Recap of week 02, 2016

16-01-2016 | Remy van Elst


Table of Contents


Recap of week 02 of 2016, covering open source and sysadmin related news, articles, guides, talks, discussions and fun stuff.

comic Comic by Wumo.

If you like this website and want to support it AND get $10 Digital Ocean credit (a VPS 2 months for free), use this link to order: https://www.digitalocean.com/?refcode=7435ae6b8212 (referral link).

Earlier editions can be found here. That page has a special RSS feed for the recaps as well.

News, tutorials and articles

  • Ford, Mazda, Mitsubishi Motors and Subaru join the Linux Foundation and Automotive Grade Linux. Better ave some open source in your computerized murder machine.

  • Using two factor authentication for SSH. A good article on setting up HOTP two factor auth. Note that SSH keys don't require second auth here because the implementation is with PAM, and SSH keys are before PAM. So, usefull when you need to have password authentication on.

  • An article from a gamedeveloper, why they like to write in C. Reliably, fast but also dangerous.

  • How Nvidia breaks Chrome Incognito mode. Both point at each other, but still, should be fixed.

  • A very informative and detailed article on AJAX request using XMLHttpRequest. I sometimes do coding, and this is a very good explanation on the lower level, now I understand what goes on behind a jquery.load().

  • Dan Luu writes about some really bad intel CPU bugs in 2015, and how we should expect to see more in the future. Above my level, but still an interesting read.

  • The US Department of Defense (DoD) is still issuing SHA-1 signed certificates, and using them to secure connections to .mil websites.

  • Snapper is OpenSUSE's tool to manage BTRFS snapshots. It's a good tool, and enabled by default. I have a machine with OpenSUSE Leap and that creats snapshots at every update and every half hour, so I've used snapper to clean snapshots up. Works like a charm.

  • Owncloud writes about how they are making upgrading more robust. I use OwnCloud, but only for my contact and calendar sync. File sync is too flaky, I've lost important files due to Owncloud sync issues. Lucky me for having great backups.

  • Add a Why (reason) to SSH, to better audit log actions.

  • A neat article on a rather huge (physical) FreeNAS home server build. I like my small Synology which is very power efficient.

  • There are no secure smartphones. Remember the Baseband? A second PC in your phone, with unlimited NSA and carrier access, sping on you all the time.

  • Bare metal programming on your Raspberry Pi with Rust. A lot, and I mean a huge amount of code to get a light blinking. In C this would be much shorter and more clear, but they again, C is not a safe language.

  • Mozilla is shutting down Persona.org. I'm sad that they so blatantly drop and discontinue Persona, since it's a very nice option for authentication on the web.

  • OMG Ubuntu has a scoop on a convergence device running Ubuntu. It might be a 10-inch tablet with 64-bit ARM processor made by Spanish OEM Bq and might be released at the Mobile World Congress.

Software, hardware and releases

  • Piet is a programming language in which programs look like abstract paintings.

  • Ansible 2.0 has been released. Ansible is my favorite configuration management system, easy, written in Python, great documentation and no client required. 2.0 has try/except error handling, a bunch of new Openstack modules and many more good stuff.

  • Inferno OS for the Raspberry Pi released version 0.5, with support for the 512MB original model B. Interesting reasearch project to port Inferno, a plan 9-like OS to the Raspberry Pi.

  • OpenSSH has a vulnerability which can expose client memory (and thus private keys), in an undocumented experimental feature. Update and add UseRoaming No to your .ssh/config file.

  • Some Fritzbox AVM models have a buffer overflow remote code execution. Sadly, my ISP provided model as well. Which is a nice thing, since they disabled telnet in a previous firmware without proper notice beforehand. I'm not updating, since I now have my root access back.

  • Linux Mint 17.3 "Rosa" KDE released, along with the XFCE version.

  • Equicon posted a PDF describing a legacy train control system in Melbource. They migrated around twenty PDP-11/84 systems to emulated hardware, without downtime. Pretty cool.

  • Apple released public beta's for OS X 10.11.4 and iOS 9.3. OS X 10.11.4 public beta 1 includes support for Live Photos in the Messages app, password protected Notes and compatibility with iOS 9.3. iOS 9.3 public beta 1 includes support for password protected Notes, a f.lux-like NightShift mode, support for multiple users in educational environments and a variety of new 3D Touch shortcuts.

  • Veeam backup and replication v9 is released. My windows colleagues are fond of this, as they say, a million times better than Backup Exec. No experience with it myself.

  • Linux kernel 4.4 was released. This releese adds support for 3D support in virtual GPU driver, which allows 3D hardware-accelerated graphics in virtualization guests; loop device support for Direct I/O and Asynchronous I/O, which saves memory and increases performance; support for Open-channel SSDs, which are devices that share the responsibility of the Flash Translation Layer with the operating system; the TCP listener handling is completely lockless and allows for faster and more scalable TCP servers; journalled RAID5 in the MD layer which fixes the RAID write hole; eBPF programs can now be run by unprivileged users, and perf has added support for eBPF programs aswell; a new mlock2() syscall that allows users to request memory to be locked on page fault; and block polling support. There are also new drivers and many other small improvements. Here is the full changelog. (via)

  • The open source video editor OpenShot has released version 2.0 after a few years of no development. It's a nice product to create home video's, like Movie Maker.

  • ForceBindIP is a freeware Windows application that will inject itself into another application and alter how certain Windows socket calls are made, allowing you to force the other application to use a specific network interface / IP address. This is useful if you are in an environment with multiple interfaces and your application has no option to bind to a specific interface. I want this for Linux.

  • So you think you can program an elevator? A fun programming challenge in Python.

  • Exzap released the version 1.3.0 of his Wii U emulator, cemu.

  • Scribus 1.4.6 was released, with SVG blend support and better PDF exports.

  • Awkaster, a ray casting demo written in AWK. Or, basically a small Doom/Wolfenstein clone. Amazing!

  • The Atom text editor has a new release, version 1.4.0. I'm more of a vim and Sublime Text fan myself, Atom feels very slow.

  • MidnightBSD 0.7.3 released, mostly security fixes.

  • FreeBSD on the EdgeRouter Lite, without serial port access. Turns out it's just a USB stick, so DD an image and done. Neat small device runs full FreeBSD as a router.

  • Let's Encrypt has issued over 300K certificates!

  • Jeff Hoogland released version 0.2.0 of the Moksha desktop. For those unfamiliar, that's an E17 fork used in Bodhi Linux. Low resource usage, but high on special effects.

Talks, videos, slides and podcasts

Mycroft, turn on Netflix.

Fun and nifty things and discussions


Tags: ansible, atom, audit, automotive-grade-linux, awk, baseband, bodhi, c, cemu, chrome, cpu, elevator, freebsd, fritzbox, hotp, inferno, lets-encrypt, linux, linux-mint, magic, mozilla, mycroft, news, nvidia, openshot, openssh, owncloud, pdp-11, persona, piet, porn-mode, raspberry-pi, recap, rust, scribus, sha1, snapper, ssh, ssl, two-factor, ubuntu, veeam, xmlhttprequest,