Recap of week 01, 2016

10-01-2016 | Remy van Elst


Table of Contents


Recap of week 01 of 2016, covering open source and sysadmin related news, articles, guides, talks, discussions and fun stuff.

comic Comic by Dilbert

If you like this website and want to support it AND get $10 Digital Ocean credit (a VPS 2 months for free), use this link to order: https://www.digitalocean.com/?refcode=7435ae6b8212 (referral link).

Earlier editions can be found here. That page has a special RSS feed for the recaps as well.

News, tutorials and articles

  • Progress report for the Dolphin Gamecube Emulator for December 2015. Feature freeze is coming to prepare for Dolphin 5.0. Mario Kart Lens flare fixed, better Wiimote support on Windows, cool.
  • Enable two factor authentication and never use root on AWS, plus two other thing not to do. Like, checking in your private keys or API credentials, although that is not in the article.
  • The hidden cost of using ZFS for your NAS. Something you should know if you even skim through the documentation. Professionally, I always just fill up a storage server with the max amount of disks it can handle and use X for spares, and the rest as mirrored vdevs. But, specific use case where data loss is more important than wasting space.
  • Something going on in the FreeBSD community with Randi Harper. An biased blogpost here and explanation by Colin Percival here. Here's another thread. No idea what this is about and don't want to get in to it too much. The FreeBSD core team posted their initial offical comments.
  • Run Microsoft Office 2010 and 2013 on Linux
  • Changes coming to githost.io. Pricing increase for new users, and for existing users in 2 years. Githost is an official Gitlab service, it basically sells VPSes with Gitlab preconfigured, plus backups and updates.
  • BananaPi with Arch Linux ARM and a mainline kernel. I'm more of an Olimex guy, but that might be because they do deliver open source hardware and are generally awesome.
  • PornHub's 2015 year review. They stream 75GB per second, 2.4 million hits per hour, that's 6700 per second. Link is SFW if you use an adblocker. (The ads are NSFW)
  • A Unikernel Firewall for QubesOS. Excerpt: 'QubesOS provides a desktop operating system made up of multiple virtual machines, running under Xen. To protect against buggy network drivers, the physical network hardware is accessed only by a dedicated (and untrusted) "NetVM", which is connected to the rest of the system via a separate (trusted) "FirewallVM". This firewall VM runs Linux, processing network traffic with code written in C. In this blog post, I replace the Linux firewall VM with a MirageOS unikernel. The resulting VM uses safe (bounds-checked, type-checked) OCaml code to process network traffic, uses less than a tenth of the memory of the default FirewallVM, boots several times faster, and should be much simpler to audit or extend.'
  • Maintain Debian packages with cme. Both GUI and CLI tool for Debian packages. Looks interesting, I might use it for some of my internal packages. Good documentation as well.
  • Protect Windows with AppLocker. A very, very good built-in Windows feature that will, if configured correctly, stops all ransomware, and other unauthorized executables. Really, if you manage a Windows network, configure this right now. A long, long time ago my university used TrustNoEXE, which did basically the same for Windows 2000 and XP.
  • Via the previous link, a small overview of how rundll32 can be used as an information gathering tool.
  • An article that goes into structured logging. I implemented a basic form of this for an internal piece of software for one of my clients. That helps a lot with the parsing later on (nagios and logstash for alerting).
  • Where have all the Gophers gone? Quite a long, but interesting paper from 1999 on the rise and fall of Gopher. I'm too young to have used Gopher, but it was basically the web before http became big.
  • A good article on why systems must be operated with RAID as an example.
  • Automating Let's Encrypt and haproxy. Simple and very effective.
  • Let's Encrypt it so awesome and cool, even malware and criminals start to use it. Better make sure your malware communicates over SSL to it's C&C server.
  • Using Two Factor authentication for SSH
  • Troy Hunt writes on annoying website things like surverys, multi-page articles and ads. Things we all hate.
  • Why privacy is important, and having "nothing to hide" is irrelevant. Nothing more to add, everybody should read and spread this article. Reddit thread with very interesting comments here.
  • An article on choosing a hash for your next project, because bcrypt might not be very resistent to high parallel attacks.
  • The super-secure BlackPhone can be hacked. As can all software, even super secure software.
  • Carreer advice from Scott Adams, creator of Dilbert. TL;DR, learn two skills and become good at them, one of which is a people skill.
  • Dutch govt says no to backdoors, slides $540k into OpenSSL. Yay, my own government does something nice with my tax money.
  • Linode user credentials compromised. All customers forced to reset password. Not the first time Linode's hacked, probably won't be the last. And sadly, they have my creditcard there...
  • Kazakhstan submits a root certificate to Mozilla for consideration. The certificate could be the one that Kazakhstan plans to use for the "man-in-the-middle" attack against TLS users. Here's the Reddit discussion.
  • Happy people don't leave jobs they love. Interesting read on the perspective of a teamlead dealing with people leaving.
  • X.org might loose it's single letter x.org domain name. Do note that this is Phoronix, so take the news they report with a grain of salt.
  • Installing FreeBSD on the Edgerouter Lite, without a serial port. That device has an USB stick with the main OS, which of course you can just dd new software on.

Software, hardware and releases

  • Python code to move to GitHub.
  • Everykey, a small device that does stuff near things, like unlocking your car. Kickstarter, but as always, beware. They have done a kickstarter in 2014 and did not ship to their backers, yet.
  • Bittorrent Filesystem, mount a torrent as a read only directory. Turn VLC into popcorn time.
  • Kivy 1.9.2 released. Kivy is a cross-platform python GUI toolkit, both for the desktop as for mobile. Here are some sample applications.
  • Last week I mentioned Linux on the PSP, UNIX on the GBA and Linux on the 3DS. This week, more awesomeness because, you'd never guess, Windows 95 on the 3DS. Heresay rumors that it's DOSbox. Could be BOCHS as well, since that is what runs Windows 95 on the PSP. (Which I find cool as well).
  • [Bourne Basic][50, a BASIC interpreter implemented (painfully) in pure Bourne shell. Useless, but very cool. Basic also runs on my PiDP-8.
  • Microsoft will drop support for IE 7 and 8 on the 12'th of January. They should drop IE 9, 10 and 11 all and just go with Edge. Microsoft announcement here.
  • Hardware the FSF certified in 2015 to Respect Your Freedom. 3 laptops, 2 3D printers and one Wifi router. My thinkpad is supported by CoreBoot, so i should be able to flash it and, after installing Trisquel, have a fully free software laptop.
  • Postgres 9.5 released. Features the UPSERT feature, which is turns an INSERT that would generate constraint conflicts into an UPDATE.
  • A demo and tutorial on the OS X 10.10 hypervisor to run DOS.
  • KDE Plasma version 5.5.3 (bugfix es mostly) released
  • Mycroft releases key AI component as Open Source. MyCroft is an open source speech powered assistant like Siri or G-Now. This is an intent parser, so that processes your spoken sentence into something you mean, machine parsable. Like, 'text Bob I'll be later'.
  • Yelp releases dumb-init, an INIT system for Docker containers. Beats me, but didn't the purpose of a Docker container was to run only ONE application?
  • Linksys released DD-WRT for WRT1900AC, WRT1200AC, and recently released WRT1900ACS dual-band Gigabit Wi-Fi routers. Downloads here.
  • openage, a free (as in GPLv3) clone of the Age of Empires II engine.
  • BackInTime version 1.1.0 released, featuring a faster GUI, unit tests and more. This is a timemachine-like backup application for desktop linux. Works quite well.

Talks, videos, slides and podcasts

Glass Half - The latest open source movie from the Blender Project.

Fun and nifty things and discussions

  • The 7'th row of the periodic table is complete.
  • Why do OEM's like Dell ship Ubuntu but ignore Linux Mint?
  • Reverse engineering for beginners, a free book.
  • Bryan Lunduke does an AMA.
  • Age of Empires 2 still thrives. Nice article with "official" modders.
  • Facebook had an issue with the epoch. Can't confirm it because I'm not on facebook.
  • 5 reasons Star Wars spaceships make no sense. Not a Star Wars fan myself (Trekkie here), but I guess the most obvious reason is, it's not real. Fiction you might say.
  • Paul White writes about his Ubuntu year.
  • Michael Dominick (from Coder Radio), alwo has a 2015 review.
  • Dealing with non-responding applications windows vs. linux
  • Smashing the z/OS LE "Daisy" Chain for Fun and Cease and Desist letters. A well written article of which I understand the first few topics.
  • Decoding P2000 messages with Linux. P2000 is the Dutch digital emergency services notification system, unencrypted in the air as plain text on 169.65 MHz. With some SDR and bleeding edge software Linux can get and decode these messages.
  • Chaos Communication Congress hackers invaded millions of servers with a poem.
  • Reverse engineering a real candle. Way above my knowledge level, but a good and fun read.
  • Someone got victim of a DHCP exhaustion attack.
  • Remember using a payphone to let someone know you arrived by calling, ringing once and then hanging up, getting your money back? Well, someone expanded that to a data transfer system using morse code. The word CODEX was transferred in just six minutes.
  • Someone's very happy with his new Thinkpad and Linux, and that they survived Craigslist.

Tags: 3ds, applocker, arch-linux, aws, banana-pi, basic, blackphone, dd-wrt, docker, dolphin, dpkg, edgerouter, everykey, freebsd, gamecube, gba, gitlab, gopher, haproxy, kivy, lets-encrypt, linksys, linode, microsoft, microsoft-office, mycroft, news, openssl, pornhub, postgres, privacy, psp, python, qubesos, recap, rundll32, ssl, two-factor, windows-95, xorg, zfs,