Podcasts about ssids

On today’s Packet Protector we answer listener questions about Wi-Fi security with guest Stephen Orr. Stephen is Chair of the Security Technical Task Group for the Wi-Fi Alliance and a Distinguished Solutions Engineer at Cisco. Questions include what recommendations Stephen would make for using multiple SSIDs vs. role-based device segmentation, what he sees as the... Read more »

On today’s Packet Protector we answer listener questions about Wi-Fi security with guest Stephen Orr. Stephen is Chair of the Security Technical Task Group for the Wi-Fi Alliance and a Distinguished Solutions Engineer at Cisco. Questions include what recommendations Stephen would make for using multiple SSIDs vs. role-based device segmentation, what he sees as the... Read more »

This is a recap of the top 10 posts on Hacker News on December 21st, 2023.This podcast was generated by wondercraft.ai(00:39): ArXiv now offers papers in HTML formatOriginal post: https://news.ycombinator.com/item?id=38724665&utm_source=wondercraft_ai(02:28): Apple allows some iOS apps to track user locations via lists of nearby SSIDsOriginal post: https://news.ycombinator.com/item?id=38720656&utm_source=wondercraft_ai(04:07): Beeper – Moving ForwardOriginal post: https://news.ycombinator.com/item?id=38722246&utm_source=wondercraft_ai(06:06): Fantasy Map BrushesOriginal post: https://news.ycombinator.com/item?id=38720412&utm_source=wondercraft_ai(07:54): Google OAuth is broken (sort of)Original post: https://news.ycombinator.com/item?id=38720544&utm_source=wondercraft_ai(10:15): The right to use adblockersOriginal post: https://news.ycombinator.com/item?id=38726389&utm_source=wondercraft_ai(11:47): Two pharmacists figured out that oral phenylephrine doesn't workOriginal post: https://news.ycombinator.com/item?id=38720248&utm_source=wondercraft_ai(13:30): Police get medical records without a warrantOriginal post: https://news.ycombinator.com/item?id=38719918&utm_source=wondercraft_ai(15:28): New nuclear deflection simulations advance planetary defense against asteroidsOriginal post: https://news.ycombinator.com/item?id=38718020&utm_source=wondercraft_ai(17:23): Find out who owns a nursing home with our Nursing Home Inspect toolOriginal post: https://news.ycombinator.com/item?id=38725264&utm_source=wondercraft_aiThis is a third-party project, independent from HN and YC. Text and audio generated using AI, by wondercraft.ai. Create your own studio quality podcast with text as the only input in seconds at app.wondercraft.ai. Issues or feedback? We'd love to hear from you: team@wondercraft.ai

Avi Freedman, CEO at Kentik, joins Corey on Screaming in the Cloud to discuss the fun of solving for observability. Corey and Avi discuss how great simplicity can be deceiving, and Avi points out that with great simplicity comes great complexity. Avi discusses examples of this that he sees in Kentik customer environments, as well as the differences he sees in cloud environments from traditional data center environments. Avi also reveals his predictions for the future and how enterprise M&A will affect the way companies view data centers and VPCs. About AviAvi Freedman is the co-founder and CEO of network observability company Kentik. He has decades of experience as a networking technologist and executive. As a network pioneer in 1992, Freedman started Philadelphia's first ISP, known as netaxs. He went on to run network operations at Akamai for over a decade as VP of network infrastructure and then as chief network scientist. He also ran the network at AboveNet and was the CTO of ServerCentral.Links Referenced: Kentik: https://kentik.com Email: avi@kentik.com Twitter: https://twitter.com/avifreedman LinkedIn: https://www.linkedin.com/in/avifreedman TranscriptAnnouncer: Hello, and welcome to Screaming in the Cloud with your host, Chief Cloud Economist at The Duckbill Group, Corey Quinn. This weekly show features conversations with people doing interesting work in the world of cloud, thoughtful commentary on the state of the technical world, and ridiculous titles for which Corey refuses to apologize. This is Screaming in the Cloud.Corey: Most Companies find out way too late that they've been breached. Thinkst Canary changes this. Deploy Canaries and Canarytokens in minutes and then forget about them. Attackers tip their hand by touching 'em giving you the one alert, when it matters. With 0 admin overhead and almost no false-positives, Canaries are deployed (and loved) on all 7 continents. Check out what people are saying at canary.love today!Corey: Welcome to Screaming in the Cloud, I'm Corey Quinn. This promoted guest episode is brought to us by our friends at Kentik. And into my social grist mill, they have thrown Avi Freedman, their CEO. Avi, thank you for joining me.Avi: Thank you for having me, Corey. I've been a big fan for some time, I have never actually fallen off my seat laughing, but I've come close a couple times on some of your threads.Corey: You must have a great chair.Avi: I should probably upgrade it [laugh].Corey: [laugh]. I have been looking forward to this conversation for a while because you are one of those rare creatures who comes from a similar world to what I did where we were grumpy and old before our time because we worked on physical infrastructure in data centers, we basically wrangled servers into doing the things that we wanted them to do when hardware reliability was an aspiration rather than a reality. And we also moved on from that, in many ways. We are not blind to the modern order of how computers work. But you still run a lot of what you do in data centers, but many of your customers are in cloud. You speak both languages very fluently because of the unifying thread between all of this, which is, of course, the network. How did you wind up in, I guess we'll call it network hell.Avi: [laugh]. I mean, network hell was truly… in the '90s, when the internet was—I mean, the internet is sort of like the human body: the more you study it, the more amazing it is that it ever worked in the first place, not that it breaks sometimes—was the bugs, and trying to put together the technology back then, you know, that we had the life is pretty good nowadays, other than the [laugh] immense complexity that has been unleashed on us by everyone taking the same technology and then writing it in their own software and giving it their own marketing names. And thus, you have multi-cloud networking. So, got into it because it's a problem that needs to be solved, right? There's no ESP that connects the applications together; the network still needs to make it work. And now people own some of it, and then more of it, they don't own, but they're still responsible for it. So, it's a fun problem to solve.Corey: The timing of this episode is apt because I've used Kentik myself for a few things over the years. And to be fair, using it for any of my personal networking problems is a bit like noticing, “Oh, I have a loose thread here on my shirt. Pass me the chainsaw.” It's, my environment is tiny and it's over-scoped. But I just earlier this week wound up having to analyze a day's worth of Flow Logs from one of my clients, and to do this, I had to spin up an EC2 instance with 128 gigs of RAM and then load the Flow Logs for that day into RAM, and then—not kidding—I ran into OOM Killer because I ran out of RAM on this thing.Avi: [laugh].Corey: It is, like, yeah, that's right. The network is chatty, the logs are immense, and it's easy to forget. Because the reason I was doing this was just to figure out what are the things that are talking to each other in this environment to drive up some aspects of data transfer costs. But that is an esoteric use case for this; it's not why most people tend to think about network observability. So, I'm going to ask you the blunt question up front here because it might be a really short episode. Do we have to care about networking in the least now that cloud is the default in most locations? It is just an API call away, isn't it?Avi: With great simplicity comes great complexity. So, to the people running infrastructure, to developers or architects, turning it all on, it looks like just API calls. But did you set the policies right? Can the things talk to each other? Are they talking in patterns that are causing you wild data transfer costs?All these things ultimately come back to some team that actually has to make it go. And can be pretty hard to figure that out, right, because it's not just the VPC Flow Logs. It's, what's the policy? It's, what are they talking to that maybe isn't in that cloud, that's maybe in another cloud? So, how do you bring it all together? Like, you could have—and maybe you should have—used Athena, right? You can put VPC Flow Logs in S3 buckets and use Athena and run SQL queries if all you want is your top talker.Corey: Oh, I did. That's how I started, but Athena is, uh… it has some challenges. Let's just put it that way and leave it there. DuckDB is what I was using and I'm much happier with it for a variety of excellent reasons.Avi: Okay. Well, I'll tease you another time about, you know—I lost this battle at Kentik. We actually don't use swap, but I'm a big fan of having swap and monitoring it so the OOM Killer only does what you want or doesn't fire at all. But that's a separate religious debate.Corey: There's a counterargument of running an in-memory data store. And then oh, we're going to use it as swap though, so it's like, hang on, this just feels like running a normal database with extra steps.Avi: Computers allow you to do amazing things and only occasionally slap you nowadays with it. It's pretty amazing. But back to the question. APIs make it easy to turn on, but not so easy to run. The observability that you get within a given cloud is typically very limited.Google actually has the best. They show some topology and other things. I mean, a lot of what we do involves scraping API calls in the cloud to figure out what does this all mean, then convolving it with the VPC Flow Logs and making it look like a network, and what are the gateways, and what are the rules being applied and what can't talk to itself? If you just look at VPC Flow Logs like it's Syslog, good luck trying to figure out what VPCs are talking to each other. It's exactly the problem that you were describing.So, the ease of turning it on is exactly inversely proportional to the ease of running it. And, you know, as a vendor, we think it's an awesome [laugh] problem, but we feel for our customers. And you know, occasionally it's a pain to get the IAM roles set up to scrape things and help them, but that's you know, that's just part of the job.Corey: It's fascinating to me, just looking from an AWS perspective, just how much work clearly has to be done to translate their Byzantine and very strange networking environment and concepts into things that customers see. Because in many cases, the things that the virtual machines that we've run on top of EC2, let alone anything higher level, is being lied to the entire time about what the actual topology of the environment is. It was most notable, for me at least, at re:Invent 2022, the most recent one, where they announced they have a TCP replacement, scalable, reliable data grammar SRD. It's a new protocol entirely. It's, “Oh, wow, can we use it?” “No.” “Okay.” Like, I get that it's a lot of work, I get you're excited about it. Are you going to talk to us about how it actually works? “Oh, absolutely not.” So… okay, good for you, I guess.Avi: Doesn't Amazon have to write a press release before they build anything, and doesn't the press release have to say, like, why people give a shit, why people care?Corey: Yep. And their story on this was oh, it enables us to be a lot faster at letting EBS volumes talk to some of our beefier instances.Avi: [laugh].Corey: And that's all well and good, don't get me wrong, but it's also, “Yay, it's more reliable,” is a difficult message to send. I mean, it's hard enough when—and it's necessary because you've got to tacitly admit that reliability and performance haven't been all they could be. But when it's no longer an issue for most folks, now you're making them wonder, like, wait, how bad was it? It's just a strange message.Avi: Yeah. One of my projects for this weekend is, I actually got a gaming PC and I'm going to try compression offload to the CUDA cores because right now, we do compress and decompress with Intel cores. And like, if I'm successful there and we can get 30% faster subqueries—which doesn't really matter, you know, on the kind of massive queries we run—and 20% more use out of the computers that we actually run, I'm probably not going to do a press release about it. But good to see the pattern.But you know, what you said is pretty interesting. As people like Kentik, we have to put together, well, on Azure, you can have VPCs that cross regions, right? And in other places, you can't. And in Google, you have performance metrics that come out and you can get it very frequently, and in Amazon and Azure, you can't. Like, how do you take these kinds of telemetry that are all the same stuff underneath, but packaged up differently in different quantos and different things and make it all look the same is actually pretty fun and interesting.And it's pretty—you know, if you give some cloud engineers who focus on the infrastructure layer enough beers or alcohol or just room to talk, you can hear some funny stories. And it all made sense to somebody in the first place, but unpacking it and actually running it as a common infrastructure can be quite fun.Corey: One of the things that I have found notable about your perspective, as particularly, you're running all of the network ingest, to my understanding, in your data center environment. Because we talked about this when you were kind enough to invite me to your company all-hands offsite, presumably I assume when people do that, it's so they can beat me up in the alley, but that only happened twice. I was very pleasantly surprised.Avi: [And you 00:09:23] made fun of us only three times, so you know, you beat us—Corey: Exactly.Avi: —but it was all enjoyed.Corey: But always with love. Now, what I found fascinating was you and I sat down for a while and you talked about your data center architecture. And you asked me—since I don't have anything to sell you—is there an economical way that I could see running your environment on top of AWS? And the answer was sure, if by economical you mean an absolute minimum of six times what you're currently paying a year, sure you can get there. But it just does not make sense for any realistic approach to doing this.And the reason I bring this up is that you're in a data center not because of religious beliefs, “Of, well, this is good enough for my grandpappy, so it's good enough for me.” It's because it solves the problem you have in a way that the cloud providers clearly cannot. But you also are not anti-cloud. So, many folks who are all-in on data centers seem to be doing it out of pure self-interest where, well, if everyone goes all-in on cloud, then we have nothing left to sell them. I've used AWS VPC Flow Logs. They have nothing that could even remotely be termed network observability. Your future is assured as long as people understand what it is that you're providing them and what are you that adds. So yeah, people keep going in a cloud direction, you're happy as houses.Avi: We'll use the best tools for building our infrastructure that we can, right? We use cloud. In fact, we're just buying some reserved instances, which always, you know, I give it the hairy eyeball, but you know, we're probably always going to have our CI/CD bursty stuff in the cloud. We have performance testing regions on all the major clouds so that we can tell people what performance is to and from cloud. Like, that we have to use cloud for.And if there's an always-on model, which starts making sense in the cloud, then I try not to be the first to use anything, but [laugh] we'll be one of the first to use it. But every year, we talk to, you know, the major clouds because we're customers of all them, for as I said, our testing infrastructure if nothing else, and you know, some of them for some other parts, you know, for example, proxying VPC Flow Logs, we run infrastructure on Kubernetes in all—in the three biggest to proxy VPC Flow Logs, you know, and so that's part of our bill. But if something's always on, you know, one of our storage servers, it's a $15,000 machine that, you know, realistically runs five years, but even if you assume it runs three years, we get financing for it, cost a couple $100 a month to host, and that's inclusive of our ops team that runs, sort of, everything, you just do the math. That same machine would be, you know, even not including data transfer would be maybe 3500 a month on cloud. The economics just don't quite make sense.For burst, for things like CI/CD, test, seasonality, I think it's great. And if we have patterns like that, you know, we're the first to use it. So, it's just a question of using what's best. And a lot of our customers are in that realm, too. I would say some of them are a little over-rotated, you know, they've had big mandates to go one way or the other and don't have the right, you know, sort of nuanced view, but I think over time, that's going to fix itself. And yeah, as you were saying, like, the more people use cloud, the better we do, so it's just really a question of what's the best for us at our infrastructure and at any given time.Corey: I think that that is something that is not fully appreciated or well understood is that I work with cloud technologies because for what I do, it makes an awful lot of sense. But I've been lately doing a significant build-out in my home network on the perspective of yeah, this makes sense for what I do. And I now have increased number of workloads that I'm running here and I got to say, it feels a little strange, on some level, not to be paying AWS on something metered by the second whenever I'm running a job here. That always feels a little on the weird side. But I'm not suggesting I filled my house with servers either.Avi: [unintelligible 00:13:18] going to report you to the House on Cloudian Activities Committee [laugh] for—Corey: [laugh].Avi: To straighten you out about your infrastructure use and beliefs. I do have to ask you, and I do have some foreknowledge of this, where is the controller for your network running? Is it running in your house or—Corey: Oh, the WiFi controller lives in Ohio with all the other unpleasant things. I mean, even data transfer between Ohio and Virginia—if you're on AWS—is half-price because data wants to get out of Ohio just as much as the people do. And that's fine, but it can also fail out of band. I can chill that thing for a while and I'm not able to provision new equipment, I can't spin up new SSIDs, but—Avi: Right. It's the same as [kale scale 00:14:00], which is, like, sufficiently indistinguishable from magic, but it's nice there's [head scale 00:14:05] in case something happened to them. But yeah, you know, you just can't set up new stuff without your SSHing old way while it's down. So.Corey: And worst case, it goes away irretrievably, I can spin a new one up, I can pair everything locally, do it by repointing DNS locally, and life will go on. It's one of those areas where, like, I would not have this in Ohio if latency was a concern if it was routing every packet out halfway across the country before it hit the general internet. That would be a challenge for me. But that's not what I'm doing.Avi: Yeah, yeah. No, that makes sense. And I think also—Corey: And I certainly pay AWS by the second for that thing. That's—I have a three-year savings plan for that thing, and if nothing else, it was useful for me just to figure out what the living hell was going on with the savings plan purchase project one year. That was just, it was challenged to get that straightened out in some ways. Turns out that the high watermark of the console is a hundred-and-some-odd-thirty-million dollars you can add to cart and click the buy button. Have fun.Avi: My goodness. Okay, well.Corey: The API goes up to $26.2 billion. Try that in a free tier account, preferably someone else's.Avi: I would love to have such problems. Right now, that is not one of them. We don't spend that much on infrastructure.Corey: Oh, that is more than Amazon's—AWS's at least—quarterly revenue. So, if you wind up doing a $26.2 billion, it's like—it's that old saw. You owe Amazon a million dollars, you have a problem. If you owe Amazon $26 billion, Amazon has a problem. Yeah, that's when Andy Jassy calls you 20 minutes after you make that purchase, and at least to me, he yells at me with a, “Listen here, asshole,” and it sort of devolves from there.Avi: Well, I do live in Seattle, so you know, they send the posse out, I'm pretty sure.Corey: [laugh] I will be keynoting DevOpsDays Seattle on August 1st with a talk that might very well resonate with your perspective, “The Modern Devops: A Million Ways to Die in Production.”Avi: That is very cool. I mean, ultimately, I think that's what cloud comes back to. When cloud was being formed, it's just other people's computers, storage, and network. I don't know if you'd argue that there's a politics, control plane, or a—Corey: Oh, I would say, “Cloud? There's no cloud; just someone else's cost center.”Avi: Exactly. And so, how do you configure it? And back to the question of, should everything be on-prem or does cloud abstract at all, it's all the same stuff that we've been doing for decades and decades, just with other people's software and names, which you help decode. And then it's the question we've always had: what's the best thing to do? Do you like [Wellfleet 00:16:33] or [Protion 00:16:35]? Now, do you like Azure [laugh] or Google or Amazon or somebody else or running your own?Corey: It's almost this generation's equivalent of Vi versus Emacs.Avi: Yes. I guess there could be a crowd equivalent. I use VI, but only because I'm a lisp addict and I don't want to get stuck refining Eliza macros and connecting to the ChatGPT in Emacs. So, you know. Someone just did a Emacs as PID 0. So basically, no init, just, you know, the kernel boots into Emacs, and then someone of course had to do a VI as PID 0. And I have to admit, Emacs would be a lot more useful as a PID 0, even though I use VI.Corey: I would say that—I mean, you wind up in writing in Emacs and writing lisp in it, then I've got to say every third thing you say becomes a parenthetical.Avi: Exactly. Ha.Corey: But I want to say that there's also a definite moving of data going on there that I think is a scale that, for those of us working mostly in home labs and whatnot, can be hard to imagine. And I see that just in terms of the volume of Flow Logs, which to be clear, are smaller than the data transfer they are representing in almost every case.Avi: Almost every.Corey: You see so much of the telemetry that comes out of there and what customers are seeing and what their problems are, in different ways. It's not just Flow Logs, you ingest a whole bunch of different telemetry through a variety of modern and ancient and everything in between variety of protocols to support, you know, the horror that is network equipment interoperability. And just, I can't—I feel like I can't do a terrific job of doing justice to describing just how comprehensive Kentik is, once you get it set up as a product. What is on the wire has always been for me the arbiter of truth because computers will lie to you, but it's very tricky to get them to lie and get the network story to cover for it.Avi: Right. I mean, ultimately, that's one of the sources of truth. There's routing, there's performance testing, there's a whole lot of different things, and as you were saying, in any one of these slices of your, let's just pick the network. There's many different things that all mean the same, but look different that you need to put together. You could—the nerd term would be, you know, normalizing. You need to take all this stuff and normalize it.But traffic, we agree, that's where we started with. We call it the what if what is. What's actually happening on the infrastructure and that's the ancient stuff like IPFIX and NetFlow and sFlow. Some people that would argue that, you know, the [IATF 00:19:04] would say, “Oh, we're still innovating and it's still current,” but you know, it's certainly on-prem only. The major cloud vendors would say, “Oh, well, you can run the router—cloud routers—or you could run cloud versions of the big routers,” but we don't really see that as a super common pattern today.But what's really the difference between NetFlow and the VPC Flow Log? Well, some VPC Flow Logs have permit deny because they're really firewall logs, but ultimately, it's something went from here to there. There might not be a TCP flag, but there might be something else in cloud. And, you know, maybe there's rum data, which is also another kind of traffic. And ultimately, all together, we try to take that and then the business metadata to say, whether it's NetBox in the old world or Kubernetes in the new world, or some other [unintelligible 00:19:49], what application is this? What user is this?So, you can ask questions about why am I blowing up between these cloud regions? What applications are doing it, right? VPC Flow Logs by themselves don't know that, so you need to add that kind of metadata in. And then there's performance testing, which is sort of the what is. Something we do, Thousand Eyes does, some other people do.It's not the actual source of truth, but for example, if you're having a performance problem getting between, you know, us-east and Azure in the east, well, there's three other ways you can get there. If your actual traffic isn't getting there that way, then how do you know which one to use? Well, let's fire up some tests. There's all the metrics on what all of the devices are reporting, just like you get metrics from your machines and from your applications, and then there's stuff even up at the routing layer, which God help you, hopefully you don't need to actually get in and debug, but sometimes you do. And sometimes, you know, your neighbor tells the mailman that that mail is for me and not for you and they believe them and then you have a big problem when your bills don't get paid.The same thing happens in the cloud, the same thing happens on the internet [unintelligible 00:20:52] at the routing. So, the goal is, take all the different sources of it, make it the same within each type, and then pull it all together so you can look at a single place, you can look at a map, you can look at everything, whether it's the cloud, whether it's your own data centers, your own WAN, into the internet and in between in a coherent way that understands your application. So, it's a small task that we've bit off, but you know, we have fun solving it.Corey: Do you find that when you look at customer environments, that they are, and I don't mean to be disparaging here, truly I don't, but if you were to ask me to design something today, I would probably not even be using VPCs if I'm doing this completely greenfield. I would be a lot more cloud-first, et cetera, et cetera. Whereas in many cases, that is not the right path, especially if you know, customers have the temerity to not be founded within the last 18 months before AWS existed in some ways. Do you find that the majority of what they're doing looks like they're treating the cloud like data centers or do you find that they are leveraging cloud in ways that surprise you and would not be possible in traditional data centers? Because I can't shake the feeling that the network has a source of truth for figuring out what's really going on [is very hard to beat 00:22:05].Avi: Yes, for the most part, to both your assertion at the end and sort of the question. So, in terms of the question, for the most part, people think of VPCs as… you know, they could just equivalent be VLANs and [unintelligible 00:22:21], right? I've got policies, and I have these things that are talking to each other, and everything else is not local. And I've got—you know, it's not a perfect mapping to physical interfaces in VLANs but it's the equivalent of that.And that is sort of how people think about it. In the data center, you'd call it micro-segmentation, in the cloud, you call it clouding, but you know, just applying all the same policies and saying this stuff can talk to each other and not. Which is always sort of interesting, if you don't actually know what is talking [laugh] to each other to apply those policies. Which is a lot of what you know, Kentik gets brought in for first. I think where we see the cloud-native thinking, which is overlaid on top of that—you could call it overlay, I guess—which is service mesh.Now, putting aside the question of what's going to be a service mesh, what's going to be a network mesh, where there's something like [unintelligible 00:23:13] sit, the idea that there's a way that you look at traffic above the packets at, you know, layers three to more layer seven, that can do things like load balancing, do things like telemetry, do things like policy enforcement, that is a layer that we see very commonly that a lot of the old school folks have—you know, they want their lsu F5s and they want their F5 script. And they're like, “Why can't I have this in the cloud?”—which I guess you could buy it from F5 if you really want—but that's pretty common. Now, not everything's a sidecar anymore and there's still debates about what's going on there, but that's pretty common, even where the underlying cloud just looks like it could just be a data center.And that seems to be state of the art, I would say, our traditional enterprise customers, for sure. Our web company customers, and you know, service providers use cloud more for their OTT and some other things. As we work with them, they're a little bit more likely to be on-prem, you know, historic. But remember, in the enterprise, there's still a lot of M&A going on, I think that's even going to pick up in the next couple of years and a lot of what they're doing is lift-and-shift of [laugh] actual data centers. And my theory is, it's got to be easier to just make it look like VPCs than completely redo it.Corey: I'd say that there's reasons that things are the way that they are. Like, ignoring that this is the better approach from a technical perspective entirely because that's often not the only answer, it's we have assurances we made as part of audit compliance regimes, of our SOC 2, of how we handle certain things and what those controls are. And yeah, it's not hard for even a junior employee, most of the time, to design a reasonable architecture on a whiteboard. The problem is, how do you take something pre-existing and get it to a state that closely resembles that while not turning it off for a long time?Avi: Right. And I think we're starting to see some things that probably shouldn't exist, like, people trying to do VXLAN as overlays into and between VPCs because that was how their data s—you know, they're more modern on the data center side and trying to do that. But generally, I think people have an understanding they need to be designing architecture for greenfield things that aren't too far bleeding edge, unless it's like a pure developer shop, and also can map to the least common denominator kinds of infrastructure that people have. Now, sometimes that may be serverless, which means, you know, more CDN use and abstracted layers in front, but for, you know, running your own components, we see a lot of differences but also a lot of commonality. It's differences at the micro but commonality the macro. And I don't know what you see in your practice. So.Corey: I will say that what I see in practice is that there's a dichotomy where you have born-in-the-cloud companies where 80% of their spend is on a single workload and you can do a whole bunch of deep optimizations. And then you see the conglomerate approach where it's giant spend, but it's all very diffuse across 1500 different applications. And different philosophies, different processes, different cultures give rise to a lot of these things. I will say that if I had a magic wand, I would—and again, the fact that you sponsor and promote this episode is deeply appreciated. Thank you—Avi: You're welcome.Corey: —but it does not mean that you get to compromise my authenticity and objectivity. You can't buy my opinion, just my attention. But I will say this, that I would love it if my customers used Kentik because it is one of the best things I've ever seen to describe what is talking to what that scale and in volume without going super deep into the weeds. Now, obviously, I'm not allowed to start rolling out random things into customer environments. That's how I get sued to death. But, ugh, I wish it was there.Avi: You probably shouldn't set up IAM rules without asking them, yes. That wouldn't be bad.Corey: There's a reason that the only writable stuff that I have access to is generating reports in Cost Explorer.Avi: [laugh]. Okay.Corey: Everything else is read-only. All we do is to have conversations with folks. It sets context for those conversations. I used to think that we'd be doing this as a software offering. I no longer believe that actually solves the in-depth problems that people have.Avi: Well, I appreciate the praise. I even take some of the backhanded praise slash critique at the beginning because we think a lot about, you know, we did design for these complex and often hybrid infrastructures and it's true, we didn't design it for the two or four router, you know, infrastructure. If we had bootstrapped longer, if we'd done some other things, we might have done it that way. We don't want to be exclusionary. It's just sort of how we focus.But in the kind of customers that you have, these are things that we're thinking about what can we do to make it easier to onboard because people have these massive challenges seeing the traffic and understanding it and the cost and security and the performance, but to do more with the VPC Flow Logs, we need to get some of those metrics. We think about should we make an open-source thing. I don't know how much you've seen the concern that people have universally across cloud providers that they turn on something like Kentik, and they're going to hit their API rate limiter. Which is like, really, you can't build a cache for that at the scale that these guys run at, the large cloud providers. I don't really understand that. But it is what it is.We spent a lot of time thinking about that because of security policy, and getting the kind of metrics that we need. You know, if we open-source some of that, would it make it easier, plug it into people's observability infrastructure, we'd like to get that onboarding time down, even for those more complex infrastructures. But you know, the payoff is there, you know? It only takes a day of elapsed time and one hour or so. It's just you got to get a lot of approvals to get the kind of telemetry that you need to make sense of this in some environments.Corey: Oh, yes. And that's part of the problem, too, is like, you could talk about one of those big environments where you have 1500 apps all talking to each other. You can't make sense of any of it without talking to people and having contacts and occasionally get a little bit of [unintelligible 00:29:07] just what these things are named. But at that point, you're just speculating wildly. And, you know, it's an engineering trap, where I'm just going to guess rather than asking someone who knows the answer because I don't want to look foolish. It's… you just three weeks chasing your own tail. Who's the foolish one?Avi: We're not in a competitive business to yours—Corey: [laugh].Avi: But I do often ask when we're starting off, “So, can you point us at the source of truth that describes what all your applications are?” And usually, they're, like, “[laugh]. No.” But you know, at the same time to make sense of this stuff, you also need that metadata and that's something that we designed to be able to take.Now, Kubernetes has some of that. You may have some of it in ServiceNow, a lot of people use. You may have it in your own text file, CSV somewhere. It may be in NetBox, which we've seen people actually use for the cloud, more on the web company and service provider side, but even some traditional enterprise is starting to use it. So, a lot of what we have to do as a vendor is put all that together because yeah, when you're running across multiple environments and thousands of applications, ultimately scrying at IP addresses and VPC IDs is not going to be sufficient.So, the good news is, almost everybody has those sources and we just tried to drag it out of them and pull it back together. And for now, we refuse to actually try to get into that business because it's not a—seems sort of like, you know, SAP where you're going to be sending consultants forever, and not as interesting as the problems we're trying to solve.Corey: I really want to thank you, not just for supporting the show of course, but also for coming here to suffer my slings and arrows. If people want to learn more, where's the best place for them to find you? And please don't respond with an IP address.Avi: 127.0.0.1. You're welcome at my home at any time.Corey: There's no place like localhost.Avi: There's no place like localhost. Indeed. So, the company is kentik.com, K-E-N-T-I-K. I am avi@kentik.com. I am@avifriedman on Twitter and LinkedIn and some other things. And happy to chat with nerds, infrastructure nerds, cloud nerds, network nerds, software nerds, debate, maybe not VI versus Emacs, but should you swap space or not, and what should your cloud architecture look like?Corey: And we will, of course, put links to that in the [show notes 00:31:20].Avi: Thank you.Corey: Thank you so much for being so generous with your time. I really appreciate it.Avi: Thank you for having this forum. And I will let you know when I am down in San Francisco with some time.Corey: I would be offended if you didn't take the time to at least say hello. Avi Friedman, CEO at Kentik. I'm Cloud Economist Corey Quinn, and this has been a promoted guest episode of Screaming in the Cloud. If you've enjoyed this podcast, please leave a five-star review on your podcast platform of choice, whereas if you've hated this podcast, please leave a all five-star review on your podcast platform of choice, along with an angry comment saying how everything, start to finish, is somehow because of the network.Corey: If your AWS bill keeps rising and your blood pressure is doing the same, then you need The Duckbill Group. We help companies fix their AWS bill by making it smaller and less horrifying. The Duckbill Group works for you, not AWS. We tailor recommendations to your business and we get to the point. Visit duckbillgroup.com to get started.

Shownotes Multiple BSSID sets out to aggregate individual beacon frames from an access point to a single beacon frame. It helps solve the issue of beacon overhead. As it is today, each SSID broadcasts a beacon. The more SSIDs you're broadcasting, the more the beacons eat up airtime. Airtime is a precious resource for Wi-Fi […] The post CTS 306: Multiple-BSSID appeared first on Clear To Send.

Last time we checked in on the PicoW CircuitPy progress, we saw the onboard LED blinking - basically proving that the SPI transport and firmware upload was working. This round, we're starting to see the beginnings of integration support, with the ability to read the MAC address, scan for accessible SSIDs, and connect to get an IP address! there's still a lot more to do, like DNS support, LWIP integration and a TLS stack, so it's great to see progress

Assange once said, “A mobile phone is a tracking device that also makes calls”. He's not wrong. There are countless ways that phones track our movements, and one of them is via WiFi probe requests.In this video we explain how your phone automatically connects to your WiFi whenever you return home or to your favorite coffee shop, and why it leaves your device vulnerable to all kinds of attacks and surveillance -- it can allow people to maliciously intercept your internet traffic, track you, or find out personal information about you.Main takeaways:Turn your WiFi OFF when you're not using itDon't automatically connect to WiFi networksForget networks after joining themKeep your OS and device updated00:00 Intro01:00 How WiFi connections work04:29 Hidden networks05:49 Why broadcasting SSIDs is a privacy nightmare: Tracking07:45 Why broadcasting SSIDs is a privacy nightmare: Exposes Private Info09:06 MOST IMPORTANT PART OF THE VIDEO: malicious connections11:03 How to protect yourself13:11 SummaryResearch paper from Johanna Ansohn McDougall:https://arxiv.org/pdf/2206.03745.pdfVideo from Modern Rogue:https://youtu.be/NkNgW3TwMy8Brought to you by NBTV members: Lee Rennie, Will Sandoval, and Naomi BrockwellTo support NBTV, visit https://www.nbtv.media/support(tax-deductible in the US)Sign up for the free CryptoBeat newsletter here:https://cryptobeat.substack.com/Beware of scammers, I will never give you a phone number or reach out to you with investment advice. I do not give investment advice.Visit the NBTV website:https://nbtv.mediaSupport the show

In this episode, Frenchpet unboxes the Steam Deck! He talks about being sick, Epic Games vs. Steam, coincidence, GST, deliveries, portability, monkey pox, time zones, SSIDs, and much more! Follow our socials for more Frenchpet madness! Facebook: https://www.facebook.com/frenchpet/ Twitter: https://www.twitter.com/ftanpodcast/ Instagram: https://www.instagram.com/frenchpetpodcast/ Join our Discord: https://discord.gg/zBaPK9xENH Linktr.ee: http://frenchpet.com/ For merch, visit: http://store.frenchpet.com/

Hello everyone welcome to the show "Ethical Hacking" episode 83 today we are going to discuss about Securing WiFi devices.Wireless devices are much less secure than our traditional networks because their data streams are simply flying through the air,waiting to be gobbled up by some attacker sitting out there.When we talked about wire tapping in the last lesson,we talked about having to gain access to the network physically.Well, with a wireless network that challenge is eliminated because the network is literally floating in the airways.In this lesson we're going to discuss some of the basic vulnerabilities associated with wireless networks and how you can combat them.First, the administrative access on the wireless access point is a vulnerability.Usually these have default user names and passwords like admin, admin like we discussed before.And you have to make sure you secure them.Also, remote administration should be disabled on your wireless access points.Remote administration is something that allows you to connect over the internet and then make changes to your wireless access point.You don't need that.Instead you should turn it off and make sure that you're doing it locally inside your network only to minimize that risk.The second vulnerability we have to think about is the service set identifier,or the SSID.Back in network plus you learned that the SSID is what uniquely identifies the network and it acts as the name of the wireless access point that the clients are going to use to connect to it.For example, if you came by my offices,you would see that my network is the oh so hard name to guess of vijay.Anyone who sees that might think hey that might be vijay kumar's WiFi, right?Well, that's the SSIDs job.It sits there and it broadcasts out hey I'm here,I'm here, I'm vijay, I'm vijay I'm vijay Now, according to you should disable the broadcast.So clients have to already know the name of it prior to connecting to it.They say this is a way to slow down the bad guy from attacking your network.As an ethical hacker myself,I can tell you that it isn't really going to slow me down.If you aren't broadcasting openly,your clients are still sending the same wireless access point information and that SSID with every single communication they make.It takes me about five seconds to find out your SSID if you're not broadcasting.So by disabling it you're just making operations harder for yourself and you're not really gaining any security here.Now all of that said,if you're asked disable SSID broadcast is considered good security in the security and you should implement it.In the real world, it really doesn't matter that much.Now the next one we're going to talk about is rogue access points.Rogue access points are another vulnerability out there.A rogue access point is an unauthorized wireless access point or wireless router that somebody connected to your network and it's going to give access to your secure network.For example, if you walk around your office and somebody decided that they didn't want to plug into that RJ45 jack all the way in the back wall over there,so they put a wireless access point so they can access it throughout the whole room.That makes operations easy for them,but that wireless access point wasn't properly configured.This is going to extend your wired network into the wireless realm,and it can introduce it's own DHCP server and cause all sorts of other issues.To prevent this you should enable MAC filtering on the network,network access control and run a good IDS or IPS on your network that can detect or prevent these devices when they initially try to connect.

Today we're doing something new - a first impressions episode of Meraki networking gear. Note: this is not a sponsored episode, but rather a follow up to episode #460 where I talked about throwing all my UniFi gear into the ocean and replacing it with Meraki gear. At the end of that episode I asked if anybody was interested in a "first impressions" of the gear, and it turns out (at least 6) people are interested, so here we are! TLDL: Pros Super easy plug-and-play setup The mobile app can control just about everything - ports, SSIDs, Internet on/off timers and more! Verbose logging Top-notch support from experienced technicians Cons Cost! Big $$$ "Cloud only" - can't install this gear in a LAN-only configuration Client VPN is a bit clunky to setup

Topics: -Command Control Power is very pleased to be joined by the co-authors of the macOS Support Essentials books, Arek Dreyer and Adam Karneboge. -Adam takes us through his origins in the business and how he met Arek. -Adam was originally a tech editor for the books -Previously, Adam & Arek had worked on another book called Managing Apple Devices. -Sam asks about the pressures of not only being an authoring, but being a tech editor. -Arek talks about an eBook version which allows corrections or changes after publishing the hard copy. -On the last version of Managing Apple Devices, Arek talks about a last minute change he regrets. -Writing a book while an operating system is going through the beta process is a challenge. -The authors explain how they split up the work in terms of exercises, reference guide, and lessons. -Steve Leebove gets props for his incredible tech editing skills, as well as the team at Peachpit. -Joe talks about feedback, both good and bad, that can come in response from putting your work out there. -“Life or death for data” -Jerry blows some sunshine to Arek & Adam and compliments their hard efforts. -Arek talks about hearing the positive feedback and how much that encourages them to step up to the plate again and write the next version. -Joe talks about John Siracusa’s technical reviews -Arek talks about Apple Silicon and macOS Recovery during the writing process. -Adam speaks to the positivity in the Apple community. -At one point in the series of books, the at home learner was incorporated into the steps. Sam asks Adam about the challenges of writing for those scenarios. -Apple Silicon startup options have changed and Arek speaks a bit about those changes. -Time Machine differences are interesting… -We talk a little about Mobile Device Management as well as changes in security and privacy. -We talk about Steve Leebove’s discovery about holding down the Option key while clicking the Advanced button in Network Preferences. Specifically, Arek wanted to know more about the grayed out SSIDs on Joe’s computer. The mystery has not been solved yet. -A lot of thanks go around

Topics: -Sam worked on a job to replace an entire Ruckus installation with Ubiquiti UniFi APs.  Not surprisingly, the cost was a lot lower for UniFi. -He decided to initially only use the 5GHz frequency since 2.4GHz has few options for channels and many other devices operate on that frequency. -Jerry grills Sam on his decisions for the UniFi installation. -Sam explains how he made adjustments by creating different WLAN groups in the UniFi controller. -Joe reminds us of a PSA Jerry put out to the group in relation to the latest UniFi controller version and the issues it was causing. -While on the topic of UniFi, Joe revisits a job he did with outdoor Mesh Pro access points and outdoor waterproof electric outlets. -Pro tip! Take photos of your work to show future clients what your company is capable off. -Another Pro Tip! Don’t use hidden SSIDs. They do not offer any security benefit and can also cause a device to use more power. -While on a job with a WatchGuard firewall, Jerry describes how he uses MAC addresses to allow staff devices to bypass content filters. However, a new feature of iOS 14 is MAC address randomization. This could have completely sent his work into a tailspin but fortunately he found his answer quickly. He was able to relay the changes necessary to staff: https://support.apple.com/en-us/HT211227 -Sam finds that app age restrictions in MDM affects the ability to deploy a browser like Google Chrome, since it technically has the ability to access inappropriate websites. -Jerry wants to know Sam’s method for competing in the PC market. “I make the mistakes so you don’t have to” - Jerry Zigmont “He spun a good yarn until the very end” - Joe Saponare “I do not enjoy supporting PC clients….at all” - Sam Valencia

David having an issue with his external Monitor, Richard needs help with his SSIDs, Joe has Office 365 and is done paying wants to get rid of it, Blurry Win 10 Log-ins, Samsung Blue-Ray Firmware update bricked devices and Samsung does not seem to care,  Watch out for where you bring your PC, Professional services not doing what’s best for clients by not upgrading outdated operating systems to be HIPAA compliant. Should Ski Club use WordPress web design themselves or via a consultant? See omnystudio.com/policies/listener for privacy information.

This week's EYE on NPI is a new twist on an old familiar classic - cables and components from Harting (https://www.digikey.com/en/product-highlight/h/harting/t1-industrial-single-pair-ethernet-connector) for a new implementation of Ethernet connectivity called "Single Pair Ethernet" (https://www.single-pair-ethernet.com/en). We're interested in this because we have found that a lot of devices could benefit from a powered/wired network capability but Ethernet jacks are kinda huge and stiff - a single twisted pair cable could make wiring IoT devices easier and a lot less expensive because we don't need nearly as many conductors - wire is not cheap! - and we don't need a separate power adapter. Ethernet was invented in the 70's, and although it has been improved greatly, the underlying connector and cabling has not changed much. SPE is designed to be compatible with existing Ethernet installations, there's going to be a translator chip, but the upper transport layers like TCP/IP will be the same. We're actually big fans of Ethernet compared to WiFi - since there's physical access you don't have to deal with SSIDs, passwords, or enterprise management. (https://learn.adafruit.com/alltheiot-transports) That makes it ideal for IoT because one thing that's super annoying about IoT products is deploying and updating when the WiFi credentials change. While we do see some IoT devices with Ethernet, it's not as common as dropping in WiFi support. Perhaps, given that you still need to plug in power, SPE can make some headway into the industry. The specifications allow for up to 1000 meter long cables, 1 Gbps data rate and 50 W power transmission. (https://www.harting.com/SE/en-gb/single-pair-ethernet) Not all at once though, for example 1 GBit/s is only up to a distance of 40 meters. There's going to be some interdependence on those three stats that depend on the transmitter, receiver, and cabling quality. So there will probably still be 8-conductor Ethernet cabling for high speed + long distance configurations. In fact, when you look at the expected customer base from Harting, there's a lot of infrastructure, robotics/automation, and monitoring, but no home or office computing. The biggest customer right now for SPE is industrial automation - basically getting factories all wired over IoT. (https://www.single-pair-ethernet.com/en/applications) Factories don't want to depend on a wireless network - heck we don't even rely on WiFi when streaming our video show. SPE could be a nice upgrade from CAN (https://en.wikipedia.org/wiki/CAN_bus) where you're still using 2 wires, but you get the benefit of Internet compatibility. We think another group of products that will be popular with SPE is IP cameras, especially once one big vendor makes SPE products. Every facility has dozens of security cameras, and by definition they're going to be really spread out over the building and grounds. That means the powering and wiring is going to be really annoying. With SPE, you can get power and data anywhere, over long distances. Another really nice thing that SPE consortium came up with - you know how that little tab on the RJ-45 cable always breaks off? The connectors for SPE range from basic to waterproof varieties, and all of them are designed for secure latching with durable metal tabs! Cool stuff to check out, specially for engineers working in automation and industrial technology, you'll want to take a peek at the SPE specifications. There's many companies that are part of the SPE design specification, so you can be confident it will be a well-supported new spec. Get started by picking up some cables and connectors at Digi-Key so that you can design SPE into your next product: visit https://www.digikey.com/short/zrvt71 to order Harting SPE connectors and have them in hand tomorrow! #EYEonNPI #DigiKey @DigiKey

How secure is your office Wi-Fi? Richard chats with Dr. Avril Salter about using enterprise security features in Wi-Fi. The conversation starts out focused on WPA2-Enterprise, using RADIUS servers and protocols like CHAP and PEAP. It may be more complicated to set up, but once running, you have far more control over who can be on your Wi-Fi. Avril talks about creating separate SSIDs for secure corporate devices, BYOD devices, a guest network, and a legacy network. Yeah, four SSIDs! Next up - WPA3, with even better default security features!

Topics: -Joe schools us on verified phone calls on iPhone.  -Jerry has been testing iOS 14 with positive results.  -Both Jerry & Joe have been using RingCentral for years. Joe decided to clean house with his extensions.  -Sam just has nana answering his calls.  -Back to user sentiment surveys, Joe describes how apps seem to pause for an extended period before asking for a rating.  -Exavault makes a diagnostics tool called MTR that Jerry has had success with for traceroutes. -Security is brought up again by Joe. It reminds Sam of the “I’m a Mac” commercials with Windows Vista: https://youtu.be/8CwoluNRSSc -Screen Recording, a long griped about feature on the show, is an admin only feature as of now in the beta release of Big Sur. The hope is that this will be configurable via MDM.  -System 8 is now available virtually! https://www.theverge.com/2020/7/29/21346392/mac-os-8-electron-app-download-windows-linux-features -One of Sam’s neighbors sometimes reminds him of Rick Moranis from Ghostbusters. It then turns into a story about the feud between his dog and the mailman.  -Sam spins a yarn about setting up new Wi-Fi hardware and SSIDs at multiple client sites and the curve balls that are thrown at him. -The conversation delves into Joe’s yoga practices. -Since diving into the Wi-Fi security topic, Joe talks about 802.1x Authentication and other security measures. It starts a discussion about learning new technology on the job. 

Welcome!   We have a lot of technology in the news this week.  I will give you my take on the monitoring that the government is doing and why.  We will discuss contact tracing and how Big Tech is trying to come up with a solution.  What is this 5G conspiracy that is being bantered about and why is Amazon having delivery issues.  Linksys and Zoom are having problems and I will tell you what you need to do. And we will wrap up with China and US and what can be done about intellectual property theft and spying.  So sit back and listen in.  For more tech tips, news, and updates visit - CraigPeterson.com --- Automated Machine Generated Transcript: Hello, everybody Craig Peterson here on WGAN and, of course, also heard every Wednesday morning at about 730 with Matt, as we discuss the latest issues of the day. And in fact, that's what we do here every weekend as well. So I do want to welcome you guys who some of you might be new. Some of you have been listening for a while now. I'm trying to remember when was my first time at this station. I've been on the air now for more than 20 years, 25 years, something like that long time. And I always have enjoyed it. And I enjoyed talking with you guys, too. We've had about six or eight calls. I think this week, and we've been setting aside time for people who are having problems with the computers, whether it's kind of work at home situation, maybe it's a small business, just help Send them out helping them understand what's up. So shout out to all you guys. I think the winner this week was Linda, and we spent Wow, an hour and a half, two hours with her trying to help with a few things. She had some questions about emails, and you've been having some problems for about two years now. And so we spent some time going over that with her. Elahh, one of our texts, also one of my daughters, was gracious enough to spend the time with her. And I know Linda appreciated it. And it can get frustrating. I understand that too, is funny because Elahh was saying that, you know, from time to time to Linda was getting a little hot under the collar, but that's understandable. I do that too with computers because they just can get so frustrating. So hey, I get it. I understand. And we also had an email go out this week, and you should have received that. Offering if you wanted help, and you could schedule free calls. You could get any information you wanted to get my earballs and eyeballs if necessary to look at your screen, depending on what's going on. So that's a little bit of what I've been up to this week. We also finished up I did not do any webinars this week. I'm planning on doing some Facebook Lives next week. Maybe some webinars as well depend on how it all goes. And on training, right, we're getting into the basics again, helping you guys out with completely free stuff. I'm going to be redoing my webinars and kind of explaining all of the stuff you need to know, not you know, we're not getting geeky on this. I'm not trying to turn you into a computer expert. But understand modems what they are your routers, your Wi-Fi, your firewalls, your Windows computers with the updates, what's an upgrade How about the patches going through VPN And the major risks of VPN, and when you need to use them when the appropriate time is to use them. And I'm also thinking about maybe putting together a little series for businesses that are starting up, trying to be optimistic here, right? We're starting up again, and we're getting back into the swing of things. And that means there are some things you have to worry about the machines where they shut down properly, how to get them back up and running, do you need to go in and update some of the software, maybe replace some of the just antivirus with real advanced malware protection and all that sort of stuff? So I might be doing that as well. I'm kind of thinking that, and I was talking with my team this last week about trying to do that to be optimistic and help businesses get back going again because I think we're going to have some serious problems. I think that well, frankly, I know that some people have lost their jobs or a friend of mine was saying that a friend of his I just found out that he's not going to be rehired when the business reopens because he had been laid off. And of course, this whole payroll protection plan, frankly, is a scam. It's just crazy. What the Federal Government did, they would be better off giving every family in this country a check for $60,000. Of course, that would not Greece or pockets, would it? And that would help a lot. A lot. Instead, they're spending about $60,000 per family, the spending that money on banks who are already liquid, they can go to the capital markets. You've heard about the public companies that have gotten some of this money. How about the major universities that have multiple 10s of billions of dollars in endowments that got it? And yeah, I'm a little bitter about this because I didn't get any of the money. I applied. I got nothing, nothing. I got an email a couple of weeks after I applied it saying, Well, you know, we need this. We need that. Well, wait a minute, I was supposed to get this, this instant $10,000 loan to help me stay on my feet. So this friend of mine, they got laid off, right? Then even on the PPP, you're given two months' worth of payroll, and you have to keep these people on the payroll for about four months. Well, how can you do that if the government's not letting you make money? If it's not letting you bring people into your restaurant or send people technicians out, whatever it is that you do cut hair, right? You can't you, but you know this already, right? Because this is happening to you. Look at the stats in Maine, and they say okay, well, we helped all of these, you know, these 10s of thousands of companies. Well, maybe they did, but I can tell you from people I know and my personal experience that it hasn't hit any of the pockets of the real small businesses. I haven't even gotten that. The so-called 1200 dollar stimulus check from the Federal Government. It's insane. How many weeks that we've been locked down now? It's what about six weeks? It is not good. It is not fair. It's going to be hard to come back. My friend was saying that his friend found out they're not hiring him back, which is going to be the case for many people. What happened? His friend hanged himself. Yeah, think about that. Think about all of these other consequences. It's the typical thing with the government, right? You've got people highly focused on this pandemic, and what should we do? They are extremely highly focused because last October, there was this major meeting, where they've been getting together and talking about global warming and what we need to do to save the universe. 1000 years from now. And of course, we know just how good these models are that they use for global warming. And I've never really talked about it here. I've talked about it on my other radio shows in the past, I've had the guy who founded the Weather Channel weather.com on, and it's just absolutely crazy how bad those numbers are. But we can't even get the models, right when it comes to a virus that's right in front of us, where we have some real numbers. Okay, well, maybe the numbers coming out of China weren't that wasn't that good. Perhaps those numbers were fake. Maybe, you know, we can't trust them. That's fine. Well, how about Italy? How about all of Europe, the numbers are coming out of there. How about our numbers we're still not getting it right. Remember the initial model talking about millions dead in the United States, a couple of hundred thousand dead over in the UK. We're not even getting get close to that. We're not also going to be close to the UK number that was predicted. And then it's revised down, and it's revised down and as revised down as writes down so we've got these people who are focused on what they learned last year, about pandemics and what the response should be based on this, all of this quote-unquote science. And they, of course, you know, we haven't had pandemics like this to deal with, so in reality, it's a theory, and they have the models which are in reality theory. And all of those models said Oh, no, we're going to have a lot of people that unless we go ahead and quarantine people, we need this social distancing is what they've been calling it. And so a lot of states that Okay, everybody has a social distance you have to get out you have to Oh, my goodness. And you look at the exact opposite look at Sweden and what's happened over there and was Sweden did none of this stuff, they didn't quarantine, they didn't shut down their businesses. People were still sitting in cafes, sipping their coffee, having a pleasant afternoon, and that that springtime sunshine outside, doing everything they wanted to. And it's about the size of Michigan and Sweden has had fewer deaths than my lot fewer deaths than Michigan. And you know, in Michigan, what they did with all of their lockdowns over there. It's it is nuts. These models are, at best, a guesstimate. And there they were saying okay, well we need to do is kind of get rid of that peak because our hospitals aren't going to handle it. Have you noticed how hospitals now are looking to, and some have already not only declared bankruptcy but closed their doors because they are not full. They're not full of Coronavirus cases. They shut down all the elective so-called optional surgeries and other things, right. We haven't gone to see the doctors. How many people's lives were saved the numbers the stats look like this was one of the worst I don't know the flu just a regular flu year even not particularly bad, but that's not what all of these projections said that's not what this just tickle model said. Right? Right. I remember playing the game of life well is you don't play it but writing some of that code, seen it on the computer way back when back in the 70s, it would have been and mid-70s. I was just so impressed with it, and it shows how a cell will replicate you know and replicate and how it will expand. That's about the only I've seen that's correct. So we can't get our models right for COVID-19. We still don't have them, right. We're again revising them. Now they're saying that we could have another resurgence this fall maybe even worse than what we had this year. At the same time, some of these same people are saying, Hey, we're all going to die. Because what was it five years ago or ten years ago, by then we were by 2010. We're supposed to be underwater in Florida, right? You just can't trust it. People are dying. People are losing their jobs. And so we're looking at it saying, what can we do to help businesses get back? Anyways, stick around. That's enough, belly aching for me. We'll be right back here on WGAN. Of course, I'm Craig Peterson. We'll be getting into the tech stories of the week. So stick around. Hey, welcome back, everybody. Craig Peterson here on WGAN and online at Craig Peterson dot com. We are talking today about some of the latest technology as we do every Saturday and Wednesday morning. On Wednesday morning, it's at 738, and on Saturdays, we're on from one end till three. Well, we're going to talk right now about this news surveillance program that's out there. And the whole idea behind this is to map the spread of the Coronavirus. At least that's the rumor, right? A great article you'll find@medium.com about this, but Coronavirus is being used to drive brand new surveillance programs around the world. So let's talk about a few different countries what they're doing. And I've gotten a little bit of a concern we'll talk about later in the show today, about maybe something like that. Patriot act, as we had after 911, that gives the government all kinds of new powers and they may go unchecked, which is a concern for me, particularly looking at the statistics as we know them so far, which is that this isn't just a horrific, horrific thing. It's terrible. It's awful when anybody dies, but it happens every year with the flu too. So we'll see where it all comes out. But we were just talking about the last segment. The whole thing about the models is just ridiculous. Well, in Argentina, their Ministry of Health has built a mandatory app for anyone entering the country, and you have to keep it installed for 14 days, and that requires users to give access to their GPS position. Now, it's not clear if Argentina is keeping track actively of the people with that location data about apparently the province of Santa Fe is Forcing those who have violated the quarantine to download an app that tracks precisely where we are. We're talking about Argentina here, as well as many other countries is that they are putting one of those trackers on you as though you'd been convicted of a crime which bugs me, frankly, Australia. Yeah, and everything down there is trying to kill you, including the Coronavirus. Now those ordered into quarantine could have government surveillance devices installed in their homes or be forced to wear electronic surveillance devices, and that's a new law that went into place in the state of Western Australia. But the Australian government has opted not to use cell phone-based tracking Austria. The Australian telecom con gave two days' worth of anonymized location data to the government to analyze movement in the country. And this is something that I've been saying that governments are doing worldwide. They're asking the cell phone companies that you know, the providers to give them location data, and anything that's anonymized pretty much can be D anonymized. And think about that, think about how easy that is. So if the government has your home address, and they see that person 1750, it is of that place every night, well guess what they can guess who you are, and then they know where you travel, etc., etc. So anonymized location data is ridiculous rain. They've got electronic braces that connect to a mobile app. And this is something similar to what Hong Kong has done. Belgium, they've been hit the worst in Europe when it comes to per capita cases and deaths. But three telecoms over in Belgium are giving data to a private company, and they're analyzing the information and trying to detect Widespread trends of movement in the country. Now they're using drones to make an announcement. But they can also be using the devices to capture surveillance footage. That's according to the top VPN digital rights tracker, Brazil. Let's get into the socialist countries here. Local governments across Brazil are tracking locations from citizens' smartphones. And one city receives alone is tracking 700,000 people's location through their devices. And that's one of Brazil's smaller metropolitan areas. And quote here from one of the Brazilian firms that are doing some of this stuff, we have visibility of specific behaviors that couldn't be captured by other technologies. For example, if an individual leaves their house, we can detect that in a matter of seconds. And then, of course, that ends up in the government's hands China, another socialist country. They're using practically every surveillance system in their toolbox. Publicly located cameras there you go running facial recognition searches, citizens are location tracking through their phones. Drones are being used to give directions from the government. Can you imagine that having a drone over your shoulder yelling at you? We've seen that over in China where they chase you back to your house. The Government in China is socialist, also tracking individuals more than 200 cities through a smartphone app that grades are health and assigns them a classification of green, yellow or red this according to New York Times socialist newspaper, the app sends that data to the police. It works as a hall pass for entry into certain public places, and that has been proposed here in the United States. As well that you can have a little Hall Pass, to let you board planes and go to work, etc. and China, of course, is putting pressure on private companies in the country to hand over data to China. Dubai, I don't know they're, they're a monarchy kind of a, you know, I don't know it's not quite socialist. It's undoubtedly addicted, dictatorial. They're using cameras. And by the way, one of the significant ways they make money in Dubai is these amazingly high fines for speeders. Still, this case, they repurpose the cameras from catching speeding motorists to analyze driver's license plates and determine if they are deemed, essential workers. Ecuador is tracking cellphones. Germany, which is starting to open its businesses, in fact, this week, they started opening while their telecom company they're big firm over there called telecom is providing location data from its customers to the Robert Kok Institute. And that's the organization coordinating their national action against Coronavirus. Now Germany did something right upfront. That was wonderful. I think they went immediately to the private sector and Germany said hey, listen, guys, we're going to need tests so come up with some tests figure out how we can do this how we can do testing quickly. Whereas here in the US where we don't have the private companies right up front getting involved in at CDC said we're the only ones that can do this. We are at let us do it. We're, we have a monopoly on testing. And we don't like those tests because they have 40% negative rates and you know, false positives, false negatives and, and you have to have everything come through us, right, which is a very socialist thing. And, you know, we don't live in a truly capitalist country anymore. We're at best, it's crony capitalism, but in Germany, they did the right thing. They got companies involved right away to figure this out to analyze the data. They weren't relying on a non-reviewed report out of the United Kingdom, to base all of their analysis and projections on. So they're also expected to launch a Bluetooth based app like those that are used in Singapore and Indonesia right now. They've also got a smartwatch app over in Germany, Hong Kong, those quarantines have to wear special electronic wristbands that track the locations are handed out the airport and must be paired with the individual's phone. And then, once they arrive home, they're given one minute to walk around their apartment to calibrate the wristband and the company app to space where they are confined. India oh my gosh, talking about a country that could have problems. They have expanded their programs to track citizens through both digital and analog means They using location data. They're using closed-circuit television footage to track citizens in the southern Indian state of Kerala. According to Reuters, some western states, are stamping the hands of those arriving in airports, with a removable ink stamp detailing the date until which the person must quarantine. They're also taking passenger information, primarily airlines and railroads. Now, the touch base authentication, like fingerprint scanners, are risky, because they require people to touch a surface. They're getting a real boost in facial recognition over in India. So stick around, we'll come back. We're going to go through a few more countries what they're doing, and then we'll talk more about what's going on here. Yeah, Craig Peterson has some concerns. You are listening to WGAN. I will be right back, so stick around. Hey, welcome back everybody Craig Peterson here on WGAN, and I had on some good old Herb Alpert, remember him? The Taste of Honey was the one playing during the break. How is that for fun? Man, I haven't listened to Herb Alpert in a lot of years since Well, the 70s, right? I Remember the album's cover and that this particular one was somewhat controversial. Look at the Beatles, all almost all of their stuff was initially done in mono, and then they remastered it into stereo. Some of the purists are pretty upset about that. So we're kind of going through what different countries in the world have been doing when it comes to this Coronavirus. And, you know, we'll talk about the US as well, but there is a trend. I hope you notice seen Indonesia, they've got an app that tracks interactions with nearby Bluetooth. Okay? And it has it is by the way in Indonesia, it's an often and it does help you if you want to notify people who might have been exposed so they can get tested Iran. In contrast, they haven't had as many deaths, because they've just been shooting people in the streets. Well, that is according to a classmate of one of my sons who is living in Jordan, right now. The smartphone app developed by the Iranian government scooped up millions of users' location data, alongside a short questionnaire that claimed to detect the likelihood of infection. And notice about the app was also sent to 10s of millions of Iranians with the director to take the questionnaire before going in for Coronavirus test. At least 3.5 million people, according to Iran, are using this app. Israel government. They are Using data from their telecom providers here telecom, track the location of their citizens. And those people, by the way, who braved quarantine in Israel are facing up to six months of imprisonment. So there you go. They're also using this data they're getting from the telephone companies to track people and potentially quarantine them. In Northern Italy, Vodafone, you might have heard of these guys, this is an English telecom provider. Vodafone also has a presence in Italy. They are providing the Italian government with heat maps, which means general details as to the number of mobile phone users locations. They started over in Lombardi, Italy, of course, that was a bit of a hotspot, and officials do Chairman 40% of the people in Italy are moving around far too much. According to The New York Times, Kenya, they've got aerial surveillance of the border to detect illegal crossings. Norway, the Norwegian Institute of Public Health and Norwegian tech companies, simultaneously built a voluntary app that tracks GPS Bluetooth data to be stored for 30 days. In Pakistan, through location surveillance and mass texts, the Government of Pakistan is tracking confirmed cases Coronavirus. Sending alerts to people found to potentially come in contact with them in the past 14 days is not a bad idea. Poland has an app called home quarantine, which is requiring Polish citizens who are quarantine to check in immediately and intermittently check-in by sending a picture of themselves at home with 20 minutes or within 20 minutes or face to find. So all of this is from the medium you'll find a lot more data. Tell them just kind of rushing through it. Russia has more than 100,000 cameras are in Moscow. And the Russian government is using facial recognition and phone-based tracking to monitor people under quarantine. Local governments in Russia are also kind of doing their own thing. Singapore, very, very socialist authoritarian, really government there. They released an app called trace together pings nearby smartphones through Bluetooth to determine who's come within six and a half feet of each other for more than 30 minutes. That's according to the LA Times, and they record the data they stored for three weeks supposedly and don't record the user's location. South Africa, again, telecom companies, South Korea, they've had an interesting response. You've probably heard about them what they've been doing there. In South Korea, the confirmed cases of Coronavirus are being tracked in using a bunch of different data, collected through data mining. They're taking credit card purchases, smartphone location tracking, closed-circuit TV footage, analyzed by facial recognition. So the Korean government can then reconstruct where a person's been that was diagnosed, and they have just incredible granularity. Like using the person's location data to check the closed-circuit TV footage, see if they were in a mask, etc. Switzerland and they're colossal telecom companies. Swisscom is alerting the federal government when more than 20 phones are located within 100 square meter area. One of my sons has a girlfriend over in Sweden, and they are not doing anything over there. The numbers are fascinating. So we'll see what ends up happening there. Taiwan's government is denying that it's adopting surveillance technology to track citizens' movements, but that is what's happening. Thailand. If you're arriving there from a high-risk area, you're going to get a SIM card for your phone that lets the government track you for two weeks. In Turkey, they are monitoring locations of patients using cellular data and sending messages to them if they should quarantine. The UK is allegedly talking with telecom companies to track citizens' location data. National health servers or services partnered with planets here to track the spread of the virus in the good old United States. Yes, indeed. The mobile advertising industry is the one that's doing the tracking here. They've been supplying data to local state and federal organizations about the location of individuals. And that's according to The Wall Street Journal. Because it's advertising data, they want to know, very, very fine-grained data. So for instance, if you go to Gold's Gym, they somebody who has what Planet Fitness gym can say, hey, I want to send an ad to anyone that went to this Gold's Gym. That's a half a mile down the street from me. And the advertising companies have that data. And so you might have noticed, it's some of its kind of scary. You go into a hospital of a sudden you start getting ads for hospitals, medicine, and even lawyers for malpractice suits. So they have very fine-grain data, and apparently, it is granular enough to let them know whether people are staying at home. If parks are still in use, Foursquare, which has one of the most comprehensive repositories of personal location data, is in talks with a bunch of different government agencies. Most data comes from these apps and bottom line, you've permitted those apps to log your location. So you download that free game that you love to play. It may be tracking your data and sending it up. Now, remember, it doesn't have to use GPS; it only has to do is know the Wi-Fi network in use. Remember, when Google and these other companies have been driving around taking pictures of everything, they are recording the SSIDs and MAC addresses of the Wi-Fi systems all over the country. That way, they can tell where you are based solely on the Wi-Fi connection. So they're taking all that data and then they are reselling it. And the whole goal here is to have a portal that could be used to track citizen movement in up to 500 us citizens cities, Google and Apple have also come up with a new standard for tracking. And this is tracking using Bluetooth again, some troubling state and local policies West Virginia. People who test positive but refused to quarantine are getting ankle bracelets. Yes indeed. Many of the software privacy and privacy guarding mechanisms are unknown about all of these things. There are a bunch of things pred poll predictive policing. All of this is coming in New Jersey, Connecticut using aerial drones with temperature sensors and apparatus to detect people who might have the virus, so it's getting scary. Stick around. We'll be right back. I am Craig Peterson on WGAN with a little Coronavirus information, things we are doing, and what is coming. Hey, welcome back, you're listening to Craig Peterson here on WGAN, every Saturday from one till three. Also, I am on Wednesday mornings with Matt during drive time for those of us that are still driving to work. where we talk about the latest in technology for the week. Then we do some more follow-ups here on the weekend as well. I had mentioned earlier, we're planning on doing something to help businesses get back into the business, and we are going to be focusing in on some of the technologies for that. So keep an ear out. Make sure you sign up for my email list so you can get all of this. You can get stuff like Linda and Joanne and Ted and Danny and many others who listen to me here on Saturdays, and you can get all of the stuff that they get to help stay safe online and to keep up to date on What is happening in that great big world outside? We covered what other countries are doing for surveillance, there was a definite pattern to the socialist countries, demanding people self-isolate, quarantine fines, prison time, right? You notice that, didn't you? Now I want to talk a little bit more about the US because we kind of ended the last segment talking about that. But where I'm getting concerned is what our government will do? The reason I went through all of these other countries is so that we have an idea of what they're doing because, like the UK, okay, they're certainly more socialist than we are. They're not dictatorial at all, but they are doing a lot more with the tracking than we appear to be. Doing. And of course, we have some rights recognized in our Constitution that is going to be difficult for the government to take away, but they have taken them away in emergencies before. Look at what happened during our World Wars, and even what happened in the wars in the 60s in regards to the demonstrations and things. It's not as though nothing could happen here. And there is a great article in TechCrunch this week by Heather Fetterman. And you'll find it up on my website at Craig Peterson dot com, where she's wondering about this potential, what she's calling the Patriot Act for COVID-19. We had this massive knee jerk. What was it about two weeks after the tower Twin Towers came down in New York City after that terrorist attack. About two weeks later, we all of a sudden had this Patriot Act, which gave the government all of these sweeping powers, And they were monitoring all of our calls, which in contact with emails, even locations, etc. Very, very scary stuff. So what's going to happen now because Heather Fetterman is a privacy lawyer, and is the VP of privacy and policy at big ID is a New York-based company that's trying to use AI to help businesses be better privacy stewards for their customer. And now you think of your customers. I think of the data that you have, first of all, do you need it? All right, that's one of the things I talked about and all the training I do. And secondarily, how much of it sensitive, should you be throwing it away? Deleting it because you don't need it. And you certainly don't need the liability or what should you be doing so that's part of what they do. She also has headed up privacy over at Macy's and American Express, and with the code At 19 infections climbing here in the US kind of leveling in some spots, we're saying nationwide, we may be on a bit of a downturn. The officials are starting to panic. And you heard it this week. They're saying, Oh, my, what is going to happen coming up this fall? Are we going to have a massive COVID-19 resurgence in the middle of the flu season? Is this going to double the number of deaths that we would get in a regular flu season? And so they are trying to figure out these government regulators and lobbyists frankly, and of course all of the bureaucrats and, and Congress and everybody, so they're trying to figure out how do we track the people. Now, remember, when we give up a little bit of privacy for some suppose it security trying to think of a time when we got it back. Certainly, we have gotten it back in some cases. After World War Two, of course, you no longer had to have those ration cards. So things got better. Certainly. World War One, for instance, introduced the income tax, and it was guaranteed only to be 3% maximum ever. And the income tax would only be on the richest Americans it would not affect the rest of us. And that was something put in place because of World War One, and they needed funding. But in case you haven't noticed, income tax has not gone away. So will this whole monitoring that they're doing for COVID-19? Will it go away once this epidemic has died down because it is going to die down at some point in time, but frankly, it's going to be with us forever. Whether it was engineered Somewhere whether it was in the wild from a bat and when direct to humans or pigs, and then humans or however it got to us, it's here now, and it's never going away. So is that going to give the government justification to continue to track us all? And when we have limited testing development ability then, of course, it's going to improve. Even if they had 2 billion test kits available, If I test negative today, and I'm exposed this afternoon, are you going to test me again tomorrow? I might have it tomorrow, and I didn't have it today. So even then, testing is not going to solve the problem. So we've talked before about this whole joint effort between Google and Apple, and the idea here is to come up with some standardized software that can monitor the spread of infections by keeping track of infected people. Keeping track of the people they have been close to and how long they've been close to them. And the idea is you download the mobile app from a public health website. And the Public Health website will notify you if you have had prolonged exposure to someone that came down with COVID-19. That will frankly, this would be handy with the flu, for instance, right? There we would cut back the number of flu-related deaths dramatically, absolutely dramatically. And this system is designed to use low Bluetooth Low Energy transmissions rather than GPS. But again, It's just a standard, and it is not a piece of software. And someone could implement using the standard and track your GPS and record as well. Okay. So this is, frankly, if they do this the way they're promoting it, I don't have a huge problem with this as long as it's voluntary. Now, apparently, in Indonesia, it has been voluntary, but only about a third of people have done it. So how are they going to enforce all of this stuff? And these community mobility report, they're showing trends over time by geography, where they're taking data from the phones of people who have Android or who are even with iOS using Google software, and have not turned off the location history setting. And they've got this great little map so they can track all of the people. The CDC is tracking all So the movements of American citizens based on location data from the mobile advertising companies, we mentioned a little bit earlier. So it's great that the government's trying to stop the spread of infections. But ultimately, you can't stop them all. And there has to be a line. Where is it? So the Patriot Act wasn't two weeks. It was six weeks after 911 that gave the government powers that had never had before to spy on American citizens. Yeah, you know, was it constitutional, certainly not in times of peace. I think that argument could be made pretty effectively. But in this case, it was effectively a war. So it may have made sense at the time, but the government's still vacuuming up millions of records of phone calls and text messages to today. Look at that huge data center. The National Security Agency built over in Utah, the point of the mountain. So if companies like Google and Facebook are willing to share data with a government, there needs to be a clear and defined period in which they can share this data, there has to be a clear and defined period in which they can retain the data as well. So civil liberties, of course, are fundamental here. And my gosh, following September 11, of course, the New York Police Department conducted illegal surveillance on some local Muslim populations. Remember what happened during World War Two with the Japanese American internment camps? The FBI is surveillance of African Americans who oppose segregation, the whole civil rights movement. They've got something called the fair information practice principles. These state that personal data should not be used for any purpose beyond the specified object of the data processing activity. So we've got to be careful. The government has proven itself to keep this too much data, keep it for too long, and also not securing it properly. Word gets out, and it gets into the hands of people within the government that probably shouldn't have access to it. It gets into the hands of the bad guys. And if the government starts collecting this are going to see yet another uptick tick in cybercrime. It has already happened. But imagine all of this location data in personal data and how valuable it would be to the hackers. You know, I don't hold hope that our Congress it has learned from the past. I don't Look at what Clearview AI did. We talked about them a month or two ago, where they were scraping information off of websites. They were getting the facial pictures that we had posted, not realizing that a company like Clearview would grab them and use them to identify us and sell the information to the highest bidder. So it's not right. It is not good, but it's very concerning. And you might want to read this. It's on techcrunch.com. Heather Fetterman is the author of the article. And she's been looking at privacy for a very, very long time and thank goodness for that. And you'll find it on my website at Craig Peterson comm make sure you sign up so you can get all of my weekly email summaries of this week in the news, including everything from today. Stick around, and we'll be right back to the top of the hour here on WGAN. Okay, okay, okay. Hi everybody. Craig Peters on here on WGAN. Of course, I'm heard every Saturday from one until 3 pm, Wednesday mornings on with Matt, Wednesday at about 730 is they go over, of course, all of the latest news, keeping you up to date, on your day, what's happening where you should go, where you shouldn't go, what you should do. And in this kind of this day and age, it's maybe you shouldn't go anywhere, right. I was just reading an article during the break about the SARS epidemic. It was written by a guy who was over in Hong Kong at the time and talking about almost the same thing. When SARS broke out, this was slightly after the reunification of China and Hong Kong. The British signed it over the rights one nation to what was it two economies or something like that again, remember, they also, of course, had British common law and stuff. They were doing the same thing back then. The Chinese were presenting doctors who dared talk about a potential pandemic who talked about this respiratory illness that people had. So I guess some things just don't change very much over time. And that's one of them. But he talked about what it was like going out on the roads, not seeing anything, and now he's living in Los Angeles. And he said he was right there in Sunset Boulevard. He stood right in the middle of the intersection through two sets of green lights and didn't see a single car. Then this part I thought was fascinating. At the end of the article, he talked about how the kind of ban was lifted, because people South Korean team they're in Hong Kong, of course, the government stepped in. All these draconian measures kind of like what the socialist government did in Taiwan and throughout China, after this latest COVID virus, hit The you know, so the muon virus is spreading. They're jailing doctors who dare talk about it. They're putting their head in their sand, pretending it's not happening. And then, all of a sudden, they cracked down on everybody and everything. But in the end, he said in Hong Kong, at least for SARS, what ended up happening was all of these people all of a sudden had a desk kind of a Why am I putting on this face mask this morning, and slowly but surely without a government order. People started going out, started walking around, and he said one day, he was sitting there eating noodles in a restaurant, and all of these people were walking by and just really having a normal life. And they thought, wow, this is kind of cool. Wait a minute when did this normal life happen? And I think that might be kind of what happens here, although the governors are slowly starting to open up states and now you know, moving from what Stage one to two to three, that this is going to be fascinating, absolutely fascinating. What would have been the best way to respond? Of course, there'll be a million opinions that will be expressed here over time about the best way to respond. Maybe we could have warned people to try not to spread this saying if you have this respiratory problem or you're obese or whatever that there are major causes of death associated with getting the virus. Who is it that we should recommend quarantine for? I know that some people I think I mentioned on the show before are being advised that in till about 18 months have passed, you should not be going outside. Now I have an aunt who's a transplant patient. She's been advised to stay out of everything for about 18 months because this could nail her. And we know about kidney problems with this virus and liver problems even people getting legs amputated, right? There's a professional sports athlete who had his leg amputated after this and damage of course to the lungs, etc., etc. So would that have been a better response just warning everybody to be careful here the precautions you should take. Then the segment of the population that needs to be quarantined not everybody. We're already hearing about the side effect deaths, if you will, the people committing suicide, getting hooked on drugs, it'll be just in terrible places for a very, very long time. So it's very, very concerning to me. Hey, and I want to give you all quick notice here puts you on notice we are going to be doing Some getting back to business training, where we're talking about security, what you need to do and what you should do, what are the first things you should do when your business reopened? We're going to help you with backups The best way to get the backups done, how to verify them, I'm going to walk you through all of that. And we're going to have all of these free webinars coming up, make sure you are on my email list. And to do that, just go to Craig Peterson dot com you can go to Craig Peterson dot com slash subscribe is probably the best place. And you will once you're there, be able to subscribe to my emails and start getting like moving along. So let a little bit of advice there on that side. I thought that article was interesting. So, of course, I shared it with you. And we'll see what happens here. I think we should we're at the point now where we should start getting back to normal. We should have enough data already here in the us that we can trust that tells us Who the most vulnerable populations are. We know nursing homes are vulnerable that people in nursing homes aren't just necessarily older, which is one of the problems associated with death from this virus. Still, they are also many of them are infirmed one way or the other. So we know we got to protect them. Imagine spending a few trillion dollars, hunches, protecting those people, maybe helping them out with some other health issues. And I'm sure going forward many of these convalescent homes nursing homes are going to be more careful with the transmission of disease. While we won't, we won't go down that road. Alright, so let's talk about some conspiracies here. One of the big conspiracies about Coronavirus that people spouting is that these new 5g networks that are growing dramatically across the whole United States and around the world are causing Coronavirus and are where it started. Now, we somehow always get all of these theories, conspiracy theories right. Whenever anything starts happening, well, you know its causation and correlation are not the same things. In other words, if Coronavirus started when 5g networks got turned up that correlation. But that does not mean that 5g is causing this problem. It is a massive conspiracy out there. It's spreading more and more. Even USA Today had an article about it this week, talking about how people are just claiming the man 5g is exacerbating at the very least The spread of Coronavirus. Hence, I think the opposite is true. 5g is allowing people to be entertained, to do research, pick up new hobbies to learn while they're at home. So that's a very, very big deal here. The actor John Cusack spread this social media, right? Isn't that a problem what he tweeted to 1.6 million followers 5g will be proven to be very, very bad for people's health. He deleted the tweet later where he said five G's making people sick, and we're going to regret it. He put another one up, calling people who disagreed with him just dumb and effing sheep. Yeah, who are the sheep here? So there are all kinds of these people out there. There's rapper Wiz Khalifa I have heard of him. Isn't that weird? Singer Keri Hilson at sea judge on Britain's Got Talent, Amanda Holden. I know her because I've watched that show before. And all of these people attended various art schools. So we've got Yeah, one in Pittsburgh, I've got another one in Atlanta and another one over in London. So be very, very careful. There's no evidence that there's any tied to this. I've talked about it before. There are different types of radiation, and when you mentioned, 5g or LTE and radiation, and people just totally freaked out because they think of radiation, like what they use at the dentist's office or in the hospital. That radiation is dangerous, and it is called ionizing radiation. Where ionizes cells, and that's a problem. The type of radiation we're talking about with LTE with 5g With Wi-Fi is non-ionizing radiation. So keep that in mind, and the American Cancer Society says that the frequency of the radio waves that are given off by a cell phone, quote simply does not have sufficient energy to damage all our DNA or cause heating in the body tissues. It has been proven again and again. The Federal Communications Commission ruled months ago that we have nothing to worry about, not that we can necessarily trust it comes from the government. But you know me as an advanced class, Amateur Radio license holder. I've studied this back into the 70s, just trying to figure out what was going on. Am I more dangerous because we're talking about a cell phone or smartphone that gives out milliwatts' worth of power? And as a ham, I was routinely transmitting 50 watts of power relatively near my head, and in some cases, I was 100 watts or even 1500 watts worth of power very close by. So what is it? Okay, so this is not a fact I just wanted to kind of warn you guys. Yeah, 5g is spreading. It's spreading very fast. It's rolling out quickly with the Sprint T-Mobile merger. And T-Mobile has a nationwide 5g right now, that's a cool one there to low enough frequency that looks like T-Mobile may win the whole 5g argument outside of the big cities, because of the lower frequency bands that T-Mobile has access to. It's even worth using in your house. Anyways, of course, you're listening to Craig Peterson on WGAN. Stick around. We'll be right back. Hi guys, Craig Peterson here. Welcome back. I hope I put that whole 5g Coronavirus myth to bed. Remember, 5g is not going to be harmful. Now some characteristics are a little bit different than what you might expect. With 5g there are going to be transmitters all over the place, particularly in big cities, there'll be one on basically every corner would be on buildings everywhere. Most of the 5g networks using higher frequencies that cannot pierce buildings very well and cannot penetrate even glass. So I know from that standpoint, there will be more radiation, and it will be closer to you. But ultimately, I don't think there's any real risk involved in that. So there you go. I'm thinking back to a speaking engagement for an annual meeting for a bank, and a lady came up to me afterward and said, so what do you think about cell phones causing cancer? And I explained to her what I had just described to you guys here, only last segment, and she said, Well, my sister died of brain cancer. And she got it when she started using her cell phone all the time for work. And, you know, so what do you think of that? And I said, Well, I'm just so terrible thing. That's all I said. But again, correlation versus causation. Did she already have that brain cancer before she started using that cell phone for work? And if you are concerned about it, and you know, some people are very, very worried about The thing to do is always use a headset of some sort. If you're concerned about any kind of electromagnetic radiation, you should probably use a wired headset, which is getting harder and harder to find. And then you hold the cell phone away from you when you're using it because the power drops off very quickly of that signal. It's for those math majors, it drops off as the inverse of the distance squared, in other words, drops off, really, really fast. So if you just hold it a few feet from your body, you have cut down the amount of radiofrequency transmission or radiation, you've cut it down by many factors many multitudes, frankly, as it drops off, but anyway, so that's the way to do it. Some people use Bluetooth nowadays, and you see people walk around all the time with this little apple, ear pod things. And those are using Bluetooth that is much lower power than what your phone is putting out. So there you go some tips if that's what you want to do. This next one, I thought it was funny. And I talked this week on a couple of different times different radio stations about this, and Amazon is actively trying to get people to buy fewer items on its website. Now have you noticed that typically, you go around from website to website, and you see just all kinds of advertisements for things from Amazon, mainly if you've looked at something recently? Well, this week, Amazon lifted its ban that prevented third-party sellers from shipping non-essential items to its warehouses. Before that, they were only accepting household staples, basic stuff, toilet paper, right metal supplies, any other high demand products, but it's also been raining in its tactics used to encourage people to buy stuff, and they have dropped some of their advertising. And remember, they've got this Prime Day deals extravaganza that they have every year where they say, Hey, listen, we're going to save you, and you can save like 3040 50% on some things. That is delayed indefinitely. Now, the traditional Mother's Day Father's Day deals have been canceled for this year. They also remove the recommendation boxes. Have you noticed that if you look at an item, it will show you other related products people bought, and they've removed that as well? And a quote from an unnamed Amazon employee talking to the New York Post. We typically want to sell as much as we can, but our entire network is Full right now with hand sanitizers and toilet paper that we can't serve other demand. The demand we see for essential products has remained high. That's according to Jeff Bezos. But unlike a predictable holiday surge, this spike occurred with little warning, creating significant challenges for our suppliers and Disney Disney network and delivery network. We also have some of these people who are working in the warehouses getting sick with it, and at least one worker has died. So how's that Amazon canceled Father's Day, Mother's Day, and their Prime day for all of us Prime people. A couple of weeks ago, I had a webinar where I discussed Wi-Fi wireless networks. And I told you guys Hey, listen, and I've got this deal. That we put together and we based the deal on some, I think, frankly amazing, some amazing stuff. That is business class, Wi-Fi router-firewall, you know, low-end business class stuff. And, and, man, a lot of you guys bought that. And I thought that was great. And we're getting those set up now. But we've got another warning out if you are a Linksys user if you have a Linksys broadband router, these wireless routers that they've been sending for years. They're saying that they've locked user accounts on their smart Wi-Fi cloud service. It's asking users to reset their passwords. Hackers were using these hijacked accounts and changing router settings to redirect users to malware sites. Now if you're taking if you attended my DNS training Where I told you what the best free DNS services are out there, you came to realize I'm sure pretty quickly that one of the best things you can do is put one of these DNS services, like the open DNS, put them into your router. So what ends up happening is when your web browser program on your computer asked to go somewhere on the internet, it's going to ask a known-good DNS service. I think that's a wonderful thing. And Firefox added in a new service just recently that uses a CloudFlare DNS service to help prevent some of the hijackings that can happen. So apparently, what's happening right now with some of these Linksys routers that are tied into their smart Wi-Fi cloud service is they're changing the DNS settings on your Linksys Wi-Fi router. And they're changing it so that when your machine says, For instance, I want to go to Bank of America, instead of giving Bank of America's real internet address, it gives the internet address of a hacker-controlled website. That is a very, very big deal. So what's going to happen is people are going to be ripped off right, left, and center because instead of going to the real website, they are going to be going to malware sites. And sometimes, it redirects them to the malware site, which tries to install malware and then immediately redirects you to the real site. Now, we've known about this type of attack for a very long time because people just have not been changing the default administrative usernames and passwords on the routers. So either someone breaks in via the internet, or in some cases, they are compromising a home computer and then using that home computer to compromise the router and therefore compromise Do the other business computers and compromise the home router, etc., Right? So that's been around for a long time. This particular problem is only impacting the Smart Wi-Fi account. It is a cloud-based system that if you only have these Linksys devices connect to Linksys routers and other equipment over the Internet to manage the router settings, which has always been a bit of a problem, okay? And I'm on Linksys as website right now, and they're saying, Hey, we're experiencing longer than usual wait times while Yeah, I bet they are. If you have Linksys smart Wi-Fi, if you're using it, make sure you go and change your usernames and passwords right away because it's turning out to be a problem. So we're going to talk about zoom some more when we get back you're listening to Craig Peterson on WGAN and online. Craig Peterson dot com. Hey, welcome back, everybody Craig Peterson here, in case you missed the last segment, if you are using Linksys, you're going to want to go back and listen to it. It's a very, very big deal. Very important. Because of the hack that has just happened with their Smart Wi-Fi service. It's a pretty bad one. Also, we talked about COVID-19 in the show the Patriot Act, 5g rumors, we've got this 5g rumor about how it is accelerating the spread of Coronavirus and the surveillance programs around the world. Now you can listen to all of those on tune in the app. And right there you just search for Craig Peterson you'll see me we post all of these online. So check that out if you missed it. And next week, don't miss any of the show, because I'm on Saturdays from 123 pm. I'd love to hear from you as well. Just send an email to me at Craig Peterson dot com. It is a very, very big deal. Just do that, and we will be reaching out right away. I had promised to get to this ongoing zoom issue. You know I don't like zoom. We after we found out about zooms significant security vulnerabilities. Months ago, we banned it in our company and all of our client's companies out there, and in light of this Coronavirus pandemic, everybody is turned to these apps now FaceTime pretty good, pretty safe. It's encryption, zoom. Not it's pretty good, not safe at all. Currently, hanging out with friends is one thing. But doing work on zoom is entirely different. Because what we found out now is that Zoom is very insecure. You probably heard me last week. I think it was I talked about the thousands of zoom meetings that were found on-line by hackers. Well, this week, we've got yet another zoom story. Researchers found on Monday, according to refinery 29 le Bell's article, that hackers began selling over a half a million zoom accounts for less than one cent per account. And according to findings from the cybersecurity firm Sibyl, which is investigating some of these hacking activities, Sibyl found that more than half a million zoom accounts on hacker forums and the dark web put up for these low prices. Bleeping Computer, which is something that I follow as well and if you are into cybersecurity and understanding some of the computer stuff. I think you'll appreciate it. Bleeping computer has also been reporting on this, some of these accounts are cheap. Cymbal was able to purchase 530,000 Zoom accounts for two-tenths of a cent each. Two-tenths of a cent each, so five for a penny. Now, why are they being hacked so suddenly? Well, it turns out that Zoom has yet another major security problem again, this is what happens when businesses just jump in headfirst without really understanding the implications of what they're doing. And we have seen this over and over again. These hacks are not a traditional hack. In this hack, the hackers used something known as credential stuffing to hack the Zoom accounts. It is something I've warned about, again, and again, and again. I have some features that hopefully we're going to get them running soon here on WGAN, and some of these other radio stations out there. But these credential stuffing attacks take data from the dark web hacks that have happened on other websites where you've got people's usernames, email addresses, or passwords. And then they're compiled into lists that are sold to hackers. There are some huge lists out there that contain millions. I think there's one that had 2 billion usernames and passwords in it. They're being used right now to scam people into sending money from to the hackers. Okay. But then this case what's happening is they are stuffing them into zoom hence credential stuffing, checking to see if zoom will allow them to log in. And of course, Zoom doesn't have the proper security to stop these credential stuffing attacks. Don't use Zoom. Stop using it drives me nuts. So the suspected reason, by the way, that these accounts have been doled out by hackers. It's coming back to this whole Zoom bombing notion where people want to drop in on zoom meetings. Now, Zoom bombing is typically used for trolling and abuse. But if you can go and you can get one of these databases of usernames, email addresses, and passwords. And let's say you want to spy on your competition, and you can now drop in on your competitions' zoom meetings. What do you think is going to happen? If one political party wants to spy on another political party, just look up that person's email address, and you're in. So hackers have been using zoom bombing and virtual synagogue chats during Passover, shouting racial racist slurs at women and people of color berating people attending Alcoholics Anonymous meetings. We've got a high school teacher reporting that her classroom call was accessed by an end on an identified individual who was yelling profanities, putting up swastika tattoos. A woman of color told BuzzFeed that unwelcome parties entered her regular meetings with other women of color and what seemed like 100 people yelling racist slurs at the same time. Cybersecurity experts are suggesting that passwords be changed on all Zoom accounts, that's what I've been saying. Right? Change your password. Don't use your normal Zoom meeting, set up a random Zoom meeting number. It's there now stepping in to help prevent these attacks. The FBI in Boston had to step in and offer tips on how to keep online meetings secure, which is absolutely freaking amazing. So a bit careful and don't use Zoom. A lot of people have switched over to WebEx, which is something I've been using and selling for years now, WebEx teams not only gives you meetings, it gives you all of these different workspaces and things. I like it and recommend it. They are offering their free WebEx meetings for 90 days but had to stop it for a bit because too many people were signing up. WebEx had to open up a whole other data center to be able to handle All of this demand. So it's essential, we need to understand that if you want to have a small meeting with family, friends, even small business and you guys are smart enough to be using iPhones, not Android. Just go ahead and use FaceTime. It's quite good. You'll like FaceTime now. They have meetings for up to 30 people. You can also use a few other apps. You know, some people like WhatsApp, I am not fond of that. Silent Circle has some excellent stuff. They've got a silent phone, and these guys know what they're doing. If you're on Android, the first tip is to get rid of it. Don't use Android if you have anything you're data, and you are concerned about losing. Because Android is not as a secure platform in the least, it's crazy people. Remember, you cannot Get the updates, even with our friends over at Samsung with their Galaxy phones, they only provide updates for a couple of years. So if you are stuck in the Android space, and I get it right, I am not the biggest Apple fan in the world. But their software, their systems are secure. They are not in the business of selling your information. Google Android is in the business of selling your information. Okay. Hey, and when we get back, we're going to talk about iPhones. We're going to talk about what would be the actual cost of an iPhone if it was made in the United States because that may be happening soon. Stick around. We'll be back with more. I'm Craig Peterson, and you're listening to me on WGAN make sure you get my newsletter, Craig Peterson dot com slash subscribe. Hey, welcome back everybody Craig Peterson here on WGAN. And of course, online at Craig Peterson dot com slash subscribe. Well, we have made it through most of the show today we've been talking about Linksys and significant security problems you have to take care of right away if you're using link system vices. We spoke about Zoom and why you don't want to use Zoom ever again, and I gave you some alternatives. What Amazon is doing with canceling Father's Day, Mother's Day, they've changed right now anyways, for the time being, their entire business model COVID-19 of course, we talked about that about some rumors floating around about the spread of COVID-19 because of 5g. We also talked about what countries are doing around the world to help battle this. What is the US doing with surveillance right now on the COVID-19 front? Where it's all taking us? You'll find all of that by going to Craig Peterson dot com right there on the homepage. You can scroll down and listen to any of the segments that you might have missed. You can also get it right on the TuneIn app, where you might even be listening to me right now. Live as the show is aired Saturdays Of course 123 and looking at the clock, that means we are almost done for the day today. I can't believe how fast it went today. I am delighted to be able to help you guys out we've had hundreds of people who have attended my webinars over the last few weeks. I didn't do any this previous week. I am strongly suspected. I'm going to be doing some this coming week. So keep an ear to the ground on this next week. Okay. Let's Get into that Oh, and to do that, the only way you can have a new to the ground on this is if you are on my email list, Craig Peterson dot com slash subscribe. How's that for easy? So how much would an iPhone cost if we make it in America? You know, some of these iPhones go upwards of over $1,000 depending on what they are. And I want you to think about that for just a minute. Not so much in the context strictly of an iPhone. But what did a first computer cost you? How about a laptop? Because frankly, these devices have almost the same functionality as a functional laptop does or a good computer does. They do. And you could not get this type of computing power just a few years ago. I found a couple of my beloved iPhone pods only a few weeks ago in a drawer as I was doing some cleaning, right, aren't we all right spring cleaning time. And I just was shocked and amazed because these things were huge, I think one was 80 gigabytes. And I think the other might have been 120 gigabytes. And that's huge for the day. Huge. I used to listen to them on airplanes. It was just such a relief because all that was on there was my music. And there was nothing else to tempt me. I didn't even put games on them. Now there's a lot of hacks available for the iPod, you can put on some cool players, but that iPod interface, it could

In this episode we talk about Wifi 6 in schools. We also talk about what type of SSIDs to setup and how to manage your wireless.

People in this Episode Micah Hoffman Dutch_Osintguy Sector035 And our special guest: Ritu Gill aka OsintTechniques Links to what we discussed Tweet by Gonzo about searching SSID's with a Google dork https://twitter.com/gonzos_int/status/1222541952413065216?s=11 Another good name check lookup website https://twitter.com/dutch_osintguy/status/1223688324034060292 Good read about deanonymizing TOR circuits https://twitter.com/x0rzkov/status/1224380928094613505 Guest OSINT Curious blog by Jeff Lomas https://twitter.com/BleuBloodHound : https://osintcurio.us/2020/01/31/combing-through-video-faster-using-dfir-and-osint-skills/ 50 cognitive biases in the modern world https://twitter.com/i_intelligence/status/1224230855213830145 OSINT explanation of Kobe Bryant's catastrophic helicopter crash https://www.youtube.com/watch?v=XSHpbGhy3Ko&feature=youtu.be How to find the most recent satellite imagery on earth https://twitter.com/mouthofmorrison/status/1212840820019208192 Trace Labs Global CTF 3 Google Geolocation API now includes Wi-Fi and Cell data https://developers.google.com/maps/documentation/geolocation/intro Tweet by Serge Courier: Scrape Google Maps (a tool and a browser extension to scrape results from a Google maps search – original blog post from Boolean Strings) https://twitter.com/secou/status/1225855494750818304?s=21 10 minute OSINT Curious tip “Viewing LinkedIn Profiles Anonymously” https://youtu.be/bIAdx3CAjtM Identifying and tackling manipulated media – a free online course offered by Reuters https://twitter.com/LorandBodo/status/1225415356409372672 OSINTCombine have put together an importable bookmark stack https://twitter.com/osintcombine/status/1225181330595430400 Ginger_T Article https://medium.com/@Ginger_T/my-journey-into-the-world-of-osint-is-now-just-over-one-year-old-ea6f6d90eda Self Promotion SANS OSINT Summit – February 18th, next week! https://www.sans.org/event/osint-summit-2020/summit-agenda Dutch_OsintGuy Nico doing two OSINT workshops on March 20th and May 18th Google Advanced Searching and Monitoring (in Dutch) https://www.aware-online.com/workshop-google-voor-gevorderden/ https://twitter.com/aware_online/status/1226504473310351360 Dutch_Osintguy Nico teaching in Amsterdam 21-22-23 OSINT module 1 in English --- Support this podcast: https://anchor.fm/osintcurious/support

Drew turned 40 and had a party, and Paul came over to play games. Drew's PC is complete and working, and he couldn't be more relieved. Drew talks about his wonderful new WiFi and how it's all thanks to Paul, but it turns out changing SSIDs isn't as easy as it sounds. The boys get a reader suggestion on smart garage door openers, and Drew talks about his experience owning one (and why it doesn't work right now). Paul talks about his smart lock, and the boys share some thoughts about those as well. Paul opens up about his son's liver transplant, and talks about just how strong he is and how his entire family rallied around him. Recorded on December 28th, 2019 Show Links 6 Nimmt! Werewords Love Letter Treasure Island MyQ Smart Garage Door Opener Chamberlain MYQ-G0301 - Wireless & Wi-Fi enabled Garage Hub with Smartphone Control The Lockpicking Lawyer Donate Life America Organ Donation Ronald McDonald House

The Packet Pushers' latest crash course podcast on wireless for wired engineers dives into beacons, roaming, SSIDs, the ugly reality of band steering, and more WLAN nerdery. Our guest is Chris Reed. The post Heavy Networking 455: The Wonderful World Of Wireless – Beacons, Probes, SSIDs And More appeared first on Packet Pushers.

The Packet Pushers' latest crash course podcast on wireless for wired engineers dives into beacons, roaming, SSIDs, the ugly reality of band steering, and more WLAN nerdery. Our guest is Chris Reed. The post Heavy Networking 455: The Wonderful World Of Wireless – Beacons, Probes, SSIDs And More appeared first on Packet Pushers.

The Packet Pushers' latest crash course podcast on wireless for wired engineers dives into beacons, roaming, SSIDs, the ugly reality of band steering, and more WLAN nerdery. Our guest is Chris Reed. The post Heavy Networking 455: The Wonderful World Of Wireless – Beacons, Probes, SSIDs And More appeared first on Packet Pushers.

Understanding OWE operation from the Aruba Networks demo presented at MFD3. Aruba Networks Demos OWE Opportunistic Wireless Encryption (OWE) is a security improvement coming to open SSIDs. It’s aimed at securing the insecure. We see it everywhere. A Wi-Fi network completely open for clients to join. It’s unencrypted traffic between clients and the AP. OWE […] The post CTS 139: Aruba Networks Demos OWE at MFD3 appeared first on Clear To Send.

In this episode, we take a look at the reimplementation of NetBSD using a Microkernel, check out what makes DHCP faster, and see what high-process count support for DragonflyBSD has to offer, and we answer the questions you've always wanted to ask us. This episode was brought to you by Headlines A Reimplementation Of Netbsd Using a Microkernel (http://theembeddedboard.review/a-reimplementation-of-netbsd-using-a-microkernel-part-1-of-2/) Minix author Andy Tanenbaum writes in Part 1 of a-reimplementation-of-netbsd-using-a-microkernel (http://theembeddedboard.review/a-reimplementation-of-netbsd-using-a-microkernel-part-1-of-2/) Based on the MINIX 3 microkernel, we have constructed a system that to the user looks a great deal like NetBSD. It uses pkgsrc, NetBSD headers and libraries, and passes over 80% of the KYUA tests). However, inside, the system is completely different. At the bottom is a small (about 13,000 lines of code) microkernel that handles interrupts, message passing, low-level scheduling, and hardware related details. Nearly all of the actual operating system, including memory management, the file system(s), paging, and all the device drivers run as user-mode processes protected by the MMU. As a consequence, failures or security issues in one component cannot spread to other ones. In some cases a failed component can be replaced automatically and on the fly, while the system is running, and without user processes noticing it. The talk will discuss the history, goals, technology, and status of the project. Research at the Vrije Universiteit has resulted in a reimplementation of NetBSD using a microkernel instead of the traditional monolithic kernel. To the user, the system looks a great deal like NetBSD (it passes over 80% of the KYUA tests). However, inside, the system is completely different. At the bottom is a small (about 13,000 lines of code) microkernel that handles interrupts, message passing, low-level scheduling, and hardware related details. Nearly all of the actual operating system, including memory management, the file system(s), paging, and all the device drivers run as user-mode processes protected by the MMU. As a consequence, failures or security issues in one component cannot spread to other ones. In some cases a failed component can be replaced automatically and on the fly, while the system is running. The latest work has been adding live update, making it possible to upgrade to a new version of the operating system WITHOUT a reboot and without running processes even noticing. No other operating system can do this. The system is built on MINIX 3, a derivative of the original MINIX system, which was intended for education. However, after the original author, Andrew Tanenbaum, received a 2 million euro grant from the Royal Netherlands Academy of Arts and Sciences and a 2.5 million euro grant from the European Research Council, the focus changed to building a highly reliable, secure, fault tolerant operating system, with an emphasis on embedded systems. The code is open source and can be downloaded from www.minix3.org. It runs on the x86 and ARM Cortex V8 (e.g., BeagleBones). Since 2007, the Website has been visited over 3 million times and the bootable image file has been downloaded over 600,000 times. The talk will discuss the history, goals, technology, and status of the project. Part 2 (http://theembeddedboard.review/a-reimplementation-of-netbsd-using-a-microkernel-part-2-of-2/) is also available. *** Rapid DHCP: Or, how do Macs get on the network so fast? (https://cafbit.com/post/rapid_dhcp_or_how_do/) One of life's minor annoyances is having to wait on my devices to connect to the network after I wake them from sleep. All too often, I'll open the lid on my EeePC netbook, enter a web address, and get the dreaded "This webpage is not available" message because the machine is still working on connecting to my Wi-Fi network. On some occasions, I have to twiddle my thumbs for as long as 10-15 seconds before the network is ready to be used. The frustrating thing is that I know it doesn't have to be this way. I know this because I have a Mac. When I open the lid of my MacBook Pro, it connects to the network nearly instantaneously. In fact, no matter how fast I am, the network comes up before I can even try to load a web page. My curiosity got the better of me, and I set out to investigate how Macs are able to connect to the network so quickly, and how the network connect time in other operating systems could be improved. I figure there are three main categories of time-consuming activities that occur during network initialization: Link establishment. This is the activity of establishing communication with the network's link layer. In the case of Wi-Fi, the radio must be powered on, the access point detected, and the optional encryption layer (e.g. WPA) established. After link establishment, the device is able to send and receive Ethernet frames on the network. Dynamic Host Configuration Protocol (DHCP). Through DHCP handshaking, the device negotiates an IP address for its use on the local IP network. A DHCP server is responsible for managing the IP addresses available for use on the network. Miscellaneous overhead. The operating system may perform any number of mundane tasks during the process of network initialization, including running scripts, looking up preconfigured network settings in a local database, launching programs, etc. My investigation thus far is primarily concerned with the DHCP phase, although the other two categories would be interesting to study in the future. I set up a packet capture environment with a spare wireless access point, and observed the network activity of a number of devices as they initialized their network connection. For a worst-case scenario, let's look at the network activity captured while an Android tablet is connecting: This tablet, presumably in the interest of "optimization", is initially skipping the DHCP discovery phase and immediately requesting its previous IP address. The only problem is this is a different network, so the DHCP server ignores these requests. After about 4.5 seconds, the tablet stubbornly tries again to request its old IP address. After another 4.5 seconds, it resigns itself to starting from scratch, and performs the DHCP discovery needed to obtain an IP address on the new network. In all fairness, this delay wouldn't be so bad if the device was connecting to the same network as it was previously using. However, notice that the tablet waits a full 1.13 seconds after link establishment to even think about starting the DHCP process. Engineering snappiness usually means finding lots of small opportunities to save a few milliseconds here and there, and someone definitely dropped the ball here. In contrast, let's look at the packet dump from the machine with the lightning-fast network initialization, and see if we can uncover the magic that is happening under the hood: The key to understanding the magic is the first three unicast ARP requests. It looks like Mac OS remembers certain information about not only the last connected network, but the last several networks. In particular, it must at least persist the following tuple for each of these networks: > 1. The Ethernet address of the DHCP server > 2. The IP address of the DHCP server > 3. Its own IP address, as assigned by the DHCP server During network initialization, the Mac transmits carefully crafted unicast ARP requests with this stored information. For each network in its memory, it attempts to send a request to the specific Ethernet address of the DHCP server for that network, in which it asks about the server's IP address, and requests that the server reply to the IP address which the Mac was formerly using on that network. Unless network hosts have been radically shuffled around, at most only one of these ARP requests will result in a response—the request corresponding to the current network, if the current network happens to be one of the remembered networks. This network recognition technique allows the Mac to very rapidly discover if it is connected to a known network. If the network is recognized (and presumably if the Mac knows that the DHCP lease is still active), it immediately and presumptuously configures its IP interface with the address it knows is good for this network. (Well, it does perform a self-ARP for good measure, but doesn't seem to wait more than 13ms for a response.) The DHCP handshaking process begins in the background by sending a DHCP request for its assumed IP address, but the network interface is available for use during the handshaking process. If the network was not recognized, I assume the Mac would know to begin the DHCP discovery phase, instead of sending blind requests for a former IP address as the Galaxy Tab does. The Mac's rapid network initialization can be credited to more than just the network recognition scheme. Judging by the use of ARP (which can be problematic to deal with in user-space) and the unusually regular transmission intervals (a reliable 1.0ms delay between each packet sent), I'm guessing that the Mac's DHCP client system is entirely implemented as tight kernel-mode code. The Mac began the IP interface initialization process a mere 10ms after link establishment, which is far faster than any other device I tested. Android devices such as the Galaxy Tab rely on the user-mode dhclient system (part of the dhcpcd package) dhcpcd program, which no doubt brings a lot of additional overhead such as loading the program, context switching, and perhaps even running scripts. The next step for some daring kernel hacker is to implement a similarly aggressive DHCP client system in the Linux kernel, so that I can enjoy fast sign-on speeds on my Android tablet, Android phone, and Ubuntu netbook. There already exists a minimal DHCP client implementation in the Linux kernel, but it lacks certain features such as configuring the DNS nameservers. Perhaps it wouldn't be too much work to extend this code to support network recognition and interface with a user-mode daemon to handle such auxillary configuration information received via DHCP. If I ever get a few spare cycles, maybe I'll even take a stab at it. You can also find other ways of optimizing the dhclient program and how it works in the dhclient tutorial on Calomel.org (https://calomel.org/dhclient.html). *** BSDCam Trip Report (https://www.freebsdfoundation.org/blog/bsdcam-2017-trip-report-michael-lucas/) Over the decades, FreeBSD development and coordination has shifted from being purely on-line to involving more and more in-person coordination and cooperation. The FreeBSD Foundation sponsors a devsummit right before BSDCan, EuroBSDCon, and AsiaBSDCon, so that developers traveling to the con can leverage their airfare and hammer out some problems. Yes, the Internet is great for coordination, but nothing beats a group of developers spending ten minutes together to sketch on a whiteboard and figuring out exactly how to make something bulletproof. In addition to the coordination efforts, though, conference devsummits are hierarchical. There's a rigid schedule, with topics decided in advance. Someone leads the session. Sessions can be highly informative, passionate arguments, or anything in between. BSDCam is… a little different. It's an invaluable part of the FreeBSD ecosystem. However, it's something that I wouldn't normally attend. But right now, is not normal. I'm writing a new edition of Absolute FreeBSD. To my astonishment, people have come to rely on this book when planning their deployments and operations. While I find this satisfying, it also increases the pressure on me to get things correct. When I wrote my first FreeBSD book back in 2000, a dozen mailing lists provided authoritative information on FreeBSD development. One person could read every one of those lists. Today, that's not possible—and the mailing lists are only one narrow aspect of the FreeBSD social system. Don't get me wrong—it's pretty easy to find out what people are doing and how the system works. But it's not that easy to find out what people will be doing and how the system will work. If this book is going to be future-proof, I needed to leave my cozy nest and venture into the wilds of Cambridge, England. Sadly, the BSDCam chair agreed with my logic, so I boarded an aluminum deathtrap—sorry, a “commercial airliner”—and found myself hurtled from Detroit to Heathrow. And one Wednesday morning, I made it to the William Gates building of Cambridge University, consciousness nailed to my body by a thankfully infinite stream of proper British tea. BSDCam attendance is invitation only, and the facilities can only handle fifty folks or so. You need to be actively working on FreeBSD to wrangle an invite. Developers attend from all over the world. Yet, there's no agenda. Robert Watson is the chair, but he doesn't decide on the conference topics. He goes around the room and asks everyone to introduce themselves, say what they're working on, and declare what they want to discuss during the conference. The topics of interest are tallied. The most popular topics get assigned time slots and one of the two big rooms. Folks interested in less popular topics are invited to claim one of the small breakout rooms. Then the real fun begins. I started by eavesdropping in the virtualization workshop. For two hours, people discussed FreeBSD's virtualization needs, strengths, and weaknesses. What needs help? What should this interface look like? What compatibility is important, and what isn't? By the end of the session, the couple dozen people had developed a reasonable consensus and, most importantly, some folks had added items to their to-do lists. Repeat for a dozen more topics. I got a good grip on what's really happening with security mitigation techniques, FreeBSD's cloud support, TCP/IP improvements, advances in teaching FreeBSD, and more. A BSDCan devsummit presentation on packaging the base system is informative, but eavesdropping on two dozen highly educated engineers arguing about how to nail down the final tidbits needed to make that a real thing is far more educational. To my surprise, I was able to provide useful feedback for some sessions. I speak at a lot of events outside of the FreeBSD world, and was able to share much of what I hear at Linux conferences. A tool that works well for an experienced developer doesn't necessarily work well for everyone. Every year, I leave BSDCan tired. I left BSDCam entirely exhausted. These intense, focused discussions stretched my brain. But, I have a really good idea where key parts of FreeBSD development are actually headed. This should help future-proof the new Absolute FreeBSD, as much as any computer book can be future-proof. Plus, BSDCam throws the most glorious conference dinner I've ever seen. I want to thank Robert Watson for his kind invitation, and the FreeBSD Foundation for helping defray the cost of this trip Interview - The BSDNow Crew As a kid, what did you dream of to become as an adult? JT: An Astronaut BR: I wanted to be a private detective, because of all the crime novels that I read back then. I didn't get far with it. However, I think the structured analysis skills (who did what, when, and such) help me in debugging and sysadmin work. AJ: Didn't think about it much How do you manage to stay organized day to day with so much things you're actively doing each day? (Day job, wife/girlfriend, conferences, hobbies, friends, etc.) JT: Who said I was organized? BR: A lot of stuff in my calendar as reminders, open browser tabs as “to read later” list. A few things like task switching when getting stuck helps. Also, focus on a single goal for the day, even though there will be distractions. Slowly, but steadily chip away at the things you're working on. Rather than to procrastinate and put things back to review later, get started early with easy things for a big task and then tackle the hard part. Often, things look totally chaotic and unmanageable, until you start working on them. AJ: I barely manage. Lots of Google Calendar reminders, and the entire wall of my office is covered in whiteboard sheet todo lists. I use pinboard.in to deal with finding and organizing bookmarks. Write things down, don't trust your memory. What hobbies outside of IT do you have? JT: I love photography, but I do that Professional part time, so I'm not sure if that counts as a hobby anymore. I guess it'd have to be working in the garage on my cars. BR: I do Tai Chi to relax once a week in a group, but can also do it alone, pretty much everywhere. Way too much Youtube watching and browsing the web. I did play some games before studying at the university and I'm still proud that I could control it to the bare minimum not to impact my studies. A few “lapses” from time to time, revisiting the old classics since the newer stuff won't run on my machines anyway. Holiday time is pretty much spent for BSD conferences and events, this is where I can relax and talk with like-minded people from around the world, which is fascinating. Plus, it gets me to various places and countries I never would have dared to visit on my own. AJ: I play a few video games, and I like to ski, although I don't go very often as most of my vacation time is spent hanging out with my BSD friends at various conferences How do you relax? JT: What is this word ‘relax' and what does it mean? BR: My Tai Chi plays a big part in it I guess. I really calms you and the constant stream of thoughts for a while. It also gives you better clarity of what's important in life. Watching movies, sleeping long. AJ: Usually watching TV or Movies. Although I have taken to doing most of my TV watching on my exercise bike now, but it is still mentally relaxing If FreeBSD didn't exist, which BSD flavour would you use? Why? JT: I use TrueOS, but if FreeBSD didn't exist, that project might not either… so… My other choice would be HardenedBSD, but since it's also based on FreeBSD I'm in the same dillema. BR: I once installed NetBSD to see what It can do. If FreeBSD wouldn't exist, I would probably try my luck with it. OpenBSD is also appealing, but I've never installed it. AJ: When I started using FreeBSD in 2000, the only other BSD I had heard of at the time was OpenBSD. If FreeBSD wasn't around, I don't think the world would look like it does, so it is hard to speculate. If any of the BSD's weren't around and you had to use Linux, which camp would belong to? (Redhat, SUSE, Debian, Ubuntu, Gentoo?) JT: I learned Linux in the mid 90s using Slackware, which I used consistently up until the mid 2000s, when I joined the PuppyLinux community and eventually became a developer (FYI, Puppy was/is/can be based on Slackware -- its complicated). So I'd go back to using either Slackware or PuppyLinux. BR: I tried various Linux distributions until I landed at Debian. I used is pretty extensively as my desktop OS at home, building custom kernels and packages to install them until I discovered FreeBSD. I ran both side by side for a few months for learning until one day I figured out that I had not booted Debian in a while, so I switched completely. AJ: The first Linux I played with was Slackware, and it is the most BSD like, but the bits of Linux I learned in school were Redhat and so I can somewhat wrap my head around it, although now that they are changing everything to systemd, all of that old knowledge is more harmful than useful. Are you still finding yourself in need to use Windows/Mac OS? Why? JT: I work part time as a professional Photographer, so I do use Windows for my photography work. While I can do everything I need to do in Linux, it comes down to being pragmatic about my time. What takes me several hours to accomplish in Linux I can accomplish in 20 minutes on Windows. BR: I was a long time Windows-only user before my Unix days. But back when Vista was about to come out and I needed a new laptop, my choice was basically learning to cope with Vistas awful features or learn MacOS X. I did the latter, it increased my productivity since it's really a good Unix desktop experience (at least, back then). I only have to use Windows at work from time to time as I manage our Windows Terminal server, which keeps the exposure low enough and I only connect to it to use a certain app not available for the Mac or the BSDs. AJ: I still use Windows to play games, for a lot of video conferencing, and to produce BSD Now. Some of it could be done on BSD but not as easily. I have promised myself that I will switch to 100% BSD rather than upgrade to Windows 10, so we'll see how that goes. Please describe your home networking setup. Router type, router OS, router hardware, network segmentation, wifi apparatus(es), other devices connected, and anything else that might be interesting about your home network. BR: Very simple and boring: Apple Airport Express base station and an AVM FritzBox for DNS, DHCP, and the link to my provider. A long network cable to my desktop machine. That I use less and less often. I just bought an RPI 3 for some home use in the future to replace it. Mostly my brother's and my Macbook Pro's are connected, our phones and the iPad of my mother. AJ: I have a E3-1220 v3 (dual 3.1ghz + HT) with 8 GB of ram, and 4x Intel gigabit server NICs as my router, and it runs vanilla FreeBSD (usually some snapshot of -current). I have 4 different VLANs, Home, Office, DMZ, and Guest WiFi. WiFi is served via a tiny USB powered device I bought in Tokyo years ago, it serves 3 different SSIDs, one for each VLAN except the DMZ. There are ethernet jacks in every room wired for 10 gigabit, although the only machines with 10 gigabit are my main workstation, file server, and some machines in the server rack. There are 3 switches, one for the house (in the laundry room), one for the rack, and one for 10gig stuff. There is a rack in the basement spare bedroom, it has 7 servers in it, mostly storage for live replicas of customer data for my company. How do guys manage to get your work done on FreeBSD desktops? What do you do when you need to a Linux or Windows app that isn't ported, or working? I've made several attempts to switch to FreeBSD, but each attempt failed because of tools not being available (e.g. Zoom, Dropbox, TeamViewer, Crashplan) or broken (e.g. VirtualBox). BR: I use VIrtualBox for everything that is not natively available or Windows-only. Unfortunately, that means no modern games. I mostly do work in the shell when I'm on FreeBSD and when it has to be a graphical application, then I use Fluxbox as the DE. I want to get work done, not look at fancy eye-candy that get's boring after a while. Deactivated the same stuff on my mac due to the same reason. I look for alternative software online, but my needs are relatively easy to satisfy as I'm not doing video editing/rendering and such. AJ: I generally find that I don't need these apps. I use Firefox, Thunderbird, OpenSSH, Quassel, KomodoEdit, and a few other apps, so my needs are not very demanding. It is annoying when packages are broken, but I usually work around this with boot environments, and being able to just roll back to a version that worked for a few days until the problem is solved. I do still have access to a windows machine for the odd time I need specific VPN software or access to Dell/HP etc out-of-band management tools. Which desktop environments are your favorite, and why? For example, I like i3, Xfce, and I'm drawn to Lumina's ethos, but so far always seem to end up back on Xfc because of its ease of use, flexibility, and dashing good looks. JT: As a Lumina Desktop developer, I think my preference is obvious. ;) I am also a long timeOpenBox user, so I have a soft place in my heart for that as well. BR: I use Fluxbox when I need to work with a lot of windows or an application demands X11. KDE and others are too memory heavy for me and I rarely use even 20% of the features they provide. AJ: I was a long time KDE user, but I have adopted Lumina. I find it fast, and that it gets out of my way and lets me do what I want. It had some annoyances early on, but I've nagged the developers into making it work for me. Which command-line shells do you prefer, why, and how (if at all) have you customised the environment or prompt? BR: I use zsh, but without all the fancy stuff you can find online. It might make you more productive, yes. But again, I try to keep things simple. I'm slowly learning tmux and want to work more in it in the future. I sometimes look at other BSD people's laptops and am amazed at what they do with window-management in tmux. My prompt looks like this: bcr@Voyager:~> 20:20 17-08-17 Put this in your .zshrc to get the same result: PROMPT='%n@%m:%~>' RPROMPT='%T %D' AJ: I started using tcsh early on, because it was the shell on the first box I had access to, and because one of the first things I read in “BSD Hacks” was how to enable ‘typo correction”, which made my life a lot better especially on dial up in the early days. My shell prompt looks like this: allan@CA-TOR1-02:/usr/home/allan% What is one thing (or more) missing in FreeBSD you would import from another project or community? Could be tech, process, etc. JT: AUFS from Linux BR: Nohup from Illumos where you can detach an already running process and put it in the background. I often forget that and I'm not in tmux when that happens, so I can see myself use that feature a lot. AJ: Zones (more complete Jails) from IllumOS how do you manage your time to learn about and work on FreeBSD? Does your work/employment enable what you do, or are your contributions mainly done in private time? JT: These days I'm mostly learning things I need for work, so it just falls into something I'm doing while working on work projects. BR: We have a lot of time during the semester holidays to learn on our own, it's part of the idea of being in a university to keep yourself updated, at least for me. Especially in the fast moving world of IT. I also read a lot in my free time. My interests can shift sometimes, but then I devour everything I can find on the topic. Can be a bit excessive, but has gotten me where I am now and I still need a lot to learn (and want to). Since I work with FreeBSD at work (my owndoing), I can try out many things there. AJ: My work means a spend a lot of time working with FreeBSD, but not that much time working ON it. My contributions are mostly done outside of work, but as I own the company I do get more flexibility to take time off for conferences and other FreeBSD related stuff. we know we can bribe Michael W Lucas with gelato (good gelato that is), but what can we use to bribe you guys? Like when I want to have Allan to work on fixing a bug which prevents me from running ZFS on this fancy rock64 board? BR: Desserts of various kinds. AJ: I am probably not the right person to look at your rock64 board. Most people in the project have taken to bribing me with chocolate. In general, my todo list is so long, the best way is a trade, you take this task and I'll take that task. Is your daily mobile device iOS, Android, Windows Mobile, or other? Why? JT: These days I'm using Android on my Blackberry Priv, but until recently I was still a heavy user of Sailfish OS. I would use SailfishOS everyday, if I could find a phone with a keyboard that I could run it on. BR: iOS on the iPhone 7 currently. Never used an Android phone, saw it on other people's devices and what they can do with it (much more). But the infrequent security updates (if any at all) keep me away from it. AJ: I have a Google Nexus 6 (Android 7.1). I wanted the ‘pure' Android experience, and I had been happy with my previous Nexus S. I don't run a custom OS/ROM or anything because I use the phone to verify that video streams work on an ‘average users device'. I am displeased that support for my device will end soon. I am not sure what device I will get next, but it definitely won't be an iPhone. News Roundup Beta Update - Request for (more) Testing (http://undeadly.org/cgi?action=article&sid=20170808065718&mode=flat&count=30) https://beta.undeadly.org/ has received an update. The most significant changes include: The site has been given a less antiquated "look". (As the topic icons have been eliminated, we are no longer seeking help with those graphics.) The site now uses a moderate amount of semantic HTML5. Several bugs in the HTML fragment validator (used for submissions and comments) have been fixed. To avoid generating invalid HTML, submission content which fails validation is no longer displayed in submission/comment previews. Plain text submissions are converted to HTML in a more useful fashion. (Instead of just converting each EOL to , the converter now generates proper paragraphs and interprets two or more consecutive EOLs as indicating a paragraph break.) The redevelopment remains a work-in-progress. Many thanks to those who have contributed! As before, constructive feedback would be appreciated. Of particular interest are reports of bugs in behaviour (for example, in the HTML validator or in authentication) that would preclude the adoption of the current code for the main site. High-process-count support added to master (http://lists.dragonflybsd.org/pipermail/users/2017-August/313552.html) We've fixed a number of bottlenecks that can develop when the number of user processes runs into the tens of thousands or higher. One thing led to another and I said to myself, "gee, we have a 6-digit PID, might as well make it work to a million!". With the commits made today, master can support at least 900,000 processes with just a kern.maxproc setting in /boot/loader.conf, assuming the machine has the memory to handle it. And, in fact, as today's machines start to ratchet up there in both memory capacity and core count, with fast storage (NVMe) and fast networking (10GigE and higher), even in consumer boxes, this is actually something that one might want to do. With AMD's threadripper and EPYC chips now out, the IntelAMD cpu wars are back on! Boasting up to 32 cores (64 threads) per socket and two sockets on EPYC, terabytes of ram, and motherboards with dual 10GigE built-in, the reality is that these numbers are already achievable in a useful manner. In anycase, I've tested these changes on a dual-socket xeon. I can in-fact start 900,000 processes. They don't get a whole lot of cpu and running 'ps' would be painful, but it works and the system is still responsive from the shell with all of that going on. xeon126# uptime 1:42PM up 9 mins, 3 users, load averages: 890407.00, 549381.40, 254199.55 In fact, judging from the memory use, these minimal test processes only eat around 60KB each. 900,000 of them ate only 55GB on a 128GB machine. So even a million processes is not out of the question, depending on the cpu requirements for those processes. Today's modern machines can be stuffed with enormous amounts of memory. Of course, our PIDs are currently limited to 6 digits, so a million is kinda the upper limit in terms of discrete user processes (verses pthreads which are less restricted). I'd rather not go to 7 digits (yet). CFT: Driver for generic MS Windows 7/8/10 - compatible USB HID multi-touch touchscreens (https://lists.freebsd.org/pipermail/freebsd-current/2017-August/066783.html) Following patch [1] adds support for generic MS Windows 7/8/10 - compatible USB HID multi-touch touchscreens via evdev protocol. It is intended to be a native replacement of hid-multitouch.c driver found in Linux distributions and multimedia/webcamd port. Patch is made for 12-CURRENT and most probably can be applied to recent 11-STABLE and 11.1-RELEASE (not tested) How to test" 1. Apply patch [1] 2. To compile this driver into the kernel, place the following lines into your kernel configuration file: device wmt device usb device evdev Alternatively, to load the driver as a module at boot time, place the following line in loader.conf(5): wmt_load="YES" 3. Install x11-drivers/xf86-input-evdev or x11-drivers/xf86-input-libinput port 4. Tell XOrg to use evdev or libinput driver for the device: ``` Section "ServerLayout" InputDevice "TouchScreen0" "SendCoreEvents" EndSection Section "InputDevice" Identifier "TouchScreen0" Driver "evdev" # Driver "libinput" Option "Device" "/dev/input/eventXXX" EndSection ``` Exact value of "/dev/input/eventXXX" can be obtained with evemu-record utility from devel/evemu. Note1: Currently, driver does not support pens or touchpads. Note2: wmt.ko should be kld-loaded before uhid driver to take precedence over it! Otherwise uhid can be kld-unloaded after loading of wmt. wmt review: https://reviews.freebsd.org/D12017 Raw diff: https://reviews.freebsd.org/D12017.diff *** Beastie Bits BSDMag Programing Languages Infographic (https://bsdmag.org/programm_history/) t2k17 Hackathon Report: Bob Beck on buffer cache tweaks, libressl and pledge progress (http://undeadly.org/cgi?action=article&sid=20170815171854) New FreeBSD Journal (https://www.freebsdfoundation.org/past-issues/resource-control/) NetBSD machines at Open Source Conference 2017 Kyoto (http://mail-index.netbsd.org/netbsd-advocacy/2017/08/10/msg000744.html) *** Feedback/Questions Dan - HDD question (http://dpaste.com/3H6TDJV) Benjamin - scrub of death (http://dpaste.com/10F086V) Jason - Router Opinion (http://dpaste.com/2D9102K) Sohrab - Thanks (http://dpaste.com/1XYYTWF) ***

Dave hat ein neues Handy: Xiaomi Redmin 4 und ist sehr zufrieden (mehr dazu in der nächsten Folge) Otti hofft darauf, dass sein iMac durchhält Dave regt sich über Filmkäufe auf. Weil blu-rays oft billiger sind, als die Streaming-Angebote. Schön wäre ein Freischaltcode für gängige Dienste wie Amazon oder Netflix Otti hat Probleme mit seinem WLan im Haus der Fritz Repeater funktioniert nur schlecht und ist auf dLan umgestiegen. Hier hat er ein Gerät von Devolo getestet. Hier ist die Verbindung ausreichend, aber es werden verschiedene Funknetze mit jeweils anderen SSIDs aufgespannt, so dass die Benutzung nicht wirklich Spaß macht Dave hat auf eine Bannerwerbung geklickt, weil ihn das Produkt interessiert, nur um festzustellen, dass er zur Registrierung aufgefordert wird und keinen Zugriff auf das Produkt hat. Der heiße Scheiß... Neues Spielzeug für Otti, die Kamera DJI OSMO

iPhones and keyfobs, batteries and USB-C, external Thunderbolt GPUs, the internet of things vs. SSIDs… there's a lot to weigh in on here, folks, and John and Dave give you their thoughts along with those of your fellow listeners. Download and enjoy! Sponsor: Gemini 2 from MacPaw. Check out Gemini 2, […]

In episode 9 of the Wi-Fi For Beginners podcast, we conclude module 3 of the series, taking a look at wireless Access Points (APs) [Slides: Module 3: 27 – 37]. In this episode we look at: AP indicator lamps Basic AP configuration SSIDs & VLANs Basic security Other AP configuration settings The 802.11 standard and ammendments A ... Read more

Dave's at WWDC, but the bandwidth gods blessed he and John for a cross-country Mac Geek Gab. They talked through some of the geekier aspects of the WWDC announcement, answered a few questions, and shared the answer to a long-standing question: Should 2.4GHz and 5GHz have different SSIDs? Listen now and […]

Richard chats with Rob Gillen about the myths and realities around WiFi security. Rob talks about how the release of passwords in the wild has weakened WPA2-PSK. You need to use an original SSID and long passwords to have a chance to keep your WiFi secure. The conversation also digs into the challenges of open WiFi access as places like coffee shops. Rob also talks about how WiFi Protected Setup has exploits like reaver-wps that can break into a home WiFi network in a matter of hours. He also debunks non-secure security features like hidden SSIDs and MAC address filtering. Finally, Rob rolls out the big guns to talk about WiFi Pineapple, a tool capable of exploiting the preferred wireless network features of smartphones to get them to connect to a man-in-the-middle attack system. Frightening and enlightening!

Intro Mike: On November 6, 2006, BroadLogic Network Technologies, a San Jose chip manufacturer, announced The World's First Massively Parallel, Multi-Channel Video Processor, a terapixel-speed video processing chip that will allow cable providers to recover bandwidth that can then be used to deliver more high definition channels, video on demand and high bandwidth data services without major network upgrades.   Mike: Gordon, before we discuss the Boradlogic product, can you give us an idea of how current cable delivery systems work?   Traditional cable delivery systems work by allocating 6MHz of analog bandwidth for each channel. Most cable providers offer approximately 80 channels that consume (6 MHz/channel x 80 channels) 480 MHz of bandwidth. Typical cable networks provide only 750 MHz of bandwidth and with 480 MHz used for video, there is not much left for other services.   Let's think about this a little bit more - one channel consumes 6 MHz of bandwidth but it takes 480 MHz of bandwidth to deliver that single channel to your TV while "wasting" (480 MHz - 6 Mhz) 474 MHz of bandwidth. Not very efficient even if you have a few TV's going in your house watching different channels at the same time.  In summary and according to an article at Light Reading and linked in the show notes:   Each analog channel consumes 6 MHz of capacity (or roughly 1/125th of the total capacity of an upgraded cable plant). Re-claiming that channel slot frees up enough capacity to launch 2 more channels in HDTV (each of which consumes about 2.4 MHz), or ten more digital Standard Definition (SD) channels (each of which consumes about 0.6 MHz), another ten QAMs, each capable of delivering an additional VOD stream, or more broadband [Internet] capacity.   Many of the hundreds of digital broadcast TV channels a cable operator delivers are not being watched at any given time. It is a network inefficiency that can be remedied by simply switching off those channels that are not being watched. By reclaiming much of this analog spectrum, splitting fiber nodes, and employing switched broadcast video (SBV) techniques, there is lots of room for cable to expand service offerings, including HDTV and VOD.   SBV has attracted major interest to this point and involves the delivery of all 80 or so channels in digital format � it works but requires every attached TV in the house to be connected through a set-top box with each box having its own remote controller - we have 6 connected TVs in my home now so 6 boxes plus 6 more controllers - expensive and we have enough time keeping track of a single remote.   Light Reading says Comcast Corp. has an aggressive plan to cut the average number of analog channels it carries in half over the next five years, from 70 to 35. That means moving some three dozen basic cable networks from analog to digital-only carriage. This is where things get interesting: Until digital penetration reaches 100% being left off the analog tier means reduced distribution. And that means lower affiliate fees, and lower advertising revenue. It's gonna be slow because subscribers will not want to pay for the extra boxes, will not have room for them on their shelves, etc. This means the programmers will fight this tooth and nail. Ironically, it is SBV that may well help prove their case is built on a house of cards. Cable TV programming networks sell themselves to advertisers based on their total distribution footprint - say 40, 60, or 80 million homes. The metric is bogus, as only a small fraction of homes are viewing it. With SBV, MSOs will have all the statistical details on who is watching, and eventually, so will advertisers. Mike: So last week along comes Broadlogic, what does this product do?   According to Broadlogic website:   The BL80000 TeraPIX chip is capable of decoding dozens of digital video streams and generating a full analog and digital service tier, including an 80-plus analog channel lineup, that any number of cable-ready devices (TVs, DVRs, PCs with tuner cards, etc.) can view, plus up to 160SD or 50HD programs.   The TeraPIX processor powers a new type of Residential Gateway, installed outside or just inside a residence, which allows the network to be all-digital, while subscribers continue to receive the cable-ready analog video, digital video, high speed data and voice services they crave. Conventional set-top boxes output one channel at a time and thus feed only one TV. Cable MSOs can use this technology to take their networks all digital, thus tripling their digital capacity at a time when rising content and competitive requirements demand it.   Mike: It sounds like the Broadlogic chip may be a much more cost effective solution - can you give more detail?   More according to Broadlogic website:   The BroadLogic TeraPIX video processor works by decoding bandwidth-conserving digital video signals delivered by a cable operator, and generating 80-plus high-quality channels of television. Cable operators get their extra bandwidth, and consumers get the channel lineups they're used to without having to get more set-tops, run more coax, or lose more remotes.   The TeraPIX processor enables solutions that support virtually all existing analog and digital consumer devices. For example, if a subscriber has a DVR set-top from their cable operator, the digital signals are passed through TeraPIX to the DVR. The price of an individual chip is around $300 when purchased in bulk (1000 or greater numbers)  and cable companies are saying this could be a cost effective way to increase network bandwidth. The technology is moving at such an incredible pace and it is easy to see more bandwidth and more applications and, from an academic perspective, the ability to provide more and more quality IP delivered content to our students at a distance. Very exciting stuff and - what's next?? Mike: Let's change the subject a bit - I know you took a train ride last week and performed an interesting "experiment". Can you fill us in with some details?   On Tuesday I had an excellent visit with the Borough of Manhattan Community College Video Arts and Technology Program (http://www.bmcc.cuny.edu/speech/VAT/VAT.html ) faculty and administrators. BMCC has an NSF project grant titled "Creatiing Career Pathways for Women and Minorities in Digital Video Technology" , an exciting project with an HDTV focus. We're looking forward to lots of good results from the VAT group at BMCC. Instead of driving I took the AMTRAK train down to New York City from Springfield, MA. I had my notebook computer with me and on the way home, as I was doing some work, I decided to let NetStumbler ( http://netstumbler.com/ ) run in the background. NetStumbler is a Windows application that allows you to detect 802.11b, 802.11a and 802.11g Wireless Local Area Network Access Points (WLAN AP's). In addition to Netstumbler, there is MacStumbler for Macintosh computers, and Kismet for machines running Linux. Many people use Netstumbler for wardriving that involves driving a car around with a wireless enabled laptop or PDA and logging wireless Wi-Fi networks. According to the Netstumbler website wardriving was first started in the San Francisco area by the Bay Area Wireless Users Group (BAWUG) and is similar to using a scanner for radio. Many wardrivers will use GPS devices to find the exact location of the network found and log it on a website. In fact, if you have a GPS device attached to your computer Netstumbler will automatically log the latitude and longitude settings for future reference. There are several active databases on the web that maintain lists of open hotspots - one of them is maintained and accessed via the Netstumbler site. In the train I started up Netstumbler on my PC at the New Rochelle, NY stop and just let it run until I got to Springfield, MA with some interesting results. Netstumbler logs, among other things, the access point MAC address, SSID and whether or not the AP is running any kind of encryption. An un-encryped access point is one that is wide open for access. Between New Rochelle and Springfield I logged 1441 access points, many unencryped and wide open for public access. SSIDs were sometimes very descriptive and I found open access points from at least one large insurance company, one law firm and the 36th floor conference room of an unknown company. I also got a kick out of some of the creative SSID names people are using. Hundreds of the access points still had the Vendor SSID with linksys, NETGEAR and default [note: SSID default is commonly used by no-name routers sold by the big box retailers] popping up on my screen as we rocked along the tracks at 60 mph. Hundreds were setup for open access - I could not actually log in to any because we were moving to fast but I'm convinced I could walk the tracks from New Rochelle to Springfield and maintain free wireless access by piggy-backing on these networks. I don't want to get into a debate on what's legal and what is not - my concern is seeing so many open access points with many likely connected directly into corporate networks. I thought we had this security problem licked but it appears many are still buying these things and just plugging them in. Anyone want to carry a load of batteries? References: Netstumbler Website: http://www.netstumbler.com BROADLOGIC UNCLOAKS CABLE�S SECRET WEAPON; Nov 6, 2006; http://broadlogic.com/11062006press.htm Light Reading: http://www.lightreading.com/document.asp?doc_id=106730