Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


Weekly recap of open source and sysadmin related stuff
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Weekly recap of open source and sysadmin related stuff

Recap of week 01 of 2016, covering open source and sysadmin related news, articles, guides, talks, discussions and fun stuff.

original article here

comic
Comic by Dilbert

If you like this website and want to support it AND get $10 Digital Ocean credit (a VPS 2 months for free), use this link to order: https://www.digitalocean.com/?refcode=7435ae6b8212 (referral link).

Earlier editions can be found here. That page has a special RSS feed for the recaps as well.

News, tutorials and articles

  • Progress report for the Dolphin Gamecube Emulator for December 2015. Feature freeze is coming to prepare for Dolphin 5.0. Mario Kart Lens flare fixed, better Wiimote support on Windows, cool.
  • Enable two factor authentication and never use root on AWS, plus two other thing not to do. Like, checking in your private keys or API credentials, although that is not in the article.
  • The hidden cost of using ZFS for your NAS. Something you should know if you even skim through the documentation. Professionally, I always just fill up a storage server with the max amount of disks it can handle and use X for spares, and the rest as mirrored vdevs. But, specific use case where data loss is more important than wasting space.
  • Something going on in the FreeBSD community with Randi Harper. An biased blogpost here and explanation by Colin Percival here. Here's another thread. No idea what this is about and don't want to get in to it too much. The FreeBSD core team posted their initial offical comments.
  • Run Microsoft Office 2010 and 2013 on Linux
  • Changes coming to githost.io. Pricing increase for new users, and for existing users in 2 years. Githost is an official Gitlab service, it basically sells VPSes with Gitlab preconfigured, plus backups and updates.
  • BananaPi with Arch Linux ARM and a mainline kernel. I'm more of an Olimex guy, but that might be because they do deliver open source hardware and are generally awesome.
  • PornHub's 2015 year review. They stream 75GB per second, 2.4 million hits per hour, that's 6700 per second. Link is SFW if you use an adblocker. (The ads are NSFW)
  • A Unikernel Firewall for QubesOS. Excerpt: 'QubesOS provides a desktop operating system made up of multiple virtual machines, running under Xen. To protect against buggy network drivers, the physical network hardware is accessed only by a dedicated (and untrusted) "NetVM", which is connected to the rest of the system via a separate (trusted) "FirewallVM". This firewall VM runs Linux, processing network traffic with code written in C. In this blog post, I replace the Linux firewall VM with a MirageOS unikernel. The resulting VM uses safe (bounds-checked, type-checked) OCaml code to process network traffic, uses less than a tenth of the memory of the default FirewallVM, boots several times faster, and should be much simpler to audit or extend.'
  • Maintain Debian packages with cme. Both GUI and CLI tool for Debian packages. Looks interesting, I might use it for some of my internal packages. Good documentation as well.
  • Protect Windows with AppLocker. A very, very good built-in Windows feature that will, if configured correctly, stops all ransomware, and other unauthorized executables. Really, if you manage a Windows network, configure this right now. A long, long time ago my university used TrustNoEXE, which did basically the same for Windows 2000 and XP.
  • Via the previous link, a small overview of how rundll32 can be used as an information gathering tool.
  • An article that goes into structured logging. I implemented a basic form of this for an internal piece of software for one of my clients. That helps a lot with the parsing later on (nagios and logstash for alerting).
  • Where have all the Gophers gone? Quite a long, but interesting paper from 1999 on the rise and fall of Gopher. I'm too young to have used Gopher, but it was basically the web before http became big.
  • A good article on why systems must be operated with RAID as an example.
  • Automating Let's Encrypt and haproxy. Simple and very effective.
  • Let's Encrypt it so awesome and cool, even malware and criminals start to use it. Better make sure your malware communicates over SSL to it's C&C server.
  • Using Two Factor authentication for SSH
  • Troy Hunt writes on annoying website things like surverys, multi-page articles and ads. Things we all hate.
  • Why privacy is important, and having "nothing to hide" is irrelevant. Nothing more to add, everybody should read and spread this article. Reddit thread with very interesting comments here.
  • An article on choosing a hash for your next project, because bcrypt might not be very resistent to high parallel attacks.
  • The super-secure BlackPhone can be hacked. As can all software, even super secure software.
  • Carreer advice from Scott Adams, creator of Dilbert. TL;DR, learn two skills and become good at them, one of which is a people skill.
  • Dutch govt says no to backdoors, slides $540k into OpenSSL. Yay, my own government does something nice with my tax money.
  • Linode user credentials compromised. All customers forced to reset password. Not the first time Linode's hacked, probably won't be the last. And sadly, they have my creditcard there...
  • Kazakhstan submits a root certificate to Mozilla for consideration. The certificate could be the one that Kazakhstan plans to use for the "man-in-the-middle" attack against TLS users. Here's the Reddit discussion.
  • Happy people don't leave jobs they love. Interesting read on the perspective of a teamlead dealing with people leaving.
  • X.org might loose it's single letter x.org domain name. Do note that this is Phoronix, so take the news they report with a grain of salt.
  • Installing FreeBSD on the Edgerouter Lite, without a serial port. That device has an USB stick with the main OS, which of course you can just dd new software on.

Software, hardware and releases

  • Python code to move to GitHub.
  • Everykey, a small device that does stuff near things, like unlocking your car. Kickstarter, but as always, beware. They have done a kickstarter in 2014 and did not ship to their backers, yet.
  • Bittorrent Filesystem, mount a torrent as a read only directory. Turn VLC into popcorn time.
  • Kivy 1.9.2 released. Kivy is a cross-platform python GUI toolkit, both for the desktop as for mobile. Here are some sample applications.
  • Last week I mentioned Linux on the PSP, UNIX on the GBA and Linux on the 3DS. This week, more awesomeness because, you'd never guess, Windows 95 on the 3DS. Heresay rumors that it's DOSbox. Could be BOCHS as well, since that is what runs Windows 95 on the PSP. (Which I find cool as well).
  • [Bourne Basic][50, a BASIC interpreter implemented (painfully) in pure Bourne shell. Useless, but very cool. Basic also runs on my [PiDP-8]51.
  • Microsoft will drop support for IE 7 and 8 on the 12'th of January. They should drop IE 9, 10 and 11 all and just go with Edge. Microsoft announcement here.
  • Hardware the FSF certified in 2015 to Respect Your Freedom. 3 laptops, 2 3D printers and one Wifi router. My thinkpad is supported by CoreBoot, so i should be able to flash it and, after installing Trisquel, have a fully free software laptop.
  • Postgres 9.5 released. Features the UPSERT feature, which is turns an INSERT that would generate constraint conflicts into an UPDATE.
  • A demo and tutorial on the OS X 10.10 hypervisor to run DOS.
  • KDE Plasma version 5.5.3 (bugfix es mostly) released
  • Mycroft releases key AI component as Open Source. MyCroft is an open source speech powered assistant like Siri or G-Now. This is an intent parser, so that processes your spoken sentence into something you mean, machine parsable. Like, 'text Bob I'll be later'.
  • Yelp releases dumb-init, an INIT system for Docker containers. Beats me, but didn't the purpose of a Docker container was to run only ONE application?
  • Linksys released DD-WRT for WRT1900AC, WRT1200AC, and recently released WRT1900ACS dual-band Gigabit Wi-Fi routers. Downloads here.
  • openage, a free (as in GPLv3) clone of the Age of Empires II engine.
  • BackInTime version 1.1.0 released, featuring a faster GUI, unit tests and more. This is a timemachine-like backup application for desktop linux. Works quite well.

Talks, videos, slides and podcasts

Glass Half - The latest open source movie from the Blender Project.

Fun and nifty things and discussions

  • The 7'th row of the periodic table is complete.
  • Why do OEM's like Dell ship Ubuntu but ignore Linux Mint?
  • Reverse engineering for beginners, a free book.
  • Bryan Lunduke does an AMA.
  • Age of Empires 2 still thrives. Nice article with "official" modders.
  • Facebook had an issue with the epoch. Can't confirm it because I'm not on facebook.
  • 5 reasons Star Wars spaceships make no sense. Not a Star Wars fan myself (Trekkie here), but I guess the most obvious reason is, it's not real. Fiction you might say.
  • Paul White writes about his Ubuntu year.
  • Michael Dominick (from Coder Radio), alwo has a 2015 review.
  • Dealing with non-responding applications windows vs. linux
  • Smashing the z/OS LE "Daisy" Chain for Fun and Cease and Desist letters. A well written article of which I understand the first few topics.
  • Decoding P2000 messages with Linux. P2000 is the Dutch digital emergency services notification system, unencrypted in the air as plain text on 169.65 MHz. With some SDR and bleeding edge software Linux can get and decode these messages.
  • Chaos Communication Congress hackers invaded millions of servers with a poem.
  • Reverse engineering a real candle. Way above my knowledge level, but a good and fun read.
  • Someone got victim of a DHCP exhaustion attack.
  • Remember using a payphone to let someone know you arrived by calling, ringing once and then hanging up, getting your money back? Well, someone expanded that to a data transfer system using morse code. The word CODEX was transferred in just six minutes.
  • Someone's very happy with his new Thinkpad and Linux, and that they survived Craigslist.

Comments

  • yay! Cloudflare didn't block me this time...

    Thanked by 3trewq GM2015 netomx
  • Extremely interesting as always. Thanks a lot!

    Thanked by 1netomx
  • jarjar Patron Provider, Top Host, Veteran

    Love these posts :)

  • http://9to5mac.com/2016/01/06/wi-fi-assist-2000-bill/

    That's another reason why I won't buy apple crap.

    Raymii said: yay! Cloudflare didn't block me this time...

  • jarjar Patron Provider, Top Host, Veteran

    GM2015 said: That's another reason why I won't buy apple crap.

    This comment is important:

    “The piece notes that Finegold did receive a text message warning from his carrier, which he ignored ”

    A text message? If he racked up 144GB, he got a hell of a lot more than one. And his parents would have had to ignore a hell of a lot of texts too if he was on their plan.

    Doesn't matter who makes the product, you can't fix stupid or willfully ignorant :)

    Thanked by 1Shade
  • DD-WRT for the WRT1900AC About time. Was able to finally get Open-WRT to work right.

  • GM2015GM2015 Member
    edited January 2016

    Indeed. This is an interesting story about paypal that I didn't see in raymi's posts, this is from ycombinator.

    https://medium.com/@casey_rosengren/paypal-froze-our-funds-then-offered-us-a-business-loan-49a078310fb

    jarland said: This comment is important:

    edit:

    I still won't buy from apple.

    BTW, it seems cloudflare/ycombinator is damn good at blocking proxies. They're showing no item found/no file found for subpages.

  • @Raymii said: That page has a special RSS feed for the recaps as well.

    Thanks for this.

    Also, I like your site's response headers. :)

  • Coffee: Black
    Tea: Earl-Gray; Hot
    X-Frame-Options: DENY
    X-Content-Type-Options: nosniff
    X-UA-Compatible: IE=Edge,chrome=1
    Cache-Control: public
    Accept-Ranges: bytes
    

    JustAMacUser said: Also, I like your site's response headers. :)

  • netomxnetomx Moderator, Veteran

    @jamesrat said:
    DD-WRT for the WRT1900AC About time. Was able to finally get Open-WRT to work right.

    DDWRT? pukes

  • @GM2015 said:

    > Coffee: Black
    > Tea: Earl-Gray; Hot
    > X-Frame-Options: DENY
    > X-Content-Type-Options: nosniff
    > X-UA-Compatible: IE=Edge,chrome=1
    > Cache-Control: public
    > Accept-Ranges: bytes
    > 

    Yes, finally someone who sees this! I do notice that Earl-Gray is spelled wrong. need to fix that.

  • Raymii said: Do note that this is Phoronix, so take the news they report with a grain of salt.

    no source/proof ? I've search around about this and only article from phoronix mention about this.

  • Excellent :)

  • @jarland said:
    Doesn't matter who makes the product, you can't fix stupid or willfully ignorant :)

    While that's true, it is a stupid feature, and especially having it enabled by default.

    Most users know they can switch Wi-Fi off if the signal is bad, the phone shouldn't make the decision by itself.

    Thanked by 1GM2015
  • @tommy said:
    no source/proof ? I've search around about this and only article from phoronix mention about this.

    That's why I posted the disclaimer with it. Phoronix is phony more often.

    Thanked by 2tommy GM2015
  • @Raymii said:
    Yes, finally someone who sees this! I do notice that Earl-Gray is spelled wrong. need to fix that.

    May you enlighten me on this subject? I'd like to send some custom headers for fun on my pages, too.

  • time4vpstime4vps Member, Host Rep

    teknolaiz said: I'd like to send some custom headers for fun on my pages, too.

    Here you go: http://httpd.apache.org/docs/2.2/mod/mod_headers.html

    Thanked by 1teknolaiz
  • @time4vps said:

    Oh, hello there.

    Sorry, I'm an Nginx user. I don't really like Apache. I think Raymii is also using Nginx. So probably he can share his code from his vHosts with me that is responsible for the headers.

    Or I need to stop being lazy and look it up myself. :)

  • time4vpstime4vps Member, Host Rep
    Thanked by 1teknolaiz
  • RaymiiRaymii Member
    edited January 2016

    In a server {} block:

    add_header Coffee "Black" ;
    add_header Tea "Earl-Gray; Hot" ;
    add_header X-Frame-Options "DENY" ;
    add_header X-UA-Compatible "IE=Edge,chrome=1" ;
    add_header X-Content-Type-Options "nosniff" ;
    add_header Cache-Control "public";
    
    Thanked by 1teknolaiz
  • @Raymii good job & Thank you for taking time to do this i love these posts

    Thanked by 1eastonch
  • simonindia said: @Raymii good job & Thank you for taking time to do this i love these posts

    Seconded, also, well done @Raymii for your great collection of sites & tools, I use atleast one of them each day!

    Thanked by 1Raymii
  • @eastonch said:

    Thanks both :)

    Thanked by 1GM2015
  • Thank you a bunch @Raymii, I read these every week and share with my colleagues.

  • Raymii said: That's why I posted the disclaimer with it. Phoronix is phony more often.

    >

    that ***hole. Can't stop LOL

    [Querying whois.pir.org]
    [whois.pir.org]
    Domain Name: X.ORG
    Domain ID: D3969046-LROR
    WHOIS Server:
    Referral URL: http://www.networksolutions.com
    Updated Date: 2016-01-12T20:22:01Z
    Creation Date: 1997-01-18T05:00:00Z
    Registry Expiry Date: 2025-01-19T05:00:00Z
    
Sign In or Register to comment.