All Jupiter Broadcasting Shows

Safely host your own password database using totally open source software. We cover BitWarden, our top choice to solve this problem. Plus we announce a new show we're super proud of, and chat with Dan Lynch from OggCamp.Special Guests: Alan Pope, Alex Kretzschmar, Brent Gervais, Dan Lynch, and Ell Marquez.Links:low-memory-monitor: new project announcement — low-memory-monitor, as its name implies, monitors the amount of free physical memory on the system and will shoot off signals to interested user-space applications, usually session managers, or sandboxing helpers, when that memory runs low, making it possible for applications to shrink their memory footprints before it's too late either to recover a usable system, or avoid taking a performance hit. Fedora Switching To The BFQ I/O Scheduler For Better Responsiveness & Throughput - Phoronix — Following Chromebooks switching to BFQ and other distributions weighing this I/O scheduler for better responsiveness while maintaining good throughput capabilities, beginning with Fedora 31 there will be BFQ used as well. Pinebook Preorders — Public #Pinebook Pro pre-orders start in the morning PDT (California, USA Time) August 25. The NEXT pre-order window will be mid-September; so don't worry if you won't get a pre-order now, it won't be a long wait for the next pre-order window.LINUX Unplugged - Blog - Summer Sprint 2019 — Working remotely certainly has its advantages and I love the ability to sit in the comfort of my own home doing work I’m passionate about. That being said, I think it’s equally important to spend time together in meat space. There really is nothing like looking across the table at your co-workers while you try to flush out new ideas, make important decisions, or just share a meal. Not to mention, Washington is beautiful this time of the year...Subscribe to Self Hosted — Discover new software and hardware to get the best out of your network, control smart devices, and secure your data on cloud services. Self Hosted is a chat show between Chris and Alex two long-time "self hosters" who share their lessons and take you on the journey of their new ones.Self Hosted Coming Soon — Self Hosted TeaserOGGCAMP 19 - OggCamp 19 — We’re at The Manchester Conference Centre in the Pendulum Hotel near Picadilly Station the weekend of October 19th and 20th 2019. Jupiter Extras — New ideas, great interviews, events, and other content you will love. We bring you the Extras. Texas Cyber Summit — October 10th-12th, 2019 at the Grand Hyatt in San AntonionKyle Spearrin's GitHubBehind the scenes with the Bitwarden password manager | Opensource.com — I've used password management tools for years. I became frustrated by the complexity and barrier to entry many of the existing solutions offered. There was also a lack of quality, open source solutions available. I thought things could be done better and that there was great value in doing so. Install Bitwarden for Linux using the Snap Store | Snapcraft — Bitwarden is the easiest and safest way to store all of your logins and passwords while conveniently keeping them synced between all of your devices. bitwarden/cli: The command line vault (Windows, macOS, & Linux). — The Bitwarden CLI is a powerful, full-featured command-line interface (CLI) tool to access and manage a Bitwarden vault. The CLI is written with TypeScript and Node.js and can be run on Windows, macOS, and Linux distributions. bitwarden/mobile: The mobile app vault (iOS and Android). — The Bitwarden mobile application is written in C# with Xamarin Android, Xamarin iOS, and Xamarin Forms. Bitwarden on F-Droid‎Bitwarden Password Manager on the App StoreBitwarden Password Manager - Apps on Google PlayBitwarden—Linux Apps on FlathubImport your data from LastPass | Bitwarden Help & SupportWhy should I trust Bitwarden with my passwords? | Bitwarden Help & SupportWhat are organizations? | Bitwarden Help & Supportdani-garcia/bitwardenrs: Unofficial Bitwarden compatible server written in Rust — This is a Bitwarden server API implementation written in Rust compatible with upstream Bitwarden clients*, perfect for self-hosted deployment where running the official resource-heavy service might not be ideal. Starting a Container · dani-garcia/bitwardenrs WikiManage your passwords with Bitwarden and Podman - Fedora Magazine — You can also sync your passwords across devices if you have a cloud-based password manager like LastPass, 1Password, or Dashlane. Unfortunately, none of these products are open source. Luckily there are open source alternatives available. Installing and deploying | Bitwarden Help & SupportBitwarden Completes Third-party Security Audit - Bitwarden BlogWayland Buddies | LINUX Unplugged 315 : linuxunplugged — A lot of the "Wayland is really smooth" talk really means "Mutter is really smooth", since it's gnome-shell's compositor Mutter that has to implement everything which Xorg used to do. aguinet/usbtop: usbtop is a top-like utility that shows an estimated instantaneous bandwidth on USB buses and devices.

Brent welcomes Alex into the podcast family and discusses his long journey from Apple to Red Hat, and London to Raleigh. Plus some tidbits about the new show he's co-hosting on Jupiter Broadcasting and spending time with the crew.

A new show all about taking control of your data, hosting it your self, and taking advantage of the cloud when it's a good fit. Join Alex and Chris on their journey through hosting all the things, building systems that last, and leverage the cloud smarter than the average bear. Links:Let's Encrypt, Nginx & Reverse Proxy Starter Guide - 2019 EditionTraefik - The Cloud Native Edge RouterDuck DNSIP Chicken - What is my IP address?

We're back and going crazy about Crystal, a statically typed language that's as fast as C and as slick as ruby. Plus an update on Rails 6, Intel's growing adoption of Rust, and the challenge of making breaking changes.Links:Feedback: Academia and Industry — Do either of you have any insights as to how the software development community would view someone with a math PhD, but no industry coding experience as a job applicant? Any advice would be appreciated. Feedback: Absurd Abstractions — FYI about wanting interface in Python: they are called abstract base classes. Check out the standard library module, abc for that and collections.abc some useful predefined container interfaces. Feedback: Breaking Changes — I developed  a niche Python package that has some user following in the network security realm.  I’m at a crossroads though as a change I want to make will subtly break scripts that worked in previous/current versions.  The end result of my pending change  is good for the project but I fear I’ll ruin the workflow of my users.  Other than my github page I don’t know how to query/inform my users of this pending change.  What should I do?Ruby on Rails 6.0 Release Notes — Make Webpacker the default JavaScript compiler for Rails 6Intel and Rust: the Future of Systems Programming: Josh Triplett — Hear about how Intel is working to bring Rust to full parity with C, building the future of systems programming.Altruism Still Fuels the Web. Businesses Love to Exploit It | WIRED — The original well-meaning, geeky architects of the web believed that there was an abundance of altruism in human nature—and they were more correct on this count, it turns out, than many esteemed social philosophers were. But they were too optimistic in overlooking the possibility that corporations would exploit and colonize this new realm. If only we had all seen it coming.The Crystal Programming Language — Crystal is statically type checked, so any type errors will be caught early by the compiler rather than fail on runtime. Moreover, and to keep the language clean, Crystal has built-in type inference, so most type annotations are unneeded.

More tools to keep your Linux box and cloud servers secure this week, OpenPOWER responds to Risc-V competition, and we ponder the year-long open-source supply chain attacks. Plus our reaction to Android dropping dessert names, the Confidential Computing consortium, and more.Links:Today, 28 years ago Linus Torvalds announced Linux on comp.os.minix. — I'm doing a (free) operating system (just a hobby, won't be big and professional like gnu) for 386(486) AT clones. System76 announce new firmware updater — We’ve been working on the Firmware Manager project, which we will be shipping to all Pop!_OS users, and System76 hardware customers on other Debian-based distributions. It supports checking and updating firmware from LVFS and system76-firmware services, is Wayland-compatible, and provides both a GTK application and library.The Next Step in the OpenPOWER Foundation Journey — The OpenPOWER Foundation will now join projects and organizations like OpenBMC, CHIPS Alliance, OpenHPC and so many others within the Linux Foundation. IBM is moving OpenPower Foundation to The Linux FoundationConfidential Computing Consortium — Confidential computing focuses on  securing data in use. Current approaches to securing data often  address data at rest (storage) and in transit (network)but encrypting data in use is  possibly the most challenging step to providing a fully encrypted lifecycle for sensitive data.Confidential Computing Consortium Takes ShapeThe year-long rash of supply chain attacks against open source is getting worse — Backdoors snuck into 12 OSS packages were downloaded hundreds of thousands of times.Android to drop dessert names — So, this next release of Android will simply use the version number and be called Android 10. We think this change helps make release names simpler and more intuitive for our global community. And while there were many tempting “Q” desserts out there, we think that at version 10 and 2.5 billion active devices, it was time to make this change. 

A revealing conversation with Jupiter Broadcasting's designer Mr. Chz Bacon. We discuss his Linux roots, design philosophies, community involvement, and a lot more.

It's CPU release season and we get excited about AMD's new line of server chips. Plus our take on AMD's approach to memory encryption, and our struggle to make sense of Intel's Comet Lake line. Also, a few Windows worms you should know about, the end of the road for EV certs, and an embarrassing new Bluetooth attack.Links:A detailed look at AMD’s new Epyc “Rome” 7nm server CPUs | Ars Technica — The short version of the story is, Epyc "Rome" is to the server what Ryzen 3000 was to the desktop—bringing significantly improved IPC, more cores, and better thermal efficiency than either its current-generation Intel equivalents or its first-generation Epyc predecessors.AMD Rome Second Generation EPYC Review: 2x 64-core Benchmarked — Ever since the Opteron days, AMD's market share has been rounded to zero percent, and with its first generation of EPYC processors using its new Zen microarchitecture, that number skipped up a small handful of points, but everyone has been waiting with bated breath for the second swing at the ball. AMD's Rome platform solves the concerns that first gen Naples had, plus this CPU family is designed to do many things: a new CPU microarchitecture on 7nm, offer up to 64 cores, offer 128 lanes of PCIe 4.0, offer 8 memory channels, and offer a unified memory architecture based on chiplets. AMD EPYC Rome Still Conquering Cascadelake Even Without Mitigations - Phoronix — Out of curiosity, I've run some unmitigated benchmarks for the various relevant CPU speculative execution vulnerabilities on both the Intel Xeon Platinum 8280 Cascadelake and AMD EPYC 7742 Rome processors for seeing how the performance differs.Intel’s line of notebook CPUs gets more confusing with 14nm Comet Lake | Ars Technica — Going by Intel's numbers, Comet Lake looks like a competent upgrade to its predecessor Whiskey Lake. The interesting question—and one largely left unanswered by Intel—is why the company has decided to launch a new line of 14nm notebook CPUs less than a month after launching Ice Lake, its first 10nm notebook CPUs.A look at the Windows 10 exploit Google Zero disclosed this week | Ars Technica — On Tuesday, Tavis Ormandy of Google's Project Zero released an exploit kit called ctftool, which uses and abuses Microsoft's Text Services Framework in ways that can effectively get anyone root—er, system that is—on any unpatched Windows 10 system they're able to log in toPatch new wormable vulnerabilities in Remote Desktop Services (CVE-2019-1181/1182) – Microsoft Security Response Center — Today Microsoft released a set of fixes for Remote Desktop Services that include two critical Remote Code Execution (RCE) vulnerabilities, CVE-2019-1181 and CVE-2019-1182. Like the previously-fixed ‘BlueKeep’ vulnerability (CVE-2019-0708), these two vulnerabilities are also ‘wormable’, meaning that any future malware that exploits these could propagate from vulnerable computer to vulnerable computer without user interaction. KNOB Attack — TL;DR: The specification of Bluetooth includes an encryption key negotiation protocol that allows to negotiate encryption keys with 1 Byte of entropy without protecting the integrity of the negotiation process. A remote attacker can manipulate the entropy negotiation to let any standard compliant Bluetooth device negotiate encryption keys with 1 byte of entropy and then brute force the low entropy keys in real time. Troy Hunt: Extended Validation Certificates are (Really, Really) Dead — With both browsers auto-updating for most people, we're about 10 weeks out from no more EV and the vast majority of web users no longer seeing something they didn't even know was there to begin with! Oh sure, you can still drill down into the certificate and see the entity name, but who's really going to do that? You and I, perhaps, but we're not exactly in the meat of the browser demographics.Google wants to reduce lifespan for HTTPS certificates to one year | ZDNet — Scott Helme argues that the security benefits of shorter SSL certificate lifespans have nothing to do with phishing or malware sites, but instead with the SSL certificate revocation process. Helme claims that this process is broken and that bad SSL certificates continue to live on for years after being mississued and revoked.

What is the enthusiast trap, and why does it seem to ensnare every successful open source project? Also, some excellent listener power user tips for NextCloud. Links:Email: The Enthusiast Trap — I recently heard of a name for the phenomenon that's happening with Manjaro (and many other projects): it's called the enthusiast trap. Email: Nextcloud features to explore — Hey Chris I had some tips for Nextcloud features that I didn't hear mentioned that you would definitely find useful.The Talk Show Live From WWDC 2019, With Craig Federighi and Greg JoswiakWhy Enthusiast Brands will Betray You - YouTubeWhy is Oculus the only one still trying to make VR cheaper? (Oculus Quest and Oculus Rift S) - YouTube

We check out a great tool for learning web development basics, and Distrohoppers brings us mixed experiences. Plus which of the 10 commandments for Linux users we agree with.Links:Ell's Trip to Hacker Summer Camp — The whole Choose Linux crew talk about Ell's recent trip to Black Hat, B-sides, DEF CON, and more at Hacker Summer Camp. PCLinuxOS — PCLinuxOS is a free easy to use Linux-based Operating System for x86_64 desktops or laptops.The 10 commandments for Linux users — Ten commandments for PCLinuxOS users Hugo — With its amazing speed and flexibility, Hugo makes building websites fun again.

Headlines The UNIX Philosophy in 2019 Today, Linux and open source rules the world, and the UNIX philosophy is widely considered compulsory. Organizations are striving to build small, focused applications that work collaboratively in a cloud and microservices environment. We rely on the network, as well as HTTP (text) APIs for storing and referencing data. Moreover, nearly all configuration is stored and communicated using text (e.g. YAML, JSON or XML). And while the UNIX philosophy has changed dramatically over the past 5 decades, it hasn’t strayed too far from Ken Thompson’s original definition in 1973: We write programs that do one thing and do it well We write programs to work together And we write programs that handle text streams, because that is a universal interface Why Use Package Managers? Valuable research is often hindered or outright prevented by the inability to install software. This need not be the case. Since I began supporting research computing in 1999, I’ve frequently seen researchers struggle for days or weeks trying to install a single open source application. In most cases, they ultimately failed. In many cases, they could have easily installed the software in seconds with one simple command, using a package manager such as Debian packages, FreeBSD ports, MacPorts, or Pkgsrc, just to name a few. Developer websites often contain poorly written instructions for doing “caveman installs”; manually downloading, unpacking, patching, and building the software. The same laborious process must often be followed for other software packages on which it depends, which can sometimes number in the dozens. Many researchers are simply unaware that there are easier ways to install the software they need. Caveman installs are a colossal waste of man-hours. If 1000 people around the globe spend an average of 20 hours each trying to install the same program that could have been installed with a package manager (this is not uncommon), then 20,000 man-hours have been lost that could have gone toward science. How many important discoveries are delayed by this? The elite research institutions have ample funding and dozens of IT staff dedicated to research computing. They can churn out publications even if their operation is inefficient. Most institutions, however, have few or no IT staff dedicated to research, and cannot afford to squander precious man-hours on temporary, one-off software installs. The wise approach for those of us in that situation is to collaborate on making software deployment easier for everyone. If we do so, then even the smallest research groups can leverage that work to be more productive and make more frequent contributions to science. Fortunately, the vast majority of open source software installs can be made trivial for anyone to do for themselves. Modern package managers perform all the same steps as a caveman install, but automatically. Package managers also install dependencies for us automatically. News Roundup Touchpad, Interrupted For two years I've been driving myself crazy trying to figure out the source of a driver problem on OpenBSD: interrupts never arrived for certain touchpad devices. A couple weeks ago, I put out a public plea asking for help in case any non-OpenBSD developers recognized the problem, but while debugging an unrelated issue over the weekend, I finally solved it. It's been a long journey and it's a technical tale, but here it is. Porting wine to amd64 on NetBSD, second evaluation report Summary Presently, Wine on amd64 is in test phase. It seems to work fine with caveats like LD_LIBRARY_PATH which has to be set as 32-bit Xorg libs don't have ${PREFIX}/emul/netbsd32/lib in its rpath section. The latter is due to us extracting 32-bit libs from tarballs in lieu of building 32-bit Xorg on amd64. As previously stated, pkgsrc doesn't search for pkgconfig files in ${PREFIX}/emul/netbsd32/lib which might have inadvertent effects that I am unaware of as of now. I shall be working on these issues during the final coding period. I would like to thank @leot, @maya and @christos for saving me from shooting myself in the foot many a time. I, admittedly, have had times when multiple approaches, which all seemed right at that time, perplexed me. I believe those are times when having a mentor counts, and I have been lucky enough to have really good ones. Once again, thanks to Google for this wonderful opportunity. Enhancing Syzkaller Support for NetBSD, Part 2 As a part of Google Summer of Code’19, I am working on improving the support for Syzkaller kernel fuzzer. Syzkaller is an unsupervised coverage-guided kernel fuzzer, that supports a variety of operating systems including NetBSD. This report details the work done during the second coding period. You can also take a look at the first report to learn more about the initial support that we added. : https://blog.netbsd.org/tnf/entry/enhancing_syzkaller_support_for_netbsd July Update: All about the Pinebook Pro "So I said I won’t be talking about the BSDs, but I feel like I should at the very least give you a general overview of the RK3399 *BSD functionality. I’ll make it quick. I’ve spoken to *BSD devs whom worked on the RockPro64 and from what I’ve gathered (despite the different *BSDs having varying degree of support for the RK3399 SOC) many of the core features are already supported, which bodes well for *BSD on the Pro. That said, some of the things you’d require on a functional laptop – such as the LCD (using eDP) for instance – will not work on the Pinebook Pro using *BSD as of today. So clearly a degree of work is yet needed for a BSD to run on the device. However, keep in mind that *BSD developers will be receiving their units soon and by the time you receive yours some basic functionality may be available." Killing a process and all of its descendants Killing processes in a Unix-like system can be trickier than expected. Last week I was debugging an odd issue related to job stopping on Semaphore. More specifically, an issue related to the killing of a running process in a job. Here are the highlights of what I learned: Unix-like operating systems have sophisticated process relationships. Parent-child, process groups, sessions, and session leaders. However, the details are not uniform across operating systems like Linux and macOS. POSIX compliant operating systems support sending signals to process groups with a negative PID number. Sending signals to all processes in a session is not trivial with syscalls. Child processes started with exec inherit their parent signal configuration. If the parent process is ignoring the SIGHUP signal, for example, this configuration is propagated to the children. The answer to the “What happens with orphaned process groups” question is not trivial. Fast Software, the Best Software I love fast software. That is, software speedy both in function and interface. Software with minimal to no lag between wanting to activate or manipulate something and the thing happening. Lightness. Software that’s speedy usually means it’s focused. Like a good tool, it often means that it’s simple, but that’s not necessarily true. Speed in software is probably the most valuable, least valued asset. To me, speedy software is the difference between an application smoothly integrating into your life, and one called upon with great reluctance. Fastness in software is like great margins in a book — makes you smile without necessarily knowing why. But why is slow bad? Fast software is not always good software, but slow software is rarely able to rise to greatness. Fast software gives the user a chance to “meld” with its toolset. That is, not break flow. When the nerds upon Nerd Hill fight to the death over Vi and Emacs, it’s partly because they have such a strong affinity for the flow of the application and its meldiness. They have invested. The Tool Is Good, so they feel. Not breaking flow is an axiom of great tools. A typewriter is an excellent tool because, even though it’s slow in a relative sense, every aspect of the machine itself operates as quickly as the user can move. It is focused. There are no delays when making a new line or slamming a key into the paper. Yes, you have to put a new sheet of paper into the machine at the end of a page, but that action becomes part of the flow of using the machine, and the accumulation of paper a visual indication of work completed. It is not wasted work. There are no fundamental mechanical delays in using the machine. The best software inches ever closer to the physical directness of something like a typewriter. (The machine may break down, of course, ribbons need to be changed — but this is maintenance and separate from the use of the tool. I’d be delighted to “maintain” Photoshop if it would lighten it up.) Beastie Bits Register for vBSDCon 2019, Sept 5-7 in Reston VA Register for EuroBSDCon 2019, Sept 19-22 in Lillehammer, Norway Feedback/Questions Paulo - FreeNAS Question Marc - Changing VT without function keys? Caleb - Patch, update, and upgrade management Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv Your browser does not support the HTML5 video tag.