK, the latest hurdle in Nvidia's acquisition of Arm, vulnerabilities in a wide range of routers using Realtek chipsets and the inexorable rise of semiconductor prices. Our Hot Hardware candidate is the Samsung Galaxy Z Fold3 5G, a folding phone that could actually catch on.Here's a list of routers afflicted by the Realtek vulnerabilities: https://therecord.media/hundreds-of-thousands-of-realtek-based-devices-under-attack-from-iot-botnet/

Most government agencies use facial recognition Botnet scans for vulnerabilities in Realtek chipsets Does cyber insurance make ransomware worse? Thanks to our episode sponsor, Privacy.com Privacy.com lets you buy things online using virtual cards instead of having to use your real ones, protecting your identity and bank information on the internet. For example, when you're shopping online and ready to check out, simply generate a Privacy Card that will enter in random variables. Should the merchant ever get hacked, the fraudsters will never have access to your real information. Privacy Cards are also great for monitoring subscriptions and signing up for free trials where a card number is required. Simply close cards whenever you want to ensure you're never charged without your consent. Sign up for free today at privacy.com/ciso. New users will instantly receive a $5 credit, to be used for any online purchase you make!

On this week's show Patrick Gray and Adam Boileau discuss recent security news, including: T-Mobile owned hard USA no fly list winds up on unsecured ElasticSearch in Bahrain… because reasons Facebook scrambles to secure Afghani accounts Hacker steals and returns $600 from de-fi platform Healthcare sector struggles with ransomware attacks A very sweet TCP-based amplification technique that will be A Problem Much, much more Evan Sultanik and Dan Guido will be joining us to talk about Fickling – a tool developed by Trail of Bits to do unnatural things to the Python Pickle files that are heavily used as a means to share machine learning models. The machine learning supply chain is really quite wobbly, and they'll be joining us later to talk about that. Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that's your thing. Show notes T-Mobile breach climbs to over 50 million people T-Mobile: Breach Exposed SSN/DOB of 40M+ People – Krebs on Security 1.9 million records from the FBI's terrorist watchlist leaked online - The Record by Recorded Future Facebook, other platforms scramble to secure user accounts in Afghanistan This $600 Million Crypto Heist Is the Most Bizarre Hack in Recent Memory A Hacker Stole and Then Returned $600 Million Japanese crypto-exchange Liquid hacked for $94 million - The Record by Recorded Future Operator of the Helix bitcoin mixer pleads guilty to money laundering - The Record by Recorded Future Healthcare provider expected to lose $106.8 million following ransomware attack - The Record by Recorded Future Hospitals hamstrung by ransomware are turning away patients | Ars Technica US healthcare org sends data breach warning to 1.4m patients following ransomware attack | The Daily Swig The pandemic revealed the health risks of hospital ransomware attacks - The Verge Ransomware hackers could hit U.S. supply chain, experts warn Ransomware hits Lojas Renner, Brazil's largest clothing store chain - The Record by Recorded Future RansomClave project uses Intel SGX enclaves for ransomware attacks - The Record by Recorded Future Wanted: Disgruntled Employees to Deploy Ransomware – Krebs on Security Japan's Tokio Marine is the latest insurer to be victimized by ransomware Cyber insurance market encounters ‘crisis moment' as ransomware costs pile up White House to tackle cyber challenges with Apple, IBM, insurance CEOs | Reuters FBI sends its first-ever alert about a 'ransomware affiliate' - The Record by Recorded Future New LockFile ransomware gang weaponizes ProxyShell and PetitPotam attacks - The Record by Recorded Future Multiple ransomware gangs pounce on 'PrintNightmare' vulnerability Peterborough NH Cyberattack: Town Loses $2.3M in Taxpayer Money – NBC Boston Almost 2,000 Exchange servers hacked using ProxyShell exploit - The Record by Recorded Future ALTDOS hacking group wreaks havoc across Southeast Asia - The Record by Recorded Future Hackers Leak Surveillance Camera Videos Purportedly Taken From Inside Iran's Evin Prison - by Kim Zetter - Zero Day Apple reopens legal fight against security firm Corellium, raising concerns for ethical hackers Apple says researchers can vet its child safety features. But it's suing a startup that does just that. | MIT Technology Review This $500 Million Russian Cyber Mogul Planned To Take His Company Public—Then America Accused It Of Hacking For Putin's Spies Cisco: Security devices are vulnerable to SNIcat data exfiltration technique - The Record by Recorded Future SNIcat: Circumventing the guardians | mnemonic BlackBerry's popular operating system for medical devices affected by critical vulnerabilities, drawing fed warnings Realtek SDK vulnerabilities impact dozens of downstream IoT vendors | The Daily Swig Hundreds of thousands of Realtek-based devices under attack from IoT botnet - The Record by Recorded Future Accellion Kiteworks Vulnerabilities | Insomnia Security Firewalls and middleboxes can be weaponized for gigantic DDoS attacks - The Record by Recorded Future Hackers tried to exploit two zero-days in Trend Micro's Apex One EDR platform - The Record by Recorded Future Exhaustive study puts China's infamous Great Firewall under the microscope | The Daily Swig Web hosting platform cPanel & WHM is vulnerable to authenticated RCE and privilege escalation | The Daily Swig Benno on Twitter: "I will donate $50 to a charity of @riskybusiness' choice if he puts this in the show." / Twitter Never a dill moment: Exploiting machine learning pickle files PrivacyRaven: Implementing a proof of concept for model inversion GitHub - trailofbits/fickling: A Python pickling decompiler and static analyzer

This week in the Security News, Dr.Doug talks: Liquid, proxyshell redux redux, Realtek and Mirai, The Spaghetti Detective, the Taliban, Powerapps, and Hong Kong censorship, and the returning Expert Commentary of Jason Wood!   Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn145

This week in the Security News, Dr.Doug talks: Liquid, proxyshell redux redux, Realtek and Mirai, The Spaghetti Detective, the Taliban, Powerapps, and Hong Kong censorship, and the returning Expert Commentary of Jason Wood!   Show Notes: https://securityweekly.com/swn145 Visit https://www.securityweekly.com/swn for all the latest episodes!   Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

In today's podcast we cover four crucial cyber and technology topics, including: 1. Realtek SDKs being exploited just two days after vulnerability disclosed 2. Conti impacted SAC Systems, who now says personal data stolen during attack 3. Valve pays researcher for uncovering API flaw allowing unlimited fund addition 4. Google bans many fraudulent crypto mining apps from Play Store I'd love feedback, feel free to send your comments and feedback to  | cyberandtechwithmike@gmail.com

This week in the Security News, Dr.Doug talks: Liquid, proxyshell redux redux, Realtek and Mirai, The Spaghetti Detective, the Taliban, Powerapps, and Hong Kong censorship, and the returning Expert Commentary of Jason Wood!   Show Notes: https://securityweekly.com/swn145 Visit https://www.securityweekly.com/swn for all the latest episodes!   Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

純網路銀行一切服務都透過網路完成，可以節省掉實體銀行的店租、ATM 、行員、水電費、維護費之類的成本，進而提供更優惠的存款及貸款利率,促進金融產業邁向4.0 Telegram,理財STB https://t.me/stbstock11 瑞昱半導體股份有限公司（英語：Realtek Semiconductor Corp.）創辦於1987年10月21日，是一臺灣無廠半導體公司，2016年為全球十大無晶圓IC供應廠之一，亦是台灣第三大IC設計公司。瑞昱以新台幣200萬起家，最初是生產電腦周邊用品，後來開始研發網路晶片，並於1991年推出臺灣首顆自行研發的乙太網路卡控制器RTL8002。1995年9月成為台灣第一家取得ISO 9001認證之IC設計公司，1998年在臺證所掛牌上市。2006年9月取得ISO 14001認證。2017年，瑞昱的營業額已達新台幣416億元。 由於瑞昱的商標是一個寫著「RMC」字樣的螃蟹圖案，早期網路晶片與音效晶片都是獨立的PCI介面卡時，產品CP值相當高，被電腦愛好者暱稱為「螃蟹卡」。 迄今，半數以上的Windows桌機和筆電均內建其音效卡 Realtek Semiconductor Corp. (English: Realtek Semiconductor Corp.) was founded on October 21, 1987. It is a Taiwanese fabless semiconductor company. In 2016, it was one of the world's top ten fabless IC suppliers and the No. Three major IC design companies. Realtek started with NT$2 million. It initially produced computer peripherals and then began to develop network chips. In 1991, it launched Taiwan's first self-developed Ethernet card controller RTL8002. In September 1995, it became the number one in Taiwan. An IC design company with ISO 9001 certification, listed on the Taiwan Stock Exchange in 1998. Obtained ISO 14001 certification in September 2006. In 2017, Realtek's turnover reached NT$41.6 billion. Since Realtek's trademark is a crab pattern with the words "RMC" written on it, when the early network chips and audio chips were independent PCI interface cards, the CP value of the product was quite high, and it was nicknamed "Crab Card" by computer enthusiasts. So far, more than half of Windows desktops and laptops have built-in sound cards Powered by Firstory Hosting

Security in a Complex World, Huawei’s HarmonyOS embodies “Fake it till you make it”, Hackers Infiltrating the World of Online Gaming, Sloppy patches breed zero-day exploits, Dutch researcher hacks prepaid vending machines, When was the last time you said: "Hey, that web app on that IoT/network device was really secure!"? Test Amber Alert accidentally sent out warning of Chucky from the Child’s Play horror movies, Major Vulnerabilities Discovered in Realtek RTL8195A Wi-Fi Module, New Linux malware steals SSH credentials from supercomputers, From Microsoft: how not to run Docker in Azure Functions.   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw682

Security in a Complex World, Huawei’s HarmonyOS embodies “Fake it till you make it”, Hackers Infiltrating the World of Online Gaming, Sloppy patches breed zero-day exploits, Dutch researcher hacks prepaid vending machines, When was the last time you said: "Hey, that web app on that IoT/network device was really secure!"? Test Amber Alert accidentally sent out warning of Chucky from the Child’s Play horror movies, Major Vulnerabilities Discovered in Realtek RTL8195A Wi-Fi Module, New Linux malware steals SSH credentials from supercomputers, From Microsoft: how not to run Docker in Azure Functions.   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw682

FreeBSD 12.2 is available, ZFS Webinar, Enhancing Syzkaller support for NetBSD, how the OpenBSD -stable packages are built, OPNsense 20.7.4 released, and more NOTES This episode of BSDNow is brought to you by Tarsnap (https://www.tarsnap.com/bsdnow) Headlines FreeBSD 12.2 Release (https://www.freebsd.org/releases/12.2R/relnotes.html) The release notes for FreeBSD 12.2-RELEASE contain a summary of the changes made to the FreeBSD base system on the 12-STABLE development line. This document lists applicable security advisories that were issued since the last release, as well as significant changes to the FreeBSD kernel and userland. Some brief remarks on upgrading are also presented. ZFS Webinar: November 18th (https://klarasystems.com/learning/best-practices-for-optimizing-zfs1/) Join us on November 18th for a live discussion with Allan Jude (VP of Engineering at Klara Inc) in this webinar centred on “best practices of ZFS” Building Your Storage Array – Everything from picking the best hardware to RAID-Z and using mirrors. Keeping up with Data Growth – Expanding and growing your pool, and of course, shrinking with device evacuation. Datasets and Properties – Controlling settings with properties and many other tricks! News Roundup Google Summer of Code 2020: [Final Report] Enhancing Syzkaller support for NetBSD (https://blog.netbsd.org/tnf/entry/google_summer_of_code_20202) Sys2syz would give an extra edge to Syzkaller for NetBSD. It has a potential of efficiently automating the conversion of syscall definitions to syzkaller’s grammar. This can aid in increasing the number of syscalls covered by Syzkaller significantly with the minimum possibility of manual errors. Let’s delve into its internals. How the OpenBSD -stable packages are built (https://dataswamp.org/~solene/2020-10-29-official-openbsd-stable-architecture.html) In this long blog post, I will write about the technical details of the OpenBSD stable packages building infrastructure. I have setup the infrastructure with the help of Theo De Raadt who provided me the hardware in summer 2019, since then, OpenBSD users can upgrade their packages using pkg_add -u for critical updates that has been backported by the contributors. Many thanks to them, without their work there would be no packages to build. Thanks to pea@ who is my backup for operating this infrastructure in case something happens to me. OPNsense 20.7.4 released (https://opnsense.org/opnsense-20-7-4-released/) This release finally wraps up the recent Netmap kernel changes and tests. The Realtek vendor driver was updated as well as third party software cURL, libxml2, OpenSSL, PHP, Suricata, Syslog-ng and Unbound just to name a couple of them. Beastie Bits Binutils and linker changes (https://www.dragonflydigest.com/2020/11/03/25120.html) 28 Years of NetBSD contributions (https://github.com/NetBSD/src/graphs/contributors) Bluetooth Audio on OpenBSD (https://ifconfig.se/bluetooth-audio-openbsd.html) K8s Bhyve (https://k8s-bhyve.convectix.com) *** Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions Sean - C Flags (https://github.com/BSDNow/bsdnow.tv/blob/master/episodes/376/feedback/Sean%20-%20C%20Flags.md) Thierry - RPI ZFS question (https://github.com/BSDNow/bsdnow.tv/blob/master/episodes/376/feedback/Thierry%20-%20RPI%20ZFS%20question.md) Thierry's script (https://github.com/BSDNow/bsdnow.tv/blob/master/episodes/376/feedback/script.md) *** Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv (mailto:feedback@bsdnow.tv) ***

Prima Puntata relativa all'Hardware che andrà a costituire il nostro server. Per non rendere questa parte noiosa o troppo tecnica queste puntate e le successive esporranno principalmente delle linee guida da adottare per costruire un sistema robusto e con possibili difetti ridotti al minimo.Ovviamente se vorrete elaborare una vostra configurazione e non siete sicuri del tutto di cosa state facendo non esitate a contattarmi in modo da poterla analizzare insieme, trovare eventuali problemi e risolverli nel modo più indolore possibile.-----Sito Web : https://www.magnetarman.com/Support Page : https://www.magnetarman.com/support/Twitter : https://twitter.com/magnetar_manInstagram : https://www.instagram.com/magnetar_man/Telegram : https://t.me/magnetarmanMail : me@magnetarman.com-----

In episode #16, we talk about fixing Real­tek HD Audio Man­ag­er. Every computer needs to have an audio driver for using audio devices what Realtek audio manager does it that it provides different options for changing sound settings and managing audio devices. But sometimes Realtek Audio Manager fails to open, or the icon goes completely missing from the taskbar. These issues can happen after a Windows 10 update or because of some malware. But there are ways to fix Realtek HD Audio Manager missing in Windows 10. So let’s dig right in. Prefer screenshots please visit: https://www.techbrackets.com/fix-realtek-hd-audio-manager-missing-windows-10/ Leave Some Feedback: What should we talk about next? Please let us know in the comments below Did you enjoy this episode? If so, please leave a short review. Connect with Us: TechBrackets.com Twitter @BracketsTech Instagram @tech_brackets Facebook @TechBrackets Pinterest @TechBrackets

SafeBreach Labs discovered a new vulnerability in the Realtek HD Audio Driver Package, which is deployed on PCs containing Realtek sound cards.  On this week's Research Saturday, our conversation with Itzik Kotler, who is Co-Founder and CTO at SafeBreach.  The research can be found here:  Realtek HD Audio Driver Package - DLL Preloading and Potential Abuses

SafeBreach Labs discovered a new vulnerability in the Realtek HD Audio Driver Package, which is deployed on PCs containing Realtek sound cards.  On this week's Research Saturday, our conversation with Itzik Kotler, who is Co-Founder and CTO at SafeBreach.  The research can be found here:  Realtek HD Audio Driver Package - DLL Preloading and Potential Abuses The CyberWire's Research Saturday is presented by Juniper Networks. Thanks to our sponsor Enveil, closing the last gap in data security.

A daily look at the relevant information security news from overnight.Episode 187 - 01 November 2019Gafgyt bot-maker - https://www.zdnet.com/article/this-aggressive-iot-malware-is-forcing-wi-fi-routers-to-join-its-botnet-army/Horde helper - https://techcrunch.com/2019/10/31/horde-webmail-inbox-one-click/China taps SMS - https://threatpost.com/china-hackers-spy-texts-messagetap-malware/149761/Web.oops - https://www.scmagazine.com/home/security-news/data-breach/web-com-discloses-breach-affecting-customer-account-info/QNAP snatched - https://www.zdnet.com/article/thousands-of-qnap-nas-devices-have-been-infected-with-the-qsnatch-malware/

DNS over TLS Scans https://isc.sans.edu/forums/diary/Whats+up+with+TCP+853+DNS+over+TLS/25438/ NordVPN and Others Compromised https://techcrunch.com/2019/10/21/nordvpn-confirms-it-was-hacked/ https://twitter.com/hexdefined/status/1186106695073726466 Trend Micro Bypass http://hyp3rlinx.altervista.org/advisories/TREND-MICRO-ANTI-THREAT-TOOLKIT-(ATTK)-REMOTE-CODE-EXECUTION.txt Realtek Linux Wifi Driver Buffer Overflow https://twitter.com/nicowaisman/status/1184864519316758535

DNS over TLS Scans https://isc.sans.edu/forums/diary/Whats+up+with+TCP+853+DNS+over+TLS/25438/ NordVPN and Others Compromised https://techcrunch.com/2019/10/21/nordvpn-confirms-it-was-hacked/ https://twitter.com/hexdefined/status/1186106695073726466 Trend Micro Bypass http://hyp3rlinx.altervista.org/advisories/TREND-MICRO-ANTI-THREAT-TOOLKIT-(ATTK)-REMOTE-CODE-EXECUTION.txt Realtek Linux Wifi Driver Buffer Overflow https://twitter.com/nicowaisman/status/1184864519316758535

DragonflyBSD 5.4 has been released, down the Gopher hole with OpenBSD, OpenBSD in stereo with VFIO, BSD/OS the best candidate for legally tested open source Unix, OpenBGPD adds diversity to the routing server landscape, and more. Headlines DragonflyBSD 5.4 released DragonFly version 5.4 brings a new system compiler in GCC 8, improved NUMA support, a large of number network and virtual machine driver updates, and updates to video support. This release is 64-bit only, as with previous releases. The details of all commits between the 5.2 and 5.4 branches are available in the associated commit messages for 5.4.0rc and 5.4.0. Big-ticket items Much better support for asymmetric NUMA (Non-Uniform Memory Access) configurations. In particular, both the memory subsystem and the scheduler now understand the Threadripper 2990WX’s architecture. The scheduler will prioritize CPU nodes with direct-attached memory and the memory subsystem will normalize memory queues for CPU nodes without direct-attached memory (which improves cache locality on those CPUs). Incremental performance work. DragonFly as a whole is very SMP friendly. The type of performance work we are doing now mostly revolves around improving fairness for shared-vs-exclusive lock clashes, reducing cache ping-ponging due to non-contending SMP locks (i.e. massive use of shared locks on shared resources), and so forth. Major updates to dports brings us to within a week or two of FreeBSD’s ports as of this writing, in particular major updates to chromium, and making the whole mess work with gcc-8. Major rewriting of the tty clist code and the tty locking code, significantly improving concurrency across multiple ttys and ptys. GCC 8 DragonFly now ships with GCC 8.0, and runs as the default compiler. It is also now used for building dports. GCC 4.7.4 and GCC 5.4.1 are still installed. 4.7.4 is our backup compiler, and 5.4.1 is still there to ensure a smooth transition, but should generally not be used. buildworld builds all three by default to ensure maximum compatibility. Many passes through world sources were made to address various warnings and errors the new GCC brought with it. HAMMER2 HAMMER2 is recommended as the default root filesystem in non-clustered mode. Clustered support is not yet available. Increased bulkfree cache to reduce the number of iterations required. Fixed numerous bugs. Improved support on low-memory machines. Significant pre-work on the XOP API to help support future networked operations. Details Checksums MD5 (dfly-x86_64-5.4.0_REL.img) = 7277d7cffc92837c7d1c5dd11a11b98f MD5 (dfly-x86_64-5.4.0_REL.iso) = 6da7abf036fe9267479837b3c3078408 MD5 (dfly-x86_64-5.4.0_REL.img.bz2) = a77a072c864f4b72fd56b4250c983ff1 MD5 (dfly-x86_64-5.4.0_REL.iso.bz2) = 4dbfec6ccfc1d59c5049455db914d499 Downloads Links DragonFly BSD is 64-bit only, as announced during the 3.8 release. USB: dfly-x86_64-5.4.0_REL.img as bzip2 file ISO: dfly-x86_64-5.4.0_REL.iso as bzip2 file Uncompressed ISO: dfly-x86_64-5.4.0_REL.iso (For use with VPS providers as an install image.) Down the Gopher hole with OpenBSD, Gophernicus, and TLS In the early 2000s I thought I had seen the worst of the web - Java applets, Macromedia (>Adobe) Flash, animated GIFs, javascript snow that kept you warm in the winter by burning out your CPU, and so on. For a time we learned from these mistakes, and started putting the burden on the server-side - then with improvements in javascript engines we started abusing it again with JSON/AJAX and it all went down hill from there. Like cloud computing, blockchains, machine learning and a tonne of other a la mode technologies around today - most users and service providers don’t need websites that consume 1GB of memory processing JS and downloading 50MB of compressed data just to read Alice’s one-page travel blog or Bob’s notes on porting NetBSD to his blood-pressure monitor. Before the HTTP web we relied on Prestel/Minitel style systems, BBS systems, and arguably the most accessible of all - Gopher! Gopher was similar to the locally accessed AmigaGuide format, in that it allowed users to search and retrieve documents interactively, with links and cross-references. Its efficiency and distraction-free nature make it attractive to those who are tired of the invasive, clickbait, ad-filled, javascript-laden web2/3.x. But enough complaining and evangelism - here’s how to get your own Gopher Hole! Gophernicus is a modern gopher daemon which aims to be secure (although it still uses inetd -_-); it’s even in OpenBSD ports so at least we can rely on it to be reasonably audited. If you need a starting point with Gopher, SDF-EU’s wiki has a good article here. https://sdfeu.org/w/tutorials:gopher Finally, if you don’t like gopher(1) - there’s always lynx(1) or NCSA Mosaic! https://cryogenix.net/NCSA_Mosaic_OpenBSD.html I’ve added TLS support to Gophernicus so you don’t need to use stunnel anymore. The code is ugly and unpolished though so I wouldn’t recommend for production use. https://github.com/0x16h/gophernicus https://github.com/0x16h/gophernicus/blob/master/INSTALL.openbsd News Roundup OpenBSD in Stereo with Linux VFIO I use a Huawei Matebook X as my primary OpenBSD laptop and one aspect of its hardware support has always been lacking: audio never played out of the right-side speaker. The speaker did actually work, but only in Windows and only after the Realtek Dolby Atmos audio driver from Huawei was installed. Under OpenBSD and Linux, and even Windows with the default Intel sound driver, audio only ever played out of the left speaker. Now, after some extensive reverse engineering and debugging with the help of VFIO on Linux, I finally have audio playing out of both speakers on OpenBSD. VFIO The Linux kernel has functionality called VFIO which enables direct access to a physical device (like a PCI card) from userspace, usually passing it to an emulator like QEMU. To my surprise, these days, it seems to be primarily by gamers who boot Linux, then use QEMU to run a game in Windows and use VFIO to pass the computer’s GPU device through to Windows. By using Linux and VFIO, I was able to boot Windows 10 inside of QEMU and pass my laptop’s PCI audio device through to Windows, allowing the Realtek audio drivers to natively control the audio device. Combined with QEMU’s tracing functionality, I was able to get a log of all PCI I/O between Windows and the PCI audio device. Using VFIO To use VFIO to pass-through a PCI device, it first needs to be stubbed out so the Linux kernel’s default drivers don’t attach to it. GRUB can be configured to instruct the kernel to ignore the PCI audio device (8086:9d71) and explicitly enable the Intel IOMMU driver by adding the following to /etc/default/grub and running update-grub With the audio device stubbed out, a new VFIO device can be created from it Then the VFIO device (00:1f.3) can be passed to QEMU I was using my own build of QEMU for this, due to some custom logging I needed (more on that later), but the default QEMU package should work fine. The events.txt was a file of all VFIO events I wanted logged (which was all of them). Since I was frequently killing QEMU and restarting it, Windows 10 wanted to go through its unexpected shutdown routine each time (and would sometimes just fail to boot again). To avoid this and to get a consistent set of logs each time, I used qemu-img to take a snapshot of a base image first, then boot QEMU with that snapshot. The snapshot just gets thrown away the next time qemu-img is run and Windows always starts from a consistent state. QEMU will now log each VFIO event which gets saved to a debug-output file. With a full log of all PCI I/O activity from Windows, I compared it to the output from OpenBSD and tried to find the magic register writes that enabled the second speaker. After days of combing through the logs and annotating them by looking up hex values in the documentation, diffing runtime register values, and even brute-forcing it by mechanically duplicating all PCI I/O activity in the OpenBSD driver, nothing would activate the right speaker. One strange thing that I noticed was if I booted Windows 10 in QEMU and it activated the speaker, then booted OpenBSD in QEMU without resetting the PCI device’s power in-between (as a normal system reboot would do), both speakers worked in OpenBSD and the configuration that the HDA controller presented was different, even without any changes in OpenBSD. A Primer on Intel HDA Most modern computers with integrated sound chips use an Intel High Definition Audio (HDA) Controller device, with one or more codecs (like the Realtek ALC269) hanging off of it. These codecs do the actual audio processing and communicate with DACs and ADCs to send digital audio to the connected speakers, or read analog audio from a microphone and convert it to a digital input stream. In my Huawei Matebook X, this is done through a Realtek ALC298 codec. On OpenBSD, these HDA controllers are supported by the azalia(4) driver, with all of the per-codec details in the lengthy azalia_codec.c file. This file has grown quite large with lots of codec- and machine-specific quirks to route things properly, toggle various GPIO pins, and unmute speakers that are for some reason muted by default. The azalia driver talks to the HDA controller and sets up various buffers and then walks the list of codecs. Each codec supports a number of widget nodes which can be interconnected in various ways. Some of these nodes can be reconfigured on the fly to do things like turning a microphone port into a headphone port. The newer Huawei Matebook X Pro released a few months ago is also plagued with this speaker problem, although it has four speakers and only two work by default. A fix is being proposed for the Linux kernel which just reconfigures those widget pins in the Intel HDA driver. Unfortunately no pin reconfiguration is enough to fix my Matebook X with its two speakers. While reading more documentation on the HDA, I realized there was a lot more activity going on than I was able to see through the PCI tracing. For speed and efficiency, HDA controllers use a DMA engine to transfer audio streams as well as the commands from the OS driver to the codecs. In the output above, the CORBWP=0; size=256 and RIRBRP=0, size=256 indicate the setup of the CORB (Command Output Ring Buffer) and RIRB (Response Input Ring Buffer) each with 256 entries. The HDA driver allocates a DMA address and then writes it to the two CORBLBASE and CORBUBASE registers, and again for the RIRB. When the driver wants to send a command to a codec, such as CORB_GET_PARAMETER with a parameter of COP_VOLUME_KNOB_CAPABILITIES, it encodes the codec address, the node index, the command verb, and the parameter, and then writes that value to the CORB ring at the address it set up with the controller at initialization time (CORBLBASE/CORBUBASE) plus the offset of the ring index. Once the command is on the ring, it does a PCI write to the CORBWP register, advancing it by one. This lets the controller know a new command is queued, which it then acts on and writes the response value on the RIRB ring at the same position as the command (but at the RIRB’s DMA address). It then generates an interrupt, telling the driver to read the new RIRBWP value and process the new results. Since the actual command contents and responses are handled through DMA writes and reads, these important values weren’t showing up in the VFIO PCI trace output that I had gathered. Time to hack QEMU. Logging DMA Memory Values in QEMU Since DMA activity wouldn’t show up through QEMU’s VFIO tracing and I obviously couldn’t get Windows to dump these values like I could in OpenBSD, I could make QEMU recognize the PCI write to the CORBWP register as an indication that a command has just been written to the CORB ring. My custom hack in QEMU adds some HDA awareness to remember the CORB and RIRB DMA addresses as they get programmed in the controller. Then any time a PCI write to the CORBWP register is done, QEMU fetches the new CORB command from DMA memory, decodes it into the codec address, node address, command, and parameter, and prints it out. When a PCI read of the RIRBWP register is requested, QEMU reads the response and prints the corresponding CORB command that it stored earlier. With this hack in place, I now had a full log of all CORB commands and RIRB responses sent to and read from the codec: An early version of this patch left me stumped for a few days because, even after submitting all of the same CORB commands in OpenBSD, the second speaker still didn’t work. It wasn’t until re-reading the HDA spec that I realized the Windows driver was submitting more than one command at a time, writing multiple CORB entries and writing a CORBWP value that was advanced by two. This required turning my CORB/RIRB reading into a for loop, reading each new command and response between the new CORBWP/RIRBWP value and the one previously seen. Sure enough, the magic commands to enable the second speaker were sent in these periods where it submitted more than one command at a time. Minimizing the Magic The full log of VFIO PCI activity from the Windows driver was over 65,000 lines and contained 3,150 CORB commands, which is a lot to sort through. It took me a couple more days to reduce that down to a small subset that was actually required to activate the second speaker, and that could only be done through trial and error: Boot OpenBSD with the full list of CORB commands in the azalia driver Comment out a group of them Compile kernel and install it, halt the QEMU guest Suspend and wake the laptop, resetting PCI power to the audio device to reset the speaker/Dolby initialization and ensure the previous run isn’t influencing the current test (I’m guessing there is an easier to way to reset PCI power than suspending the laptop, but oh well) Start QEMU, boot OpenBSD with the new kernel Play an MP3 with mpg123 which has alternating left- and right-channel audio and listen for both channels to play This required a dozen or so iterations because sometimes I’d comment out too many commands and the right speaker would stop working. Other times the combination of commands would hang the controller and it wouldn’t process any further commands. At one point the combination of commands actually flipped the channels around so the right channel audio was playing through the left speaker. The Result After about a week of this routine, I ended up with a list of 662 CORB commands that are needed to get the second speaker working. Based on the number of repeated-but-slightly-different values written with the 0x500 and 0x400 commands, I’m guessing this is some kind of training data and that this is doing the full Dolby/Atmos system initialization, not just turning on the second speaker, but I could be completely wrong. In any case, the stereo sound from OpenBSD is wonderful now and I can finally stop downmixing everything to mono to play from the left speaker. In case you ever need to do this, sndiod can be run with -c 0:0 to reduce the channels to one. Due to the massive size of the code needed for this quirk, I’m not sure if I’ll be committing it upstream in OpenBSD or just saving it for my own tree. But at least now the hardware support chart for my Matebook is all yeses for the things I care about. I’ve also updated the Linux bug report that I opened before venturing down this path, hoping one of the maintainers of that HDA code that works at Intel or Realtek knew of a solution I could just port to OpenBSD. I’m curious to see what they’ll do with it. Why BSD/OS is the best candidate for being the only tested legally open UNIX Introduction The UNIX® system is an old operating system, possibly older than many of the readers of this post. However, despite its age, it still has not been open sourced completely. In this post, I will try to detail which parts of which UNIX systems have not yet been open sourced. I will focus on the legal situation in Germany in particular, taking it representative of European law in general – albeit that is a stretch, knowing the diversity of European jurisdictions. Please note that familiarity with basic terms of copyright law is assumed. Ancient UNIX The term “Ancient UNIX” refers to the versions of UNIX up to and including Seventh Edition UNIX (1979) including the 32V port to the VAX. Ancient UNIX was created at Bell Laboratories, a subsidiary of AT&T at the time. It was later transferred of the AT&T UNIX Support Group, then AT&T Information Systems and finally the AT&T subsidiary UNIX System Laboratories, Inc. (USL). The legal situation differs between the United States of America and Germany. In a ruling as part of the UNIX System Laboratories, Inc. v. Berkeley Software Design, Inc. (USL v. BSDi) case, a U.S. court found that USL had no copyright to the Seventh Edition UNIX system and 32V – arguably, by extension, all earlier versions of Ancient UNIX as well – because USL/AT&T had failed to affix copyright notices and could not demonstrate a trade secret. Due to the obsessive tendency of U.S. courts to consider themselves bound to precedents (cf. the infamous Pierson v. Post case), it can be reasonably expected that this ruling would be honored and applied in subsequent cases. Thus under U.S. law, Ancient UNIX can be safely assumed to belong in the public domain. The situation differs in Germany. Unlike the U.S., copyright never needed registration in order to exist. Computer programs are works in the sense of the German 1965 Act on Copyright and Related Rights (Copyright Act, henceforth CopyA) as per CopyA § 2(1) no. 1. Even prior to the amendment of CopyA § 2(1) to include computer programs, computer programs have been recognized as copyrightable works by the German Supreme Court (BGHZ 112, 264 Betriebssystem, no. 19); CopyA § 137d(1) rightly clarifies that. The copyright holder at 1979 would still have been USL via Bell Labs and AT&T. Copyright of computer programs is transferred to the employer upon creation under CopyA § 69(1). Note that this does not affect expiry (Daniel Kaboth/Benjamin Spies, commentary on CopyA §§ 69a‒69g, in: Hartwig Ahlberg/Horst-Peter Götting (eds.), Urheberrecht: UrhG, KUG, VerlG, VGG, Kommentar, 4th ed., C. H. Beck, 2018, no. 16 ad CopyA § 69b; cf. Bundestag-Drucksache [BT-Drs.] 12/4022, p. 10). Expiry occurs 70 years after the death of the (co-)author that died most recently as per CopyA § 65(1) and 64; this has been the case since at least the 1960s, meaning there is no way for copyright to have expired already (old version, as per Bundesgesetzblatt Part I No. 51 of September 16, 1965, pp. 1273‒1294). In Germany, private international law applies the so-called “Territorialitätsprinzip” for intellectual property rights. This means that the effect of an intellectual property right is limited to the territory of a state (Anne Lauber-Rönsberg, KollisionsR, in: Hartwig Ahlberg/Horst-Peter Götting (eds.), ibid., pp. 2241 et seqq., no. 4). Additionally, the “Schutzlandprinzip” applies; this means that protection of intellectual property follows the lex loci protectionis, i.e. the law of the country for which protection is sought (BGH GRUR 2015, 264 HiHotel II, no. 25; BGH GRUR 2003, 328 Sender Felsberg, no. 24), albeit this is criticized in parts of doctrine (Lauber-Rönsberg, ibid., no. 10). The “Schutzlandprinzip” requires that the existence of an intellectual property right be verified as well (BGH ZUM 2016, 522 Wagenfeld-Leuchte II, no. 19). Thus, in Germany, copyright on Ancient UNIX is still alive and well. Who has it, though? A ruling by the U.S. Court of Appeals, Tenth Circuit, in the case of The SCO Group, Inc. v. Novell, Inc. (SCO v. Novell) in the U.S. made clear that Novell owns the rights to System V – thus presumably UNIX System III as well – and Ancient UNIX, though SCO acquired enough rights to develop UnixWare/OpenServer (Ruling 10-4122 [D.C. No. 2:04-CV-00139-TS], pp. 19 et seq.). Novell itself was purchased by the Attachmate Group, which was in turn acquired by the COBOL vendor Micro Focus. Therefore, the rights to SVRX and – outside the U.S. – are with Micro Focus right now. If all you care about is the U.S., you can stop reading about Ancient UNIX here. So how does the Caldera license factor into all of this? For some context, the license was issued January 23, 2002 and covers Ancient UNIX (V1 through V7 including 32V), specifically excluding System III and System V. Caldera, Inc. was founded in 1994. The Santa Cruz Operation, Inc. sold its rights to UNIX to Caldera in 2001, renamed itself to Tarantella Inc. and Caldera renamed itself The SCO Group. Nemo plus iuris ad alium transferre potest quam ipse habet; no one can transfer more rights than he has. The question now becomes whether Caldera had the rights to issue the Caldera license. I’ve noted it above but it needs restating: Foreign decisions are not necessarily accepted in Germany due to the “Territorialitätsprinzip” and “Schutzlandprinzip” – however, I will be citing a U.S. ruling for its assessment of the facts for the sake of simplicity. As per ruling 10-4122, “The district court found the parties intended for SCO to serve as Novell’s agent with respect to the old SVRX licenses and the only portion of the UNIX business transferred outright under the APA [asset purchase agreement] was the ability to exploit and further develop the newer UnixWare system. SCO was able to protect that business because it was able to copyright its own improvements to the system. The only reason to protect the earlier UNIX code would be to protect the existing SVRX licenses, and the court concluded Novell retained ultimate control over that portion of the business under the APA.” The relevant agreements consist of multiple pieces: the base Asset Purchase Agreement “APA” (Part I) the base Asset Purchase Agreement “APA” (Part II) the Operating Agremeent and Amendment 1 to the APA the Amendment 2 to the APA The APA dates September 19, 1995, from before the Caldera license. Caldera cannot possibly have acquired rights that The Santa Cruz Operation, Inc. itself never had. Furthermore, I’ve failed to find any mention of Ancient UNIX; all that is transferred is rights to SVRX. Overall, I believe that the U.S. courts’ assesment of the facts represents the situation accurately. Thus for all intents and purposes, UNIX up to and including System V remained with Novell/Attachmate/Micro Focus. Caldera therefore never had any rights to Ancient UNIX, which means it never had the rights to issue the Caldera license. The Caldera license is null and void – in the U.S. because the copyright has been lost due to formalities, everywhere else because Caldera never had the rights to issue it. The first step to truly freeing UNIX would this be to get Micro Focus to re-issue the Caldera license for Ancient UNIX, ideally it would now also include System III and System V. BSD/OS Another operating system near UNIX is of interest. The USL v. BSDi lawsuit includes two parties: USL, which we have seen above, and Berkeley Software Design, Inc. BSDi sold BSD/386 (later BSD/OS), which was a derivative of 4.4BSD. The software parts of the BSDi company were acquired by Wind River Systems, whereas the hardware parts went to iXsystems. Copyright is not disputed there, though Wind River Systems ceased selling BSD/OS products 15 years ago, in 2003. In addition, Wind River System let their trademark on BSD expire, though this is without consequence for copyright. BSD/OS is notable in the sense that it powered much of early internet infrastructure. Traces of its legacy can still be found on Richard Stevens’ FAQ. To truly make UNIX history free, BSD/OS would arguably also need to see a source code release. BSD/OS at least in its earliest releases under BSDi would ship with source code, though under a non-free license, far from BSD or even GPL licensing. System V The fate of System V as a whole is difficult to determine. Various licenses have been granted to a number of vendors (Dell UNIX comes to mind; HP for HP-UX, IBM for AIX, SGI UNIX, etc.). Sun released OpenSolaris – notoriously, Oracle closed the source to Solaris again after its release –, which is a System V Release 4 descendant. However, this means nothing for the copyright or licensing status of System V itself. Presumably, the rights with System V still remain with Novell (now Micro Focus): SCO managed to sublicense rights to develop and sell UnixWare/OpenServer, themselves System V/III descendants, to unXis, Inc. (now known as Xinuos, Inc.), which implies that Xinuos is not the copyright holder of System V. Obviously, to free UNIX, System V and its entire family of descendants would also need to be open sourced. However, I expect tremendous resistance on part of all the companies mentioned. As noted in the “Ancient UNIX” section, Micro Focus alone would probably be sufficient to release System V, though this would mean nothing for the other commercial System V derivatives. Newer Research UNIX The fate of Bell Labs would be a different one; it would go on to be purchased by Lucent, now part of Nokia. After commercial UNIX got separated out to USL, Research UNIX would continue to exist inside of Bell Labs. Research UNIX V8, V9 and V10 were not quite released by Alcatel-Lucent USA Inc. and Nokia in 2017. However, this is merely a notice that the companies involved will not assert their copyrights only with respect to any non-commercial usage of the code. It is still not possible, over 30 years later, to freely use the V8 code. Conclusion In the U.S., Ancient UNIX is freely available. People located everywhere else, however, are unable to legally obtain UNIX code for any of the systems mentioned above. The exception being BSD/OS, assuming a purchase of a legitimate copy of the source code CD. This is deeply unsatisfying and I implore all involved companies to consider open sourcing (preferably under a BSD-style license) their code older than a decade, if nothing else, then at least for the sake of historical purposes. I would like to encourage everybody reading this to consider reaching out to Micro Focus and Wind River Systems about System V and BSD/OS, respectively. Perhaps the masses can change their minds. A small note about patents: Some technologies used in newer iterations of the UNIX system (in particular the System V derivatives) may be encumbered with software patents. An open source license will not help against patent infringement claims. However, the patents on anything used in the historical operating systems will certainly have expired by now. In addition, European readers can ignore this entirely – software patents just aren’t a thing. OpenBGPD - Adding Diversity to the Route Server Landscape Introduction As of last year, there was effectively only a single solution in the Route Server vendor market: the BIRD Internet routing daemon. NIC.CZ (the organisation developing BIRD) has done fantastic work on maintaining their BGP-4 implementation, however, it’s not healthy to have virtually every Internet Exchange Point (IXP) in the RIPE NCC service region depend on a single open source project. The current situation can be compared to the state of the DNS root nameservers back in 2002 - their dependence on the BIND nameserver daemon and the resulting development of NSD as an alternative by NLnet, in cooperation with the RIPE NCC. OpenBGPD used to be one of the most popular Route Server implementations until the early 2010s. OpenBGPD’s main problem was that its performance couldn’t keep up with the Internet’s growth, so it lost market share. An analysis by Job Snijders suggested that a modernised OpenBGPD distribution would be a most viable option to regain diversity on the Route Server level. Missing features in OpenBGPD The following main missing features were identified in OpenBGPD: Performance In previous versions of OpenBGPD, the filtering performance didn’t allow proper filtering of all EBGP sessions. Current best practice at IXP Route Servers is to carefully evaluate and validate of all routes learned from EBGP peers. The OpenBGPD ruleset required to do correct filtering (in many deployment scenarios) was simply too lengthy - and negatively impacted service performance during configuration reloads. While filtering performance is the biggest bottleneck, general improvements to the Routing Information Base were also made to improve scalability. IXP Route Servers with a few hundred peering sessions are commonplace and adding new sessions shouldn’t impact the Route Servers’ service to other peers. We found that performance was the most pressing issue that needed to be tackled. Lack of RPKI Origin Validation As we’ve seen, Internet operators are moving to adopt RPKI based BGP Origin Validation. While it was theoretically possible to emulate RFC 6811-style Origin Validation in previous versions of OpenBGPD, the required configuration wasn’t optimised for performance and wasn’t user friendly. We believe that BGP Origin Validation should be as easy as possible - this requires BGP-4 vendors to implement native, optimised routines for Origin Validation. Of course, enabling Origin Validation shouldn’t have an impact on performance either when processing BGP updates or when updating the Route Origin Authorisation (ROA) table itself. Portability OpenBGPD is an integral part of OpenBSD, but IXPs may prefer to run their services infrastructure on an operating system of their choice. Making sure that there’s a portable OpenBGPD version which follows the OpenBSD project release cycle will give IXPs this option. Development steps By addressing the issues mentioned above, we could bring back OpenBGPD as a viable Route Server implementation. Since I was one of the core OpenBGPD developers, I was asked if I wanted to pick up this project again. Thanks to the funding from the RIPE NCC Project Fund, this was possible. Starting in June 2018, I worked full time on this important community project. Over the last few months, many of the problems are already addressed and are now part of the OpenBSD 6.4 release. So far, 154 commits were made to OpenBGPD during the 6.4 development cycle - around 8% of all commits ever to OpenBGPD! This shows that due to funding and dedicated resources, a lot of work could be pushed into the latest release of OpenBGPD. OpenBGPD 6.4 The OpenBGPD version, as part of OpenBSD 6.4 release, demonstrates great progress. Even though there have been many changes to the core of OpenBGPD, the released version is as solid and reliable as previous releases and the many bug fixes and improvements make this the best OpenBGPD release so far. The changes in the filter language allow users to write more efficient rulesets while the introduction of RPKI origination validation fixes an important missing feature. For IXPs, OpenBGPD now is an alternative again. There are still open issues, but the gap is closing! Feature highlights The following changes should be highlighted: Introduction of background soft-reconfiguration on config reload. Running the soft-reconfiguration task in the background allows for new updates and withdraws to be processed at the same time. This improves convergence time - one of the key metrics for Route Servers. BGP Origin Validation when a roa-set is configured Every EBGP route announcement is validated against the locally configured VRP table entries. Depending on the validation process’s outcome, the validation state is set to valid, invalid or not found. The filter language has been extended to allow checking for the origin validation state, and thanks to this, it is possible to deny invalid prefixes or regard valid prefixes different to the ones that aren’t found. The roa-set table is read from the configuration file and updated during configuration reloads. On production systems reloading the roa-set and applying it to all prefixes is done in a couple of seconds. Fast prefix-set lookups In OpenBSD 6.3 prefix-sets got introduced in OpenBGPD. A prefix-set combines many prefix lookups into a single filter rule. The original implementation wasn’t optimised but now a fast trie lookup is used. Thanks to this, large IRR DB prefix tables can now be implemented efficiently. Introduction of as-sets Similar to prefix-sets, as-sets help group many AS numbers into a single lookup. Thanks to this, large IRR DB origin AS tables can be implemented efficiently. Introduction of origin-sets Looking at the configurations of Route Servers doing full filtering, it was noticed that a common lookup was binding a prefix to an origin AS - similar to how a roa-set is used for RPKI. These origin-set tables are used to extend the IRR prefix lookup and generated from alternative sources. Improving third party tools Users can only benefit from the changes introduced in OpenBGPD 6.4 when the surrounding 3rd party tools are adjusted accordingly. Two opensource projects such as bgpq3 and arouteserver are frequently used by network operators and IXPs to generate BGP configurations. Thanks to our contributions to those projects, we were able to get them ready for all the new features in OpenBGPD. bgpq3 was extended to create as-set and prefix-set tables based on IRR DB entries. This is replacing the old way of doing the same with a large amount of filter rules. Thanks to the quick response from the bgpq3 maintainer, it was possible to ship OpenBSD 6.4 with a bgpq3 package that includes all the new features. arouteserver was adjusted to implement RPKI roa-set, as-set, prefix-set, and origin-set to generate a much better-performing configurations for the 6.4 version. With the v0.20.0 release of arouteserver, IXPs are able to generate an OpenBGPD configuration which is a ton faster but also implements the new functionalities. Looking at YYCIX (the resident IXP in Calgary, Canada) the ruleset generated by arouteserver was reduced from 370,000 rules to well under 6,000 rules. This resulted in the initial convergence time dropping from over 1 hour to less than 2 minutes, and subsequent configuration reloads are hitless and no longer noticeable. What still needs to be done A sizeable chunk of work still left on the table is the rework of the RIB data structures in OpenBGPD - these haven’t been changed since the initial design of OpenBGPD in 2003. There’s currently ongoing work (in small steps, to avoid jeopardising the stability of OpenBGPD) to modernise these data-structures. The goal is to provide better decoupling of the filter step from storing RIB database changes, to pave the way to multi-threaded operations at a later point. Looking forward Job Snijders oversaw this year’s fundraising and project management, he adds: It’s been incredibly productive to create an environment where a core developer is allowed to work full time on the OpenBGPD code base. However, it’s important to note there still is room for a number of new features to help improve its operational capabilities (such as BMP, RFC 7313, ADD_PATH, etc). It’d be beneficial to the Internet community at large if we can extend Claudio Jeker’s involvement for another year. Open source software doesn’t grow on trees! Strategic investments are the only way to keep OpenBGPD’s roadmap aligned with Internet growth and operator requirements. Beastie Bits DragonFly - git: annotated tag v5.5.0 created Torchlight 2 on NetBSD Older, but still good USENIX Login Article on Capsicum The Super Capsicumizer 9000 Dedicated and Virtual Server PXE provisioning tool Cirrus CI have announced FreeBSD support NetBSD PineBook Gameplay BSDCan 2019 CfP is out Allan’s first ZFS array, Zulu, turned 7 years old on Nov 29th Feedback/Questions Malcom - Installing Drivers in Development Samir - Introduction to ZFS Newnix - Drive Failures Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv

OpenBSD on Microsoft Surface Go, FreeBSD Foundation August Update, What’s taking so long with Project Trident, pkgsrc config file versioning, and MacOS remnants in ZFS code. ##Headlines OpenBSD on the Microsoft Surface Go For some reason I like small laptops and the constraints they place on me (as long as they’re still usable). I used a Dell Mini 9 for a long time back in the netbook days and was recently using an 11" MacBook Air as my primary development machine for many years. Recently Microsoft announced a smaller, cheaper version of its Surface tablets called Surface Go which piqued my interest. Hardware The Surface Go is available in two hardware configurations: one with 4Gb of RAM and a 64Gb eMMC, and another with 8Gb of RAM with a 128Gb NVMe SSD. (I went with the latter.) Both ship with an Intel Pentium Gold 4415Y processor which is not very fast, but it’s certainly usable. The tablet measures 9.65" across, 6.9" tall, and 0.3" thick. Its 10" diagonal 3:2 touchscreen is covered with Gorilla Glass and has a resolution of 1800x1200. The bezel is quite large, especially for such a small screen, but it makes sense on a device that is meant to be held, to avoid accidental screen touches. The keyboard and touchpad are located on a separate, removable slab called the Surface Go Signature Type Cover which is sold separately. I opted for the “cobalt blue” cover which has a soft, cloth-like alcantara material. The cover attaches magnetically along the bottom edge of the device and presents USB-attached keyboard and touchpad devices. When the cover is folded up against the screen, it sends an ACPI sleep signal and is held to the screen magnetically. During normal use, the cover can be positioned flat on a surface or slightly raised up about 3/4" near the screen for better ergonomics. When using the device as a tablet, the cover can be rotated behind the screen which causes it to automatically stop sending keyboard and touchpad events until it is rotated back around. The keyboard has a decent amount of key travel and a good layout, with Home/End/Page Up/Page Down being accessible via Fn+Left/Right/Up/Down but also dedicated Home/End/Page Up/Page Down keys on the F9-F12 keys which I find quite useful since the keyboard layout is somewhat small. By default, the F1-F12 keys do not send F1-F12 key codes and Fn must be used, either held down temporarily or Fn pressed by itself to enable Fn-lock which annoyingly keeps the bright Fn LED illuminated. The keys are backlit with three levels of adjustment, handled by the keyboard itself with the F7 key. The touchpad on the Type Cover is a Windows Precision Touchpad connected via USB HID. It has a decent click feel but when the cover is angled up instead of flat on a surface, it sounds a bit hollow and cheap. Surface Go Pen The touchscreen is powered by an Elantech chip connected via HID-over-i2c, which also supports pen input. A Surface Pen digitizer is available separately from Microsoft and comes in the same colors as the Type Covers. The pen works without any pairing necessary, though the top button on it works over Bluetooth so it requires pairing to use. Either way, the pen requires an AAAA battery inside it to operate. The Surface Pen can attach magnetically to the left side of the screen when not in use. A kickstand can swing out behind the display to use the tablet in a laptop form factor, which can adjust to any angle up to about 170 degrees. The kickstand stays firmly in place wherever it is positioned, which also means it requires a bit of force to pull it out when initially placing the Surface Go on a desk. Along the top of the display are a power button and physical volume rocker buttons. Along the right side are the 3.5mm headphone jack, USB-C port, power port, and microSD card slot located behind the kickstand. Charging can be done via USB-C or the dedicated charge port, which accommodates a magnetically-attached, thin barrel similar to Apple’s first generation MagSafe adapter. The charging cable has a white LED that glows when connected, which is kind of annoying since it’s near the mid-line of the screen rather than down by the keyboard. Unlike Apple’s MagSafe, the indicator light does not indicate whether the battery is charged or not. The barrel charger plug can be placed up or down, but in either direction I find it puts an awkward strain on the power cable coming out of it due to the vertical position of the port. Wireless connectivity is provided by a Qualcomm Atheros QCA6174 802.11ac chip which also provides Bluetooth connectivity. Most of the sensors on the device such as the gyroscope and ambient light sensor are connected behind an Intel Sensor Hub PCI device, which provides some power savings as the host CPU doesn’t have to poll the sensors all the time. Firmware The Surface Go’s BIOS/firmware menu can be entered by holding down the Volume Up button, then pressing and releasing the Power button, and releasing Volume Up when the menu appears. Secure Boot as well as various hardware components can be disabled in this menu. Boot order can also be adjusted. A temporary boot menu can be brought up the same way but using Volume Down instead. ###FreeBSD Foundation Update, August 2018 MESSAGE FROM THE EXECUTIVE DIRECTOR Dear FreeBSD Community Member, It’s been a busy summer for the Foundation. From traveling around the globe spreading the word about FreeBSD to bringing on new team members to improve the Project’s Continuous Integration work, we’re very excited about what we’ve accomplished. Take a minute to check out the latest updates within our Foundation sponsored projects; read more about our advocacy efforts in Bangladesh and community building in Cambridge; don’t miss upcoming Travel Grant deadlines, and new Developer Summits; and be sure to find out how your support will ensure our progress continues into 2019. We can’t do this without you! Happy reading!! Deb August 2018 Development Projects Update Fundraising Update: Supporting the Project August 2018 Release Engineering Update BSDCam 2018 Recap October 2018 FreeBSD Developer Summit Call for Participation SANOG32 and COSCUP 2018 Recap MeetBSD 2018 Travel Grant Application Deadline: September 7 ##News Roundup Project Trident: What’s taking so long? What is taking so long? The short answer is that it’s complicated. Project Trident is quite literally a test of the new TrueOS build system. As expected, there have been quite a few bugs, undocumented features, and other optional bits that we discovered we needed that were not initially present. All of these things have to be addressed and retested in a constant back and forth process. While Ken and JT are both experienced developers, neither has done this kind of release engineering before. JT has done some release engineering back in his Linux days, but the TrueOS and FreeBSD build system is very different. Both Ken and JT are learning a completely new way of building a FreeBSD/TrueOS distribution. Please keep in mind that no one has used this new TrueOS build system before, so Ken and JT want to not only provide a good Trident release, but also provide a model or template for other potential TrueOS distributions too! Where are we now? Through perseverance, trial and error, and a lot of head-scratching we have reached the point of having successful builds. It took a while to get there, but now we are simply working out a few bugs with the new installer that Ken wrote as well as finding and fixing all the new Xorg configuration options which recently landed in FreeBSD. We also found that a number of services have been removed or replaced between TrueOS 18.03 and 18.06 so we are needing to adjust what we consider the “base” services for the desktop. All of these issues are being resolved and we are continually rebuilding and pulling in new patches from TrueOS as soon as they are committed. In the meantime we have made an early BETA release of Trident available to the users in our Telegram Channel for those who want to help out in testing these early versions. Do you foresee any other delays? At the moment we are doing many iterations of testing and tweaking the install ISO and package configurations in order to ensure that all the critical functionality works out-of-box (networking, sound, video, basic apps, etc). While we do not foresee any other major delays, sometimes things happen that our outside of our control. For an example, one of the recent delays that hit recently was completely unexpected: we had a hard drive failure on our build server. Up until recently, The aptly named “Poseidon” build server was running a Micron m500dc drive, but that drive is now constantly reporting errors. Despite ordering a replacement Western Digital Blue SSD several weeks ago, we just received it this past week. The drive is now installed with the builder back to full functionality, but we did lose many precious days with the delay. The build server for Project Trident is very similar to the one that JT donated to the TrueOS project. JT had another DL580 G7, so he donated one to the Trident Project for their build server. Poseidon also has 256GB RAM (64 x 4GB sticks) which is a smidge higher than what the TrueOS builder has. Since we are talking about hardware, we probably should address another question we get often, “What Hardware are the devs testing on?” So let’s go ahead and answer that one now. Developer Hardware JT: His main test box is a custom-built Intel i7 7700K system running 32GB RAM, dual Intel Optane 900P drives, and an Nvidia 1070 GTX with four 4K Acer Monitors. He also uses a Lenovo x250 ThinkPad alongside a desk full of x230t and x220 ThinkPads. One of which he gave away at SouthEast LinuxFest this year, which you can read about here. However it’s not done there, being a complete hardware hoarder, JT also tests on several Intel NUCs and his second laptop a Fujitsu t904, not to mention a Plethora of HP DL580 servers, a DL980 server, and a stack of BL485c, BL460c, and BL490c Blades in his HP c7000 and c3000 Bladecenter chassis. (Maybe it’s time for an intervention for his hardware collecting habits) Ken: For a laptop, he primarily uses a 3rd generation X1 Carbon, but also has an old Eee PC T101MT Netbook (dual core 1GHz, 2GB of memory) which he uses for verifying how well Trident works on low-end hardware. As far as workstations go, his office computer is an Intel i7 with an NVIDIA Geforce GTX 960 running three 4K monitors and he has a couple other custom-built workstations (1 AMD, 1 Intel+NVIDIA) at his home. Generally he assembled random workstations based on hardware that was given to him or that he could acquire cheap. Tim: is using a third gen X1 Carbon and a custom built desktop with an Intel Core i5-4440 CPU, 16 GiB RAM, Nvidia GeForce GTX 750 Ti, and a RealTek 8168 / 8111 network card. Rod: Rod uses… No one knows what Rod uses, It’s kinda like how many licks does it take to get to the center of a Tootsie-Roll Tootsie-Pop… the world may just never know. ###NetBSD GSoC: pkgsrc config file versioning A series of reports from the course of the summer on this Google Summer of Code project The goal of the project is to integrate with a VCS (Version Control System) to make managing local changes to config files for packages easier GSoC 2018 Reports: Configuration files versioning in pkgsrc, Part 1 Packages may install code (both machine executable code and interpreted programs), documentation and manual pages, source headers, shared libraries and other resources such as graphic elements, sounds, fonts, document templates, translations and configuration files, or a combination of them. Configuration files are usually the means through which the behaviour of software without a user interface is specified. This covers parts of the operating systems, network daemons and programs in general that don’t come with an interactive graphical or textual interface as the principal mean for setting options. System wide configuration for operating system software tends to be kept under /etc, while configuration for software installed via pkgsrc ends up under LOCALBASE/etc (e.g., /usr/pkg/etc). Software packaged as part of pkgsrc provides example configuration files, if any, which usually get extracted to LOCALBASE/share/examples/PKGBASE/. Don’t worry: automatic merging is disabled by default, set $VCSAUTOMERGE to enable it. In order to avoid breakage, installed configuration is backed up first in the VCS, separating user-modified files from files that have been already automatically merged in the past, in order to allow the administrator to easily restore the last manually edited file in case of breakage. VCS functionality only applies to configuration files, not to rc.d scripts, and only if the environment variable $NOVCS is unset. The version control system to be used as a backend can be set through $VCS. It default to RCS, the Revision Control System, which works only locally and doesn’t support atomic transactions. Other backends such as CVS are supported and more will come; these, being used at the explicit request of the administrator, need to be already installed and placed in a directory part of $PATH. GSoC 2018 Reports: Configuration files versioning in pkgsrc, part 2: remote repositories (git and CVS) pkgsrc is now able to deploy configuration from packages being installed from a remote, site-specific vcs repository. User modified files are always tracked even if automerge functionality is not enabled, and a new tool, pkgconftrack(1), exists to manually store user changes made outside of package upgrade time. Version Control software is executed as the same user running pkgadd or make install, unless the user is “root”. In this case, a separate, unprivileged user, pkgvcsconf, gets created with its own home directory and a working login shell (but no password). The home directory is not strictly necessary, it exists to facilitate migrations betweens repositories and vcs changes; it also serves to store keys used to access remote repositories. Using git instead of rcs is simply done by setting VCS=git in pkginstall.conf GSoC 2018 Reports: Configuration files versioning in pkgsrc, part 3: remote repositories (SVN and Mercurial) GSoC 2018 Reports: Configuration files versioning in pkgsrc, part 4: configuration deployment, pkgtools and future improvements Support for configuration tracking is in scripts, pkginstall scripts, that get built into binary packages and are run by pkgadd upon installation. The idea behind the proposal suggested that users of the new feature should be able to store revisions of their installed configuration files, and of package-provided default, both in local or remote repositories. With this capability in place, it doesn’t take much to make the scripts “pull” configuration from a VCS repository at installation time. That’s what setting VCSCONFPULL=yes in pkginstall.conf after having enabled VCSTRACKCONF does: You are free to use official, third party prebuilt packages that have no customization in them, enable these options, and point pkgsrc to a private conf repository. If it contains custom configuration for the software you are installing, an attempt will be made to use it and install it on your system. If it fails, pkginstall will fall back to using the defaults that come inside the package. RC scripts are always deployed from the binary package, if existing and PKGRCDSCRIPTS=yes in pkginstall.conf or the environment. This will be part of packages, not a separate solution like configuration management tools. It doesn’t support running scripts on the target system to customize the installation, it doesn’t come with its domain-specific language, it won’t run as a daemon or require remote logins to work. It’s quite limited in scope, but you can define a ROLE for your system in pkginstall.conf or in the environment, and pkgsrc will look for configuration you or your organization crafted for such a role (e.g., public, standalone webserver vs reverse proxy or node in a database cluster) ###A little bit of the one-time MacOS version still lingers in ZFS Once upon a time, Apple came very close to releasing ZFS as part of MacOS. Apple did this work in its own copy of the ZFS source base (as far as I know), but the people in Sun knew about it and it turns out that even today there is one little lingering sign of this hoped-for and perhaps prepared-for ZFS port in the ZFS source code. Well, sort of, because it’s not quite in code. Lurking in the function that reads ZFS directories to turn (ZFS) directory entries into the filesystem independent format that the kernel wants is the following comment: objnum = ZFSDIRENTOBJ(zap.zafirstinteger); / MacOS X can extract the object type here such as: * uint8t type = ZFSDIRENTTYPE(zap.zafirstinteger); */ Specifically, this is in zfsreaddir in zfsvnops.c . ZFS maintains file type information in directories. This information can’t be used on Solaris (and thus Illumos), where the overall kernel doesn’t have this in its filesystem independent directory entry format, but it could have been on MacOS (‘Darwin’), because MacOS is among the Unixes that support d_type. The comment itself dates all the way back to this 2007 commit, which includes the change ‘reserve bits in directory entry for file type’, which created the whole setup for this. I don’t know if this file type support was added specifically to help out Apple’s MacOS X port of ZFS, but it’s certainly possible, and in 2007 it seems likely that this port was at least on the minds of ZFS developers. It’s interesting but understandable that FreeBSD didn’t seem to have influenced them in the same way, at least as far as comments in the source code go; this file type support is equally useful for FreeBSD, and the FreeBSD ZFS port dates to 2007 too (per this announcement). Regardless of the exact reason that ZFS picked up maintaining file type information in directory entries, it’s quite useful for people on both FreeBSD and Linux that it does so. File type information is useful for any number of things and ZFS filesystems can (and do) provide this information on those Unixes, which helps make ZFS feel like a truly first class filesystem, one that supports all of the expected general system features. ##Beastie Bits Mac-like FreeBSD Laptop Syncthing on FreeBSD New ZFS Boot Environments Tool My system’s time was so wrong, that even ntpd didn’t work OpenSSH 7.8/7.8p1 (2018-08-24) EuroBSD (Sept 20-23rd) registration Early Bird Period is coming to an end MeetBSD (Oct 18-20th) is coming up fast, hurry up and register! AsiaBSDcon 2019 Dates ##Feedback/Questions Will - Kudos and a Question Peter - Fanless Computers Ron - ZFS disk clone or replace or something Bostjan - ZFS Record Size Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv

Steam Play rocks the Linux world as it promises new levels of compatibility with AAA Windows games. But the story of how Valve is doing it might be just as fascinating. Plus community news, our thoughts on building a market for Linux apps, the latest from UBPorts, and more good news from LVFS! Special Guests: Alan Pope, Brent Gervais, Marius Gripsgard, and Martin Wimpress.

It's a rather geeky Blind Side this week. Jonathan Mosen discusses his latest home improvement project, creating a smart home compatible with Apple's HomeKit and Amazon's Alexa. It turns out there are some challenges doing this in New Zealand.Jonathan explains what led him to give a Microsoft Surfacebook 2 a try, some things you might find helpful if you do the same, and why it got returned. If your screen reader seems to take a while to respond to a key press after you've left it alone for a while, you're not alone. A characteristic of some Realtek sound drivers impacting screen reader performance is present in the Surface line, as well as some Dell, HP, Lenovo and possibly other computers. Jonathan describes the symptoms and states why he believes it's so serious.Listener comments include discussion about whether it's right to blindfold partially sighted people during rehab, iOS and WWDC thoughts, and should special libraries for the blind have a long-term future?We welcome your feedback. Send email to TheBlindSide at Mosen dot org or call the feedback line in the United States on (719) 270-5114.

It's a rather geeky Blind Side this week. Jonathan Mosen discusses his latest home improvement project, creating a smart home compatible with Apple's HomeKit and Amazon's Alexa. It turns out there are some challenges doing this in New Zealand. Jonathan explains what led him to give a Microsoft Surfacebook 2 a try, some things you might find helpful if you do the same, and why it got returned. If your screen reader seems to take a while to respond to a key press after you've left it alone for a while, you're not alone. A characteristic of some Realtek sound drivers impacting screen reader performance is present in the Surface line, as well as some Dell, HP, Lenovo and possibly other computers. Jonathan describes the symptoms and states why he believes it's so serious. Listener comments include discussion about whether it's right to blindfold partially sighted people during rehab, iOS and WWDC thoughts, and should special libraries for the blind have a long-term future?   We welcome your feedback. Send email to TheBlindSide at Mosen dot org or call the feedback line in the United States on (719) 270-5114.

EP088 - PwC Partners Steven Barr and Byron Carlock Steve Barr (@Steven_J_Barr) is a partner in the Consumer Markets practice at PwC, and sits on the NRF Board of Trustees.  Byron Carlock is a partner who leads the Real Estate practice at PwC.  We sat down with Steve and Byron to talk about the current state of the US retail market and what the future may look like. In this interview, we discuss, Mallageddon, Omnichannel, Grocery, Mobile, and of course Amazon. PwC Consumer Markets Homepage PwC Real Estate Homepage Don't forget to like our facebook page, and if you enjoyed this episode please write us a review on itunes. Episode 88 of the Jason & Scot show was recorded on Thursday, June 15, 2017. http://jasonandscot.com Join your hosts Jason "Retailgeek" Goldberg, SVP Commerce & Content at SapientRazorfish, and Scot Wingo, Founder and Executive Chairman of ChannelAdvisor as they discuss the latest news and trends in the world of e-commerce and digital shopper marketing.   New beta feature - Google Automated Transcription of the show: Transcript Jason:  [0:25] Welcome to the Jason and Scott show this episode is being recorded on Thursday June 15th 2017 I'm your host Jason retailgeek Goldberg and as usual I'm here with your Cohoes Scot Wingo. Scot, Steve, And Byron:  [0:39] Hey Jason and welcome back Jason is got show listeners, Jason tonight we have two guests on the show that are going to help us better understand some of the retail and real estate dynamics that we've been talking about here in 2017 first we have Steve bar Steve is an over 20 year veteran of pricewaterhousecoopers which I'll call PWC from here on out, where he is focused on the consumer Market Steve is a frequent for contributor on topics around retail Brands and cpg he's also on the Board of Trustees for an RF, we also have Byron Carlock and he is the national partner and real estate practice leader with PWC and Works close to the Steve to understand physical retail Trends and how they impact commercial real estate industry he's been at PWC since 2012 welcome Steve and Byron. [1:28] Thank you John long long time listener first-time caller. Jason:  [1:34] We are excited to have you guys on the show and we always like to get things started by giving a listeners a little bit of a perspective about your backgrounds and how you came into your rolls so maybe Steve we can start with you you want to tell us how you got here. Scot, Steve, And Byron:  [1:49] Yeah it's good it's really great to be with you so I leave the consumer markets practice at pricewaterhousecoopers which includes our retail practice are consumer packaged Goods practice. And our travel and tours and practice. The practice includes our advisory Consulting business and our traditional audit and tax practice I've spent my entire career focused primarily in the retail and consumer space and like I said I'm glad to be with you tonight. Jason:  [2:18] Traffic in Byron. Scot, Steve, And Byron:  [2:20] Sure and I'm on Byron Carlock I leave the national real estate practice I came to the firm from industry five years ago. And spent the first half of my career with the Trammell Crow family a prominent real estate family based in Texas with many companies in the various. Real estate categories of office retail multifamily. Hospitality industrial and then I ran three routes for a sponsor before coming to the farm. I also lead the practice across our lines of Services of. Assurance tax and advisory my jobs almost as fun as Steve's but I'm more the dirt guy and so I'm watching our industry go through an interesting metamorphosis especially in the retail category. [3:10] Awesome well as the the dirt guy Byron let me kick it off to you and you know so 2017 is you've been an issue for a while and I've got a majun this is kind of, what is the most brutal years you seen us as relates to Store retail you seen over 5000 stores announced that are closing this year we've had folks on the podcast that say we can get to 10000, and you're in that Plies Mall closures in the 20 to 30% range over the next two years, watch County help us frame it giving your long exposure to the market and in the physical retail side how, what are you seeing out there is it the worst year you ever seen in and any other pontifications would love to hear. [3:51] Sure I'm going to put it in more of an evolutionary disruption time frame because I think it's very interesting to sit back and realize. The 90% of retail sales still happen in brick-and-mortar. And so although e-commerce is the fastest-growing phenomena in retail it's still only 10%. Of the total spend and so what happens in brick and mortar is very important. And certainly worth watching and you're right the store closures are going to be big we can get 7700 somewhere around in there so you're right between 5 and 10000 and the square footage vacated you know in the tens of millions of square feet. But what's interesting for the real estate. [4:36] For the Realtek perspective is on that which is vacated it's an offer it's an opportunity for landlords to rehab and reposition. Answer there's National articles you know this week in the Wall Street Journal talking about. The mall might not have any retailers in it and some of the different uses that that real estate is finding as landlords reposition the real estate. So I'm coming at it from a bit more bullish perspective from the brick-and-mortar perspective in that I think we'll see New Uses even though those vacancies will. [5:16] Eradicate certain retail Concepts week we refer to sometimes as the mediocre in the middle. [5:24] Got it 60 what's your take on kind of where we are from a 30000 foot kind of you. It's interesting one of the things Byron and I chat about frequently is the question of whether were over stored or under demolished in life what I, yeah and what I mean by that is there are some great properties and some great locations. I really just don't have the right retail for for today's consumer. Transformation there is no question and you guys wouldn't have any back on the show if we didn't acknowledge that. There is some significant headwinds for certain retailers but we have a number of our clients and I'll lean with Byron toward some level of optimism because the number of our clients. Or investing in some very unique properties focusing on. Experience and press partnering in ways that might be non-traditional from a historical standpoint but really connect with with today's consumer. Jason:  [6:34] Yes what's really interesting you know I feel like I am definitely on your guy side of the fence as a pro brick-and-mortar guy Scott is really the, the digital doom-and-gloom guy on the cough but I think even he concedes that the brick-and-mortar is going to continue to be a really important part of the mix I will say however that, I do start getting nervous cuz you mentioned that average, 10% of sales are online in a lot of segments that are important like particularly in the malls. [7:06] That that percentage is more like 15 or 20% and 15 or 20% feels like an inflection point when it can really disrupt a category. [7:16] Yeah do you think we're going to see some some actual category disruption or do you think it's just going to be the the weakest players in each of those categories that that we see go away. Scot, Steve, And Byron:  [7:27] Steve began alluding to it's all about the experience so it's that category. Can create an experience in a reason for someone to be on the showroom in the store and experiencing the product and learning about it then that disruption can be stalled if not why why take the time out of your busy schedule to get. And so the consumer needs a reason to be welcomed into the store and feel as though it's a worthwhile experience. [7:54] Yeah and I guess I would have to serve two thoughts the first would be you know in addition to the numbers you shared we're actually seeing. Many of our clients have their. Or their their direct businesses grow. 20 to 30% in the end in fact as you both know well. Some have even grown in the in the 40 50% range and something that said we called the last two holidays. And you know those have come true so we're seeing there's no question we're seeing the massive shift. The other point I would make and having listened to your show for quite some time I know when I open up the topic of omni-channel. I think there's a lot of people that talk about on the channel and I don't think many retailers are are are doing that well. But I do feel as if the retailers are on a continuous journey of improvement. And some of the retailers are starting to do it well but I continue to be very disappointed with. With many of the store base retailers often my family gets tired of shopping with me because often what I do is I walk into the store. You know what I'm doing, my work thinks and I walk as if I'm just any consumer and trying to feel is it what's what's that experience for me if I've done things like buy online pickup in-store and I continue. [9:30] Be amazed at how many stores make it very inconvenient for, the consumer to really have that buy online pickup in-store experience difficult to find a parking spot, if I have an impulse purchase or a different need there isn't a separate checkout Lanes sometimes it's very hard to find the the, the pickup spot within the store and so we really do need to see the Retailer's transform at the store level, and counterbalance, the convenience that comes with online shopping but like I said I think some are starting to do it well and others, if they don't do it you know I think they're going to add to that list of of dead banners bankruptcies and store closures. Jason:  [10:22] Yeah it it is shocking how much bad omni-channel there still is out there I know I have the luxury of living a few blocks from an Amazon bookstore and so I'm a horrible person, but my soda pass time when I have too much free time on my hands is just to try to go return Amazon purchases at the bookstore. Scot, Steve, And Byron:  [10:42] Yeah and what's your experience. Jason:  [10:44] That they don't accept returns from Amazon it's me just being mean but are there any retailers you think of that you would point to as a sort of shining beacons of really taking advantage of the wrecking water footprint and doing omni-channel well. Scot, Steve, And Byron:  [10:59] Yeah I can think of several I don't know if we're allowed to mention particular client names. Excuse me particular company names but yes there are some they're doing extremely well that make sure you feel like you are welcomed into the store almost as a treasured guests because they know your time starved they know you want special service. Play make you feel like your visit was worthwhile. [11:22] No I mean I don't know I mean for example and I'll give you a couple cuz I think sometimes we can think we can speak in terms of examples but you know what Gucci is doing at the upper end this year. Is a game-changer and when you go in the store and you see something you like you better get it because if you don't get it it may not be there tomorrow. Limited production runs with the special embroidery while statements that become interesting accessories to any outfit. [11:52] It's really a fun experience at the designer level. [11:56] Even all the way down to HomeGoods in a perch who you go in and get to see demonstrations in the cooking kitchen or in the luxury bathroom. And you think wow I want to live like that. And so when you see those experiences that make the product come alive it makes your store visitation worthwhile. [12:19] Now if it's a roll of toilet paper. Are bath soap or laundry detergent the commodity stuff is going to be sold on price and convenient. [12:32] An empire in what would I would add to that is you know so often when we talked about how many Channel I think there's a focus of it being. The online transaction store but also we see some retailers doing an extraordinary job of if I'm in store and they don't have the style or size that I'm looking for, several of the leading retailers are able to access their inventory real-time often with a handheld device. Somewhere you know exactly where I'm shopping and in many cases you know make a commitment to me. How to get that old to The Shopper overnight or if you're in a large urban area in many cases on same day and. Bonobos is an example of that is extraordinary I often go into markets. And two tours in a recent Market visit. Explain that I was shopping or just doing the tour and what was staying at a hotel and didn't want to carry bags and they made a commitment to me that. By the time I was back at my hotel room in Times Square that they would have a package waiting for me so I think it's important to think of, omni-channel you know going going both ways but some some are doing it well. But that also means then that some aren't doing it well and what's especially challenging as same-store sales Decline and there's significant deferred maintenance from Information Systems. [14:14] And investment in store associates in others it almost becomes self-fulfilling for those retailers that just don't have the resources to get it done and that's why I think this is going to be a balance of. The winners are going to continue to win and as Byron a said you'll being stuck in the middle or I would say you know being a struggling retailer. Really something transformational is going to happen or we are going to continue to see a decline but I I do believe those clear winners are there there's no question that they're very bullish on, specific real estate in specific markets at very strategic specifically. Jason:  [14:56] Yeah I would definitely agree Steve I think is you alluded to a lot of the. [15:01] The most successful omni-channel experiences with Chompers really require excellent. [15:09] In-store inventory accuracy in so if we see a lot of retailers investing right now in New processes and Technologies and systems to get that that inventory much more accurate so they can use it in a lot more customer experiences. [15:24] Another Trend that I think is interesting an omni-channel I'm curious if either of you have any thoughts. We now seen a couple retailers kind of announced that they're redesigning stores around these omni-channel flows so target has a new store model I don't think they've open one yet but that literally has sort of a. [15:44] A separate entrance for the fast visit you no pickup Goods type stuff. [15:50] And that entrance is literally you know more convenient and separate from the the the full brows customer and I know. [15:59] Starbucks already has a prototype store in their corporate headquarters that's a pure Order ahead pick up in in Branch experience where you literally can't order in in the store. [16:11] Do you see those kinds of trans catching some some wind. Scot, Steve, And Byron:  [16:15] And I do know they're working at work harder at making it easier to return. [16:31] Yeah and end, it's actually great example and the reference I made a little little more subtly earlier was it was actually you know to the Target Model by the way I would say is, I'm in a worse thing several of the mass Merchants so you know Walmart and Target really begin to execute. Very well in the store I think those companies would would say there's always an opportunity for continuous Improvement but I think they're realizing, the Strategic imperative, to improve that experience and I'm quite optimistic that the leading retailers are are going to be able to pull it off in fact I think you know I think we're going to start to see, even greater separation but I would expect those retailers, and a few others to to separate themselves and and and do it quite well what will what will be interesting. Will be you know at what page can they do that because. This isn't just about you know onesies and twosies there they're going to have any of these retailers no specific brand they're going to have to transform these stores. Very rapidly. Happened to listen to your most recent podcast and I think that you know the conversation around the period of time that some have forecasted that it might take to transform. You know the Sears locations as as they close United quite an extended time arises I don't think there's enough time to do it at that pace and. [18:05] And he's going to have to make decisions that we're going to have to accelerate this and transform the in-store experience immediately. To continue to stay relevant to smash especially with Amazon. And look while I'm intrigued by how Amazon is is disrupting our world. I'm continuing to be curious at what point will Amazon be disruptive and end. Folk music may think you know I'm a bit crazy because we've seen them as the the disruptor. [18:43] Will the time come when Alibaba and you know enter the US market or will the time come when some transformational player we've seen it in retail and sometimes it's a very long life cycle. [18:55] I really can't stress enough the need for retailers. To accelerate that pace of change and even for the disruptors to continue to disrupt themselves, so thanks for bringing up the the a word it wouldn't be a Jason and Scott show that kind of talk a little bit about Amazon let's take the angle Steve will start with you and then I want you to chime in so, it sounds like your recommendation retailers this to innovate and stay in front and Amazon could be disrupted the what about Brands I know you guys talked to a lot of brands with what do you say to Brands when they're, you know when they're saying hey what what should we do about Amazon and we see people that have a spectrum of their evil adult partner up at all all the way to Univera deep Partnerships with. Curious how you advise folks on them yeah it's Steve I'll go first and Byron if you want to jump in. The age-old question here is that that question of Channel conflict right and not only. For for their own branded stores but in many cases for their Retail Partners from a wholesale perspective and. I'm not sure there's anyone right answer depending on the category I get much of my Amazon information from you two gentlemen. But we know well that as they've entered certain private label categories. [20:26] Steve quickly gas is Amazon a quickly gained a significant market share in a number of categories and I think the the most recent Mary Meeker internet Trends presentation which was fascinating. Was one at one of the latest examples where they talked about Amazon share with batteries and I think the other category she mentioned it was. In the in the baby category so Brands I don't think there's anyone right answer but I think I can tell you this. Our clients are struggling with what to do and how to do it like they're all coming up with. Individual Solutions some are arguing that just like a regular wholesale partner and others are looking to. Come up with unique School offerings and product that not only for Amazon but for there are other wholesale partners and then for their own branded stores. And I think we're going to continue to see folks have that dilemma and as we know there are a number of luxury players or some. Unique players whether it be lvmh or Birkenstock or others that have made choices of not partnering with Amazon or. Disengaging from pretzel prior partnership with Amazon so an interesting Trends to watch but I don't think there is a single answer that it applies to any category Byron I welcome your thoughts. No I think the biggest. The big disruptor to watch there's Walmart I think their acquisition of jet.com and their rationalization of that business into their retail model is the game changer as a southerner you know going to Walmart as a spiritual experience. [22:08] And to make that experience convenient. For those that want to do it over the Internet only broadens their ability to compete head-to-head with Amazon and so I think that's worth watching and when they make returns exchanges and pick up the. Everything like that convenient in the store think about all the distribution Outlets that they've already got on the ground in your neighborhood. [22:34] That make that experience all the easier because I think that's the one who watches the disrupter for the big a in, one thing I've been mean nasty from a commercial real estate perspective here in our region the warehouse kind of segment is really heated up as as e-commerce has grown it is is that a national thing is they're kind of a Spider-Man in balance for that warehouse type space that, it's important for that that amazon-like experience. [23:00] Yes I need for three years running in our emerging Trends publication industrial has been the leading product category and it's obviously, driven by the demand because of because of the importance of fulfillment in the new economy and so industrial is a darling I don't see it changing and the use of that industrial space is already changing to adapt to. The environment related to returns and so you see some industrial parks adding retail elements so, returns of e-commerce merchandiser actually sold out the back of the warehouse. And so it's interesting to see whether or not industrial buildings become. You know many outlet malls in the future as of adjunct service to the customer that is. Using the goods that are moving through those warehouses yeah we have a, but the ability to access for the Planes Trains and trucks during the holiday season has become, very challenging for for you know many of the retailers in MN online providers so it's it's not only a competition for the industrial space but a competition for, all of the components of that supply chain including the last mile. That's right that's very important to note I mean so you got your large you know million-square-foot distribution centers that can be remotely located. [24:37] But you cannot deny the need for smaller spaces close in for last mile delivery and so the competition for four walls that are compatible for that last mile delivery is heating up but it's also using space that might otherwise be underused. And so you're seeing vacant Office Buildings. Turn into last-mile fulfillment centers for pickups and deliveries you're seeing self storage units. I'll be available for you no nighttime delivery. Of the goods from the remote distribution facility and then distributed out by The Last Mile deliver first thing in the morning. And so the use of four walls can be fungible and I think that's one of the things we're learning about this disruption is space can be used for multiple things and it doesn't always fall into the traditional categories that we thought it did. [25:31] Cool and then Steve one last Amazon kind of nuance see if you've talked about how they're going to impact retail and brands, how about the cpg your grocery category you know they've they've got the ghost or we just kind of walk out with things they've got the pickup store that had fresh for a while that's in several cities they've got Prime now Pantry there's almost like eight platforms they're experimenting around so that it seems like they're pretty serious do you think they're going to, going to start to make some inroads there or do you feel like groceries too tough for Amazon. [26:03] I think they're going to make significant inroads in it and it's interesting I'll give you something that I'm watching that may not be obvious to to everybody but you know in in in my day, I'm 52 years old all of the large cpg companies in my life professional Life Time opens, I'm office is and had a mandate to be located in Bentonville and there's no question that continue to be true given, the tremendous strength and capabilities of Walmart which I continue to believe is is is going to do continue to perform well but what we're seeing is the same consumer packaged Goods companies now. Placing folks in Seattle and so Seattle. Seattle the new Bentonville from a cpg standpoint for the additional Bentonville cuz it's not it's not an origin and so that's my signal to say. Cpg companies know it's imperative. Set the alarm with with Amazon and the other thing that we're seeing is our consumer packaged Goods companies are taking a hard look at containers and scuse sizes, wait so that they're optimized for. The Amazon delivery model in really far for everybody's delivery model but there's no question Amazon is is going there I saw a. [27:36] Presentation very recently not not vouching for the numbers but the forecast there was that by, 2023 that Amazon would be the equivalent of 2000 grocery stores, in in in the US which if you compare that to you know that's the comprable size to something like I believe a great example would be like a Kroger so there's no question. That's there going to be a significant player it's also interesting though a little bit off of Amazon but, many listeners may know when you you know well Lidl is is has said they're coming into the u.s. and they're going to open 100 stores in the near-term primarily in the east coast and in a very targeted area, there's going to be continued transformation in the grocery retail space. Far beyond just the the Amazon facts I think they'll be a little effective and some others. Jason:  [28:39] Yeah it's I think the grocery space in fresh in particular is going to be super interesting to watch because that feels like a space that no one has really wrapped up yet like you know Amazon has. [28:51] His head the pilots with fresh for a long time but you know isn't. [28:54] In that many markets yet we just seen Walmart put a lot of weight behind digital fresh Kroger but your point like. [29:04] All the I think it said there's they're going to spend four billion dollars incrementally in in the u.s. to grow their grocery business and I think those Weedle stores I think the first grand openings are today. [29:16] Down in the east coast so that seems like a. [29:20] An area where we can see a lot of new store openings and I guess what I'm curious I've heard some people say that. [29:28] Grocery is already more like the the density per capita of grocery is even more over stored than retailing General in the US so does that mean. [29:39] A ton of traditional grocery is going to close to make way for these guys you think that they're going to evolve you think we're the markets going to be able to tolerate. [29:48] All these German Grocers coming in and in serving customers in new ways. Scot, Steve, And Byron:  [29:54] Yeah I think my answer would be I think it's going to get to, the in-store experience that in-store experience can be different depending on who the consumer is it could be on the value end. Or it will be on the premium experience and thinking of, the Wegmans of the world are the ages of the world and the Publix where you know when you're in the store is it it is it can often be you know an extraordinary pleasing experience so, look who it is no question their razor-thin margins in grocery retail and it takes, almost Perfection which which several of the leading players on do do quite well but that tells you though there's. There has to be some disruption to come there, Ellen with the growth of online whether it be Amazon or jet.com or now is the German grocer isn't and you know some of the existing players you're not done growing whether you know whether it be. Trader Joe's of the world or some of the regional and National Brands ghetto Kroger and others continue. To transform their stores and do exceptionally well. Jason:  [31:10] Yep I think for listeners it's going to be interesting you know traditionally the way we do retail is like the super premium in-store experiences, what for super premium products you know so Byron mention the Gucci example earlier right in the super you know value products tended to come with pretty. [31:29] A value oriented experiences of wheedle is going to be an interesting blend because they're a super low price points which means, the store experience is No Frills you bag your own groceries you have to pay a deposit for the shopping cart cuz they want to make sure you return the shopping cart so they don't have to pay a guy to go get it, but then they're going to have very high quality organic. [31:52] Produce in there and so it it if that's an interesting interesting trade-off to say hey get the high-quality products in the No-Frills environment so I'm going to be watching. Scot, Steve, And Byron:  [32:02] I think about yeah but think about what you just said in that which I think Mary's with what Steve was saying earlier their systems mirror their delivery. And so their price point is complemented by what they do versus what the consumer does in order to get that price and I'm going to guess that their systems and become extremely sophisticated on sku management. To know what's going to sell when and so they very cleverly marry a systems and process and experience. [32:34] To the consumers expectation because the consumer pretty much knows what that bargain is when they walk in the store. Jason:  [32:41] No and I think you're exactly right Brian Byron there. [32:44] Probably the most quantitative retailer out there in terms of measuring the efficiency of everything. [32:54] Tut in and building the systems and processes to be highly optimized for the experience and value proposition they think customers want so I mean the only question is going to be whether American consumers, want with what with their offering because they're very good at delivering what they offer. Scot, Steve, And Byron:  [33:11] Sure it's with an contrast that with the grocery store as a spiritual or Community experience where you go do everything from your wine shopping to your Fresh Foods to that evenings Gourmet takeaway to flowers to a massage. I think I think what what we're seeing is. Experience offerings that fit the taste and budget of the buyer in different location. Jason:  [33:36] That makes perfect sense. Scot, Steve, And Byron:  [33:38] Steven know it's early yet but your your holiday forecast is widely read and can you give our listeners a little taste of what you're thinking about for holiday this year here here we are in June so I'm asking you about holiday well here we are in June and I will tell you we actually are about, to Launch. Are our first Global holiday survey so you're you're not asking too early here's what I can tell you about holiday in advance I it was interesting two years ago. For our press release when we lost our holiday survey which usually comes out in early October two years ago we we had a message that said, you know an overall same-store sales increase and I know it just simply was a measure, did not matter and it fell flat and I was very surprised that it fell flat so last year. We should have walked away from that but I'm going to go back to it this year because it's simply doesn't matter I'm, I am insanely bored with the holiday forecast to come out and and, you know it comes out from a wide range of constituencies it safe overall holiday sales are going to be up 3 or 4% because that's that's what they say every year when you deal go down earlier, and you take what happened last holiday wear overalls you know online was up 27% but like I said earlier we saw some key players Pro. In the 40 and 50% so I think the there there we should come up with new measures that matter and one of them will be another continued growth. [35:17] Of online which I continue to believe will grow somewhere overall near 20% but even that is is a measure that, blind to the fact that a few folks will continue to grow at a 40 to 50% clip with, with their online offering the other thing is I think we're we continue to be in a mode where consumers are going to spend a portion of their holiday budget especially Millennials on, themselves and on experience friends and family I'm going to a show, or a concert or the like so when we think about holiday I don't think it's right anymore just to look at retail sales but we really need to look at experience and then I think we're going to, pull into our holiday Outlook the growth of post travel airplane travel and Automobiles and so holiday now is, far, a far bigger picture than just retail sales but no question we'll see significant online gross I'm a little bit concerned here in June and we'll see we'll see how right I am that retailers are seeing, there I left and desirable results for year-to-date and that they're going to be, very tight in there ordering for holiday ends over the years my clients you know you never know what the weather's going to be like and you never know what, geopolitical or other events may occur but if we end up having a strong holiday but they were extremely conservative on their ordering they actually may miss on opportunities that the flip side of that is when we seen bad weather and other things. [37:00] When there's too much than they go Promotional and they go promotional early. It really wipes wipes out their holiday self retailers have it have a dilemma because of they look in their crystal ball you know is the glass half-full or half-empty. And we'll see but I do feel good about digital and online continuing to lead the way. [37:25] And I will save some of that contextual I just returned this week from the real estate Round Table in DC which is the Gathering of. 250 of the nation's real-estate CEOs and we had one presentation by a former fed governor and he said the bridge between where we are and holiday is it relates to that ending level is going to be confident. And so when we digest what it's going to take to inspire additional confidence we have to really analyze everything in the. Geopolitical jobs and and mood of the buyer to determine how bullish they will be come November December. Jason:  [38:04] Yeah you know what I think there's going to be another one of these interesting ones to watch I think traditionally that's always been true and the consumer spending has index very closely to consumer confidence but it it seems like we're seeing a lot more standard deviation in that that correlation the last couple of years, and I'll be on some other things I'm really nervous about for this holiday season Steve I think you're exactly right, nervous retailers are going to go in with tight inventory but I think one of the other impacts is. [38:35] If 7700 stores truly close before holiday this year that means our friends at Gordon brothers are going to liquidate 7700 stores worth of inventory and, you know that that's going to have an impact on on prices and consumer demand as we as we hit holiday. Scot, Steve, And Byron:  [39:00] Is you know not only the Gordon Brothers on the liquidation but for some of the, banners and brands that are continuing but perhaps having to go to the off-price channel to sort of the, today action Ross stores we may see some some really really tremendous deals from a consumer perspective in in the value Channel. Jason:  [39:25] And I'm sorry Byron you were going to say something as well. Scot, Steve, And Byron:  [39:28] Everyone loves a bargain I'll give her just reminds me of of Stanley Tangers quote years ago and good times people still want to bargain and bad times they need a bargain. And So It Goes liquidations May draw people out to spend in a way that inspires additional confidence so if that is going to be one worth watching because I think there will be a lot of closings and liquidations that. Put some Bargains in the market to get people out to experience those. Jason:  [39:54] Yep and I think there was one quarter Larry on that that quote though everyone loves a bargain except for the manufacturers. [40:03] So I didn't want to change topics another topic we have on the show a lot is mobile and. [40:13] In particular you know if. [40:15] If e-commerce is a you know small sliver of total retail sales but it's the fastest growing then you know mobile is a small sliver of digital sales but you know the fastest-growing and you know we've been talking loud about brick and mortar stores. [40:30] What are the things that's really interesting to me about mobile and brick-and-mortar is we've got all these consumers they may be our only spending 10% of their stuff online but. [40:39] 50% of their purchases are being influenced by digital so they're getting used to having all this digital information when they make purchases in the the obvious way to give him that digital information when they make purchases in brick-and-mortar stores is on mobile phone so I guess I'm curious, Evite. [40:56] You guys are seeing anything interesting happening in Mobile and you know if there any experiences that you've that you've seen or that you're optimistic about in terms of Mobile use in stores. Scot, Steve, And Byron:  [41:08] It's Steve and there's there's no question that the phrase we often uses is a mobile matters and, Siena resting to Think Through the story I told her earlier in the podcast around how the stores need to transform to keep up with. Digital the same thing is true with respect to mobile and what I mean by that is it's only, a year or two ago and it's unfortunately true for a few retailers today where if I'm in store and I want to use my mobile device. I really get, small version of their website and it's not a mobile design website but the leading retailers have now taken it to one click capabilities, and so those folks that are transforming the mobile experience I had my own personal experience where I will I won't name the retailer but I was at an outdoor retailer and the particular, shoe was on sale I wanted to have that shoe they didn't have it in stock the sale ended that day, they didn't have the in-store capabilities to take care of me so I wanted to buy a my mobile and I was typing on this small keyboard and it was incredibly painful I was able to complete the transaction but there was nothing user-friendly about it, that same retailer is now transformed their mobile site and with one click and using. [42:38] In one of and Apple pay Samsung pay type options truly I think in, two or three very quick clicks, I'm able now to complete the same transaction if all retailers can get to that stage we're going to see explosive growth in Mobile, especially as Millennials and gen Z years continue to take up a larger portion of of the demographic of of the act of shoppers. [43:08] Byron any thoughts on mobile I know I just think alongside that comes the ability to fulfill the order as promised and then make the returns easy if it doesn't work. I think a lot of folks are still working on their systems not only in the handheld convenience that Steve was just referring to but on fulfillment and returns as well. [43:29] Call Ann on the film inside, there's some data out there that indicates UPS and FedEx or not able to keep up with with the demand is that something easier view of thought about and kind of corollary to that is is I've kind of been a long time believer that the Amazons eventually going to, directly compete with those guys would love to hear your thoughts on that too. [43:50] I think it's overwhelming I had to do a return last week and it was a rather large item and I had to get the house and I asked for the time band which is usually 2 hours and it was eight hours and I inquired with the customer service. Representative why is the band eight hours and she started laughing mr. we've got a lot of stuff to pick up today. And we just don't know when we're going to be in your neighborhood and I thought that was you know it was honest but it was also I think indicative of what you were saying. [44:22] Yeah and I don't have any specific use not a specific area of expertise for me but I you know I do believe extraordinary companies find ways to transform themselves in. And I certainly believe all of the companies in the category especially the leading players. They're going to come well prepared for in the context of holiday but overall they're actively transforming their businesses and. Absolutely no question. I think we're in for front floor for quite a battle, quitbit it back to mobile Steve the last year you know we saw for, so two years ago we saw Africa Millennial kind of oriented folks traffic going over 50% last year we saw transactions get there for the millennial kind of audience and, other folks are kind of the past half traffic and getting towards 50% transactions sounds like you follow Alibaba I think there are like north of 80% transactional volume coming from mobile do you think this is another holiday where we kind of Step function up, midnighter is the US going to look different I do think we like to think we stepped up and, I'll put a Shameless plug in for our holiday survey how about we. [45:55] Think about getting back to you in October when we went when we haven't released but it's an area of specific Focus for our upcoming, holiday survey which which I said it being launched and why like I do expect that Trend will be exactly as as you said we'll look forward to sharing our holiday Outlook late September early October. Jason:  [46:19] We will certainly take you up on that. Scot, Steve, And Byron:  [46:22] Similarly will be releasing emerging Trends in real estate for 2018 and it will have a significant dedication to what's happening in retail that maybe we should maybe we should do a rematch of this in October. Jason:  [46:36] That would be terrific let's do this until we get to October where is we're coming up to the end of the show, if you had a you know 30 seconds in the elevator with the CEO of your favorite retailer what's the number one piece of a go to advice you have for retailers this year. Scot, Steve, And Byron:  [46:56] Mine would be make the visit special yeah and NN mine would be. [47:06] Focus on the consumer which clearly many of them are doing but in the end if you're taking care of the consumer I think the rest of it will find a way to take care of itself. Jason:  [47:20] Yep and then flipping it around what about to the the CEOs of the brands. Scot, Steve, And Byron:  [47:29] Yeah and I'll I'll take this one first plan I would say innovate and personalize. And I think if if they're able to if you think of the leading brand whether it be on the electronic side in the Footwear & Apparel side there's no question the leading brands that are. Constantly innovating and focusing on personalization are the clear winners. [47:59] I have to agree 100% with that comment so let's take it out further so we were kind of looking six months for, what's kind of you guys have been in the industry for a while so let's project out to 3 or 5 years what is retail look like you know do we have are we all sitting in our dark basements with VR goggles on like but Jason's doing or are we know what does that experience like are drones to like dropping things we have to catch him, I would love to hear your thoughts Byron let's start with you. [48:31] I think there's some of that that's all I was I was at a luncheon in Dallas couple of weeks ago where Ross Perot Jr shared with us that he has agreed with Uber, to be a pilot for their new Uber Elevate drone system which will be people people delivery and package delivery in and they'll be parking there drones in. In in Dallas and so he feels a little bit like The Jetsons but I think it's a promise just like driverless cars are upon us, and they'll change the way we live the way we do our errands the way we receive our Goods I don't think it'll be overnight but I think it's gradual and will be here before we know it and the groundwork is already being laid for that. [49:16] Yeah and what and what I might add I would show you I just did a market tour to New York and visited the World Trade Center and made a trip up to Columbus Circle so that included, the Apple Store. It at the World Trade Center the Amazon store Columbus Circle and I live in San Francisco and in the Embarcadero Center offices. They've opened a new Sephora store and there was one thing in common from all three of those examples stores were completely full. And the reason the stores were completely false is because they have extraordinary offerings they have exceptional Associates. Innovative products so I believe in three to five years the retailers that continue to do those things are going to continue to have those full stores that we saw and we're going to continue to see them being extremely relevant. Jason:  [50:16] Well guys that is a perfect place to leave off I, couldn't agree more and it is happen again we've wasted a perfectly good hour of our listeners time, don't forget listeners you're always welcome to continue the dialogue on her Facebook page and if you like today show feel free to leave us a review on iTunes Steve Byron very grateful for you taking the time to share your insights with us in the listeners. Scot, Steve, And Byron:  [50:43] Thank you very much for having us it was a pleasure to join you and I look forward to listening to your next podcast, awesome and just briefly how can people find out more about your your thoughts so you know we talked about the holiday preview that you guys do so would love to if you direct folks there, and any other writing that you guys do that you think would be interesting if you if you have a place people can find that where do they look for you online. [51:12] Www.twc.com. Yeah you can do that and then I occasionally contribute to Forbes probably not as often as I should but I do and I find and I do try to release retail trends, on Twitter and you can find me on my name and then like Byron said that Peter bc.com and we have landing pages both for our real estate practice and also for, our consumer Market practice which includes the retail practice and we'd love to hear from you directly or, folks want to follow us in any one of those medium we'd be thrilled to the follow along with you Ausable position it's. Jason:  [51:57] We sure will until next time happy commercing.

This week on BSDNow. Allan and I are back from MeetBSD! A good time was had by all, lots to discuss, so let's jump right into it on your place to B...SD! This episode was brought to you by Headlines Build a FreeBSD 11.0-release Openstack Image with bsd-cloudinit (https://raymii.org/s/tutorials/FreeBSD_11.0-release_Openstack_Image.html) We are going to prepare a FreeBSD image for Openstack deployment. We do this by creating a FreeBSD 11.0-RELEASE instance, installing it and converting it using bsd-cloudinit. We'll use the CloudVPS public Openstack cloud for this. Create an account there and install the Openstack command line tools, like nova, cinder and glance. A FreeBSD image with Cloud Init will automatically resize the disk to the size of the flavor and it will add your SSH key right at boot. You can use Cloud Config to execute a script at first boot, for example, to bootstrap your system into Puppet or Ansible. If you use Ansible to manage OpenStack instances you can integrate it without manually logging in or doing anything manually. Since FreeBSD 10.2-RELEASE there is an rc script which, when the file /firstboot exists, expands the root filesystem to the full disk. While bsd-cloudinit does this as well, if you don't need the whole cloudinit stack, (when you use a static ssh key for example), you can touch that file to make sure the disk is expanded at the first boot A detailed tutorial that shows how to create customized cloud images using the FreeBSD install media There is also the option of using the FreeBSD release tools to build custom cloud images in a more headless fashion Someone should make a tutorial out of that *** iXsystems Announces TrueOS Launch (https://www.ixsystems.com/blog/ixsystems-announces-trueos-launch/) As loyal listeners to this show, you've no doubt heard by now that we are in the middle of undergoing a shift in moving PC-BSD -> TrueOS. Last week during MeetBSD this was made “official” with iX issuing our press release and I was able to give a talk detailing many of the reasons and things going on with this change. The talk should be available online here soon(ish), but for a quick recap: TrueOS is moving to a rolling-release model based on FreeBSD -CURRENT Lumina has become the default desktop for TrueOS LibreSSL is enabled top to bottom We are in the middle of working on conversion to OpenRC for run-control replacement The TrueOS pico was announced, which is our “Thin-Client” solution, right now allowing you to use a TrueOS server pared with a RPI2 device. *** Running FreeBSD 11 on Raspberry Pi (https://vzaigrin.wordpress.com/2016/10/16/running-freebsd-11-on-raspberry-pi/) This article covers some of the changes you will notice if you upgrade your RPI to FreeBSD 11.0 It covers some of the changes to WiFi in 11.0 Pro Tip: you can get a list of WiFi devices by doing: sysctl net.wlan.devices There are official binary packages for ARM with 11.0, so you can just ‘pkg install' your favourite apps Many of the LEDs are exposed via the /dev/led/ interface, which you can just echo 0 or 1 to, or use morse(6) to send a message gpioctl can be used to control the various GPIO pins The post also covers how to setup the real-time clock on the Raspberry Pi There is also limited support for adjusting the CPU frequency of the Pi There are also tips on configuring a one-wire temperature sensor *** void-zones-tools for FreeBSD (https://github.com/cyclaero/void-zones-tools) Adblock has been in the news a bit recently, with some of the more popular browser plugins now accepting brib^...contributions to permit specific ads through. Well today the ad-blockers strike back. We have a great tutorial up on GitHub which demonstrates one of the useful features of using Unbound in FreeBSD to do your own ad-blocking with void-zones. Specifically, void-zones are a way to return NXDOMAIN when DNS requests are made to known malicious or spam sites. Using void-zones-tools software will make managing this easy, by being able to pull in known lists of sites to block from several 3rd party curators. When coupled with our past tutorials on setting up your own FreeBSD router, this may become very useful for a lot of folks who want to do ad-blocking ad at a lower level, allowing it to filter smart-phones or any other devices on a network. *** News Roundup BSD Socket API Revamp (https://raw.githubusercontent.com/sustrik/dsock/master/rfc/sock-api-revamp-01.txt) Martin Sustrik has started a draft RFC to revamp the BSD Sockets API: The progress in the area of network protocols is distinctively lagging behind. While every hobbyist new to the art of programming writes and publishes their small JavaScript libraries, there's no such thing going on with network protocols. Indeed, it looks like the field of network protocols is dominated by big companies and academia, just like programming as a whole used to be before the advent of personal computers. the API proposed in this document doesn't try to virtualize all possible aspects of all possible protocols and provide a single set of functions to deal with all of them. Instead, it acknowledges how varied the protocol landscape is and how much the requirements for individual protocols differ. Therefore, it lets each protocol define its own API and asks only for bare minimum of standardised behaviour needed to implement protocol composability. As a consequence, the new API is much more lightweight and flexible than BSD socket API and allows to decompose today's monolithic protocol monsters into small single-purpose microprotocols that can be easily combined together to achieve desired functionality. The idea behind the new design is to allow the software author to define their own protocols via a generic interface, and easily stack them on top of the existing network protocols, be they the basic protocols like TCP/IP, or a layer 7 protocol like HTTP Example of creating a stack of four protocols: ~~ int s1 = tcpconnect("192.168.0.111:5555"); int s2 = foostart(s1, arg1, arg2, arg3); int s3 = barstart(s2); int s4 = bazstart(s3, arg4, arg5); ~~ It also allows applying generic transformations to the protocols: ~~ int tcps = tcpconnect("192.168.0.111:80"); /* Websockets is a connected protocol. */ int ws = websockconnect(tcps); uint16t compressionalgoritm; mrecv(ws, &compressionalgorithm, 2, -1); /* Compression socket is unconnected. */ int cs = compressstart(ws, compression_algorithm); ~~ *** Updated version of re(4) for DragonflyBSD (http://lists.dragonflybsd.org/pipermail/users/2016-November/313140.html) Sephe over at the Dragonfly project has issued a CFT for a newer version of the “re” driver For those who don't know, that is for Realtek nics, specifically his updates add features: I have made an updated version of re(4), which leverages Realtek driver's chip/PHY reset/initialization code. I hope it can resolve all kinds of weirdness we encountered on this chip so far. Testers, you know what to do! Give this a whirl and let him know if you run into any new issues, or better yet, give feedback if it fixes some long-standing problems you've run into in the past. *** Hackathon reports from OpenBSD's B2K16 b2k16 hackathon report: Jeremy Evans on ports cleaning, progress on postgres, nginx, ruby and more (http://undeadly.org/cgi?action=article&sid=20161112112023) b2k16 hackathon report: Landry Breuil on various ports progress (http://undeadly.org/cgi?action=article&sid=20161112095902) b2k16 hackathon report: Antoine Jacoutot on GNOME's path forward, various ports progress (http://undeadly.org/cgi?action=article&sid=20161109030623) We have a trio of hackathon reports from OpenBSD's B2K16 (Recently held in Budapest) First up - Jeremy Evans give us his rundown which starts with sweeping some of the cruft out of the barn: I started off b2k16 by channeling tedu@, and removing a lot of ports, including lang/ruby/2.0, lang/io, convertors/ruby-json, databases/dbic++, databases/ruby-swift, databases/ruby-jdbc-*, x11/ruby-profiligacy, and mail/ruby-mailfactory. After that, he talks about improvements made to postgres, nginx and ruby ports, fixing things such as pg_upgrade support, breaking nginx down into sub-packages and a major ruby update to about 50% of the packages. Next up - Landry Breuil tells us about his trip, which also started with some major ports pruning, including some stale XFCE bits and drupal6. One of the things he mentions is the Tor browser: Found finally some time again to review properly the pending port for Tor Browser, even if i don't like the way it is developed (600+ patches against upstream firefox-esr !? even if relationship is improving..) nor will endorse its use, i feel that the time that was spent on porting it and updating it and maintaining it shouldn't be lost, and it should get commited - there are only some portswise minor tweaks to fix. Had a bit of discussions about that with other porters... Lastly, Antoine Jacoutot gives us a smaller update on his work: First task of this hackathon was for Jasper and I to upgrade to GNOME 3.22.1 (version 3.22.2 hit the ports tree since). As usual I already updated the core libraries a few days before so that we could start with a nice set of fully updated packages. It ended up being the fastest GNOME update ever, it all went very smoothly. We're still debating the future of GNOME on OpenBSD though. More and more features require systemd interfaces and without a replacement it may not make sense to keep it around. Implementing these interfaces requires time which Jasper and I don't really have these days... Anyway, we'll see. All-n-all, a good trip it sounds like with some much needed hacking taking place. Good to see the cruft getting cleaned up, along with some new exciting ports landing. *** July to September 2016 Status Report (https://www.freebsd.org/news/status/report-2016-07-2016-09.html) The latest FreeBSD quarterly status report is out It includes the induction of the new Core team, and reports from all of the other teams, including Release Engineering, Port Manager, and the FreeBSD Foundation Some other highlights: Capsicum Update The Graphics Stack on FreeBSD Using lld, the LLVM Linker, to Link FreeBSD VirtualBox Shared Folders Filesystem evdev support (better mouse, keyboard, and multi-touch support) ZFS Code Sync with Latest OpenZFS/Illumos The ARC now mostly stores compressed data, the same as is stored on disk, decompressing them on demand. The L2ARC now stores the same (compressed) data as the ARC without recompression, and its RAM usage was further reduced. The largest size of indirect block possible has been increased from 16KB to 128KB, and speculative prefetching of indirect blocks is now performed. Improved ordering of space allocation. The SHA-512t256 and Skein hashing algorithms are now supported. *** Beastie Bits How to Host Your Own Private GitHub with Gogs (http://www.cs.cmu.edu/afs/cs/user/predragp/www/git.html) Nvidia Adds Telemetry To Latest Drivers (https://yro.slashdot.org/story/16/11/07/1427257/nvidia-adds-telemetry-to-latest-drivers) KnoxBUG Upcoming Meeting (http://knoxbug.org/2016-11-29) Feedback/Questions William - Show Music (http://pastebin.com/skvEgkLK) Ray - Mounting a Cell Phone (http://pastebin.com/nMDeSFGM) Ron - TrueOS + Radeon (http://pastebin.com/p5bC1jKU) (Follow-up - He used nvidia card) Kurt - ZFS Migration (http://pastebin.com/ud9vEK2C) Matt Dillon (Yes that Matt Dillon) - vkernels (http://pastebin.com/VPQfsUks) ***