All Jupiter Broadcasting Shows

We reveal all and look at the mess that is our home directories. How we keep them clean, back them up, and organize our most important files. Plus Gnome lands a long awaited feature, Firefox gets a bit more clever, and the big money being made on Open Source.Special Guests: Alan Pope, Anthony James, Brent Gervais, Daniel Fore, Dustin Krysak, and Martin Wimpress.Links:systemd-nspawn - ArchWiki — systemd-nspawn may be used to run a command or OS in a light-weight namespace container.Transparently running binaries from any architecture in Linux with QEMU and binfmt_miscQemuUserEmulation - Debian Wiki — This page describes how to setup and use QEMU user emulation in a "transparent" fashion, allowing execution of non-native target executables just like native ones.Firefox 67: automatically unload unused tabs to improve memory — If things go as planned, Firefox 67 will introduce a new feature to unload unused tabs to improve memory. The initial bug report dates back eight years but work on the feature began in earnest just a short while ago. Chrome OS 74 dev channel brings Linux app improvements (Crostini) — There’s now support for audio playback when using Linux apps. Up until now if you wanted to use Linux software to watch videos, listen to music, or do anything else that requires sound, you were out of luck.GNOME 3.32 Lands Long-Awaited Fractional Scaling Support — Fractional scaling allows for greater control over the UI scaling than the previous integer based scaling of 2, 3, etc, to instead support fractions like 3/2 (1.5) increase in user-interfaces. Fractional scaling is primarily to improve the user experience with modern HiDPI displays. Systemd-Free Debian "Devuan" Planning Their First Developer Gathering This Spring — Taking place in Amsterdam from 5 to 7 April will be the first Devuan conference for "init freedom lovers".Canonical adds containerd to Ubuntu Kubernetes — Enabling Kubernetes to drive containerd directly reduces the number of moving parts, reduces latency in pod startup times, and improves CPU and memory usage on every node in the cluster.Jupiter Broadcasting MeetupsUbuntu Podcast Listener Get Together — We're having a Get Together in Reading, UK on Saturday March 16th. We'll meet at Breddog in Reading!Dotfile madness — To those of you reading this: I beg you. Avoid creating files or directories of any kind in your user's $HOME directory in order to store your configuration or data. This practice is bizarre at best and it is time to end it. I am sorry to say that many (if not most) programs are guilty of doing this while there are significantly better places that can be used for storing per-user program data.More home directory pollution — I looked in my home directory and now see (in addition to 26 dot-files) directories named go, snap and systems.Steve Reaver on Twitter — There is so much junk in my home dir I had to ls it in column format. I've just about given up using ~ because of all the crap that application put in there!“Please move the “$HOME/snap” directory to a less o...” : Ubuntu Bug #1575053 Why do hidden files in Unix begin with a dot? — The answer is very simple, because it's extremely easy to test if a file is hidden or not by simply testing the first character of the filename.Yet Another Dotfiles Manager — When you live in a command line, configurations are a deeply personal thing. They are often crafted over years of experience, battles lost, lessons learned, advice followed, and ingenuity rewarded. When you are away from your own configurations, you are an orphaned refugee in unfamiliar and hostile surroundings. You feel clumsy and out of sorts. You are filled with a sense of longing to be back in a place you know. A place you built. A place where all the short-cuts have been worn bare by your own travels. A place you proudly call… $HOME.Lyft to spend $300 million on Amazon Web Services by 2022 — Notably, Lyft said that if its usage of Amazon's cloud doesn't hit or exceed that $300 million threshold, it'll have to pay the difference. Lyft committed to spending at least $80 million in each of the three years of the deal, with the stipulation that it will spend $300 million in aggregate overallMongoDB shares plunge on concerns that Lyft is moving to AWSFlowblade — Flowblade is a multitrack non-linear video editor released under GPL3 license. From beginners to masters, Flowblade helps make your vision a reality of image and sound. Shotcut — Shotcut is a free, open source, cross-platform video editor for Windows, Mac and Linux. Major features include support for a wide range of formats; no import required meaning native timeline editing; Blackmagic Design support for input and preview monitoring; and resolution support to 4k.

Mike breaks down what it takes to build a proper iOS build server, and leaves the familiar shallows of Debian for the open waters of openSUSE. Plus Wes’ reluctant ruby adventures and our pick to ease your javascript packaging woes.Special Guest: Wes Payne.Links:rbenv: Groom your app’s Ruby environment — Use rbenv to pick a Ruby version for your application and guarantee that your development environment matches production. Put rbenv to work with Bundler for painless Ruby upgrades and bulletproof deployments. Serverless Feedback from TomEnom — One thing you left out of your definition of serverless (IMO) that I find important is that it scales to zero. So if your lambda/function is not being used it incurs zero cost. I guess you could say that that is where serverless becomes literal.Install openSUSE on Digital Ocean — Unfortunately, Digital does not at present have an option for an openSUSE image. That doesn’t mean that you can’t use openSUSE on Digital Ocean, but it is going to be a little more work than most common Linux distributions.What is Pika? — Pika's mission is to make modern JavaScript more accessible by making it easier to find, publish, install, and use modern packages on npm. Introducing: pika/pack — If you’ve recently published a package to npm, you know how much work goes into a modern build process. Transpile JavaScript, compile TypeScript, convert ES Module syntax (ESM) to Common.js, configure your package.json manifest… and that’s just the basics.Implications of Rewriting a Browser Component in Rust - Mozilla HacksRust use case study in npm [pdf] — The npm Registry uses Rust for its CPU-bound bottlenecks.

We sift Mobile World Congress to find just the best and most relevant stories, and discuss the Thunderclap vulnerability. Plus we say goodbye to Koroa, find a reason to checkout GRUB nightlies, and how Android aims to kill passwords for good.Links:LineageOS 16.0 released — We feel that the 16.0 branch has reached feature parity with 15.1 and is ready for initial release. With 16.0 being the most recent and most actively-developed branch, on March 1st, 2019 it will begin receiving builds nightly and 15.1 will be moved to weekly builds.XDA Coverage of LineageOS 16.0KaiOS now with 85M feature phones shipped — With 85 million phones now shipped in more than 100 markets with handset brands like Nokia and India’s Jio, KaiOS now has an expanded partnership to put more GoogleKaiOS is doing well in US tooRISC-V Support Added To The GRUB Bootloader — As working towards this year's GRUB 2.04 update, we've known they have been on the finishing stretch for merging RISC-V support and as of this morning that milestone has been crossed. RISC-V Support in the FreeRTOS KernelBringing energy efficiency to IoT architectureThe Challenge Of RISC-V ComplianceThunderclap and Linux — The authors built a "fake" network card2 and performed various DMA attacks and were able to temper with memory regions that their network card should have no access to whatsoever.[announce] Struck by a Thunderbolt [official site] ThunderclapRIP Korora — "Our @kororaproject website has been redirected to @fedora as we do not have any new releases coming. Thank you for your support over the last 13 odd years."We saw this coming

How to deal with Internet drama in the Linux world, the rise of live streaming, and disturbing people with messages and calls. Plus preparing for end times, and the best moment of Joe's life. 00:00:25 #AskError: What's your biggest claim to fame? 00:03:47 Internet drama and Linux 00:15:31 #AskError: If you send someone a message and it disturbs them, whose fault is it? 00:22:46 On demand vs live streaming 00:32:25 #AskError: Should you prepare for the apocalypse?

We reveal the shady password practices that are all too common at many utility providers, and hash out why salts are essential to proper password storage. Plus the benefits of passphrases, and what you can do to keep your local providers on the up and up.Links:Plain wrong: Millions of utility customers’ passwords stored in plain text | Ars Technica — In September of 2018, an anonymous independent security researcher (who we'll call X) noticed that their power company's website was offering to email—not reset!—lost account passwords to forgetful users. Startled, X fed the online form the utility account number and the last four phone number digits it was asking for. Sure enough, a few minutes later the account password, in plain text, was sitting in X's inbox.The LinkedIn Hack: Understanding Why It Was So Easy to Crack the Passwords | — LinkedIn stated that after the initial 2012 breach, they added enhanced protection, most likely adding the “salt” functionality to their passwords. However, if you have not changed your password since 2012, you do not have the added protection of a salted password hash. You may be asking yourself–what on earth are hashing and salting and how does this all work?How Developers got Password Security so Wrong — As time has gone on; developers have continued to store passwords insecurely, and users have continued to set them weakly. Despite this, no viable alternative has been created for password security.Adding Salt to Hashing: A Better Way to Store Passwords — A salt is added to the hashing process to force their uniqueness, increase their complexity without increasing user requirements, and to mitigate password attacks like rainbow tables. Why Do Developers Get Password Storage Wrong? A Qualitative Usability Study — We were interested in exploring two particular aspects: Firstly, do developers get things wrong because they do not think about security and thus do not include security features (but could if they wanted to)? Or do they write insecure code because the complexity of the task is too great for them? Secondly, a common suggestion to increase security is to offer secure defaults.OWASP Password Storage Cheatsheet — This article provides guidance on properly storing passwords, secret question responses, and similar credential information.Secure Salted Password Hashing - How to do it Properly — If you're a web developer, you've probably had to make a user account system. The most important aspect of a user account system is how user passwords are protected. User account databases are hacked frequently, so you absolutely must do something to protect your users' passwords if your website is ever breached. The best way to protect passwords is to employ salted password hashing. This page will explain why it's done the way it is.Plain Text Offenders — We’re tired of websites abusing our trust and storing our passwords in plain text, exposing us to danger. Here we put websites we believe to be practicing this to shame.Cybersecurity 101: Why you need to use a password manager | TechCrunch — Think of a password manager like a book of your passwords, locked by a master key that only you know.On the Security of Password Managers - Schneier on Security — There's new research on the security of password managers, specifically 1Password, Dashlane, KeePass, and Lastpass. This work specifically looks at password leakage on the host computer. That is, does the password manager accidentally leave plaintext copies of the password lying around memory?LinuxFest Northwest 2019 — It's the 20th anniversary of LinuxFest Northwest! Come join your favorite Jupiter Broadcasting hosts at the Pacific Northwest's premier Linux event.SCALE 17x — The 17th annual Southern California Linux Expo – will take place on March. 7-10, 2019, at the Pasadena Convention Center. SCaLE 17x expects to host 150 exhibitors this year, along with nearly 130 sessions, tutorials and special events.Jupiter Broadcasting Meetups — The best place to find out when Jupiter Broadcasting has a meetup near you! Also stay tuned for upcoming virtual study groups.

Design and Implementation of NetBSD’s rc.d system, first impressions of Project Trident 18.12, PXE booting a FreeBSD disk image, middle mouse button pasting, NetBSD gains hardware accelerated virtualization, and more. ##Headlines ###The Design and Implementation of the NetBSD rc.d system Abstract In this paper I cover the design and implementation of the rc.d system start-up mechanism in NetBSD 1.5, which replaced the monolithic /etc/rc start-up file inherited from 4.4BSD. Topics covered include a history of various UNIX start-up mechanisms (including NetBSD prior to 1.5), design considerations that evolved over six years of discussions, implementation details, an examination of the human issues that occurred during the design and implementation, as well as future directions for the system. Introduction NetBSD recently converted from the traditional 4.4BSD monolithic /etc/rc start-up script to an /etc/rc.d mechanism, where there is a separate script to manage each service or daemon, and these scripts are executed in a specific order at system boot. This paper covers the motivation, design and implementation of the rc.d system; from the history of what NetBSD had before to the system that NetBSD 1.5 shipped with in December 2000, as well as future directions. The changes were contentious and generated some of the liveliest discussions about any feature change ever made in NetBSD. Parts of those discussions will be covered to provide insight into some of the design and implementation decisions. History There is great diversity in the system start-up mechanisms used by various UNIX variants. A few of the more pertinent schemes are detailed below. As NetBSD is derived from 4.4BSD, it follows that a description of the latter’s method is relevant. Solaris’ start-up method is also detailed, as it is the most common System V UNIX variant. ###First impressions of Project Trident 18.12 Project Trident (hereafter referred to as Trident) is a desktop operating system based on TrueOS. Trident takes the rolling base platform of TrueOS, which is in turn based on FreeBSD’s development branch, and combines it with the Lumina desktop environment. +Installing The debut release of Trident is available as a 4.1GB download that can be burned to a disc or transferred to a USB thumb drive. Booting from the Trident media brings up a graphical interface and automatically launches the project’s system installer. Down the left side of the display there are buttons we can click to show hardware information and configuration options. These buttons let us know if our wireless card and video card are compatible with Trident and give us a chance to change our preferred language and keyboard layout. At the bottom of the screen we find buttons that will open a terminal or shutdown the computer. Early impressions Trident boots to a graphical login screen where we can sign into the Lumina desktop or a minimal Fluxbox session. Lumina, by default, uses Fluxbox as its window manager. The Lumina desktop places its panel along the bottom of the screen and an application menu sits in the bottom-left corner. On the desktop we find icons for opening the software manager, launching the Falkon web browser, running the VLC media player, opening the Control Panel and adjusting the Lumina theme. The application menu has an unusual and compact layout. The menu shows just a search box and buttons for browsing applications, opening a file manager, accessing desktop settings and signing out. To see what applications are available we can click the Browse Applications entry, which opens a window in the menu where we can scroll through installed programs. This is a bit awkward since the display window is small and only shows a few items at a time. Early on I found it is possible to swap out the default “Start menu” with an alternative “Application menu” through the Panels configuration tool. This alternative menu offers a classic tree-style application menu. I found the latter menu easier to navigate as it expands to show all the applications in a selected category. Conclusions I have a lot of mixed feelings and impressions when it comes to Trident. On the one hand, the operating system has some great technology under the hook. It has cutting edge packages from the FreeBSD ecosystem, we have easy access to ZFS, boot environments, and lots of open source packages. Hardware support, at least on my physical workstation, was solid and the Lumina desktop is flexible. ##News Roundup ###PXE booting of a FreeBSD disk image I had to set up a regression and network performance lab. This lab will be managed by a Jenkins, but the first step is to understand how to boot a FreeBSD disk by PXE. This article explains a simple way of doing it. For information, all these steps were done using 2 PC Engines APU2 (upgraded with latest BIOS for iPXE support), so it’s a headless (serial port only, this can be IPMI SoL with different hardware) . THE BIG PICTURE Before explaining all steps and command line, here is the full big picture of the final process. ###Why I like middle mouse button paste in xterm so much In my entry about how touchpads are not mice, I mused that one of the things I should do on my laptop was insure that I had a keyboard binding for paste, since middle mouse button is one of the harder multi-finger gestures to land on a touchpad. Kurt Mosiejczuk recently left a comment there where they said: Shift-Insert is a keyboard equivalent for paste that is in default xterm (at least OpenBSD xterm, and putty on Windows too). I use that most of the time now as it seems less… trigger-happy than right click paste. This sparked some thoughts, because I can’t imagine giving up middle mouse paste if I have a real choice. I had earlier seen shift-insert mentioned in other commentary on my entry and so have tried a bit to use it on my laptop, and it hasn’t really felt great even there; on my desktops, it’s even less appealing (I tried shift-insert out there to confirm that it did work in my set of wacky X resources). In thinking about why this is, I came to the obvious realization about why all of this is so. I like middle mouse button paste in normal usage because it’s so convenient, because almost all of the time my hand is already on the mouse. And the reason my hand is already on the mouse is because I’ve just used the mouse to shift focus to the window I want to paste into. Even on my laptop, my right hand is usually away from the keyboard as I move the mouse pointer on the touchpad, making shift-Insert at least somewhat awkward. ###NetBSD Gains Hardware Accelerated Virtualization NetBSD Virtual Machine Monitor NVMM provides hardware-accelerated virtualization support for NetBSD. It is made of an ~MI frontend, to which MD backends can be plugged. A virtualization API is shipped via libnvmm, that allows to easily create and manage virtual machines via NVMM. Two additional components are shipped as demonstrators, toyvirt and smallkern: the former is a toy virtualizer, that executes in a VM the 64bit ELF binary given as argument, the latter is an example of such binary. ##Beastie Bits SoloBSD 19.02-STABLE Project Trident 18.12-U5 available “Sudo Mastery, Second Edition” and Cover Art MKSANITIZER - bug detector software integration with the NetBSD userland Darn kids nowadays… back in my day we drew rude symbols like normal people. {{top two comments}} ShellCheck finds bugs in your shell scripts. Old School Sean - A history of UNIX ##Feedback/Questions Ales - OpenBSD, FreeNAS, OpenZFS questions Malcolm - Thoughts on Pgsql + ZFS thread? Brad - Boot Environments in FreeBSD Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv Your browser does not support the HTML5 video tag.

We head to the Raspberry Pi corner and pick the very best open source home automation system. Plus some great news for Gnome users, OBS studio has a new funding model, and a nostalgic chat with our study buddy Kenny.Special Guests: Alex Kretzschmar, Brent Gervais, and Martin Wimpress.Links:More GNOME Shell / Mutter Performance Optimizations & Latency Reductions Still Coming - Phoronix — Specifically on the Ubuntu front, Daniel has released a fix for Ubuntu 19.04 Disco and Ubuntu 18.04 Bionic to deal with 144/120Hz displays where GNOME's Mutter caps the rendering to 60 FPS. The fix for Ubuntu 18.10 is still being in the process of SRU'ed. OBS Studio 23.0 Released With VA-API Video Encoding, New Audio Filters - Phoronix — OBS Studio 23.0 also has several new audio filters, batch remuxing support, multi-track audio support to FFmpeg output, and a variety of other alterations. Open Broadcaster Software | New Ways to Support OBS Development — It’s amazing to think that the first version of OBS was publicly released over six years ago. What started out as a small side project by Hugh “Jim” Bailey to make a free and open source program to stream StarCraft 2 has grown into a powerful force in the streaming and video production industry. Hundreds of thousands of people use OBS Studio every day not just for video gaming, but also for broadcasting everything from conferences to sports competitions to school announcements. It’s a tool that can be used freely by anyone, from large studios with big budget productions to individuals who just want to engage with a community online.Available Now: New GeForce-Optimized OBS — We have collaborated with OBS, the industry-leading streaming application, to help them release a new version with improved support for NVIDIA GPUs. The new OBS Studio, version 23.0, reduces the FPS impact of streaming by up to 66% compared to the previous version, meaning higher FPS for your games.Jupiter Broadcasting MeetupWhat’s Free at Linux Academy — March 2019 - Linux Academy Blog — Each month, we will kick off our community content with a live study group, allowing members of the Linux Academy community to come together and share their insights in order to learn from one another.LiNUX Courses - Linux Operating System Fundamentals — Kenny first encountered Solaris UNIX while I was in the military, and found out about Linux through the grapevine. He has worked with Linux in local government, fortune 500 companies, educational institutions, and by providing training. I have received Linux certifications from LPI, CompTIA, and Red Hat. Kenny has been working with Linux for nearly two decades and is passionate about sharing his knowledge with others about the system, and strives to learn more about the operating system every day.Raspberry Pi Updates Devices to Linux 4.19Martin Wimpress on Twitter — This week I am working on @ubuntumate 18.04.2 images for the @RaspberryPi models 2 and 3/3+ Nothing exciting to report just yet, build system is configured and the root file system is being generated. Next up is adding the kernel and boot loader.Python Wheels for the Raspberry Pi — piwheels is a Python package repository providing Arm platform wheels (pre-compiled binary Python packages) specifically for the Raspberry Pi, making pip installations much faster. StableReleaseUpdates - Ubuntu Wiki — Once an Ubuntu release has been completed and published, updates for it are only released under certain circumstances, and must follow a special procedure called a "stable release update" or SRU. OpenHab vs Home Assistant vs Domoticz - Best Open Source Home AutomationAwesome Home Assistant — Awesome Home Assistant is a curated list of awesome Home Assistant resources. Home Assistant — Open source home automation that puts local control and privacy first. Powered by a worldwide community of tinkerers and DIY enthusiasts. Perfect to run on a Raspberry Pi or a local server. openHAB — a vendor and technology agnostic open source automation software for your home.Domoticz — Domoticz is a Home Automation system design to control various devices and receive input from various sensors. IronicBadger: Home Assistant configuration files — This repository contains all configuration used to configure my home automation setup using Home Assistant. This is a living and breathing repository and as such is subject to change.Linux Action Show special about Home Assistant — Our founder Paulus Schoutsen is interviewed by Chris Fisher for a Linux Action Show special about home automation, Hass.io and the new Home Assistant podcast.smacke/subsync: Automagically synchronize subtitles with video.Podcast Generator — Podcast Generator is an open source Content Management System written in PHP and specifically designed for podcast publishing. It provides the user with the tools to easily manage all of the aspects related to the publication of a podcast, from the upload of episodes to its submission to the iTunes store.

The three of us debate when to go full serverless, and if ditching servers is worth the cost. Plus the battle against the Cult of Swift gains new allies.Special Guest: Wes Payne.Links:Marco Arment on Twitter — Add up all of the time you’ve spent learning Swift from scratch, accommodating its strictness, fighting its buggy tools, migrating your code through language changes, and re-learning APIs and conventions as they’ve changed over the last 5 years. I’ve spent zero time doing that.A Swift Takes Flight on Windows — I have finally managed to get the compiler, the support libraries, the runtime, standard library, libdispatch, and now, Foundation to build and run on Windows! Apple Plans to Close Stores in Eastern District of Texas in Fight Against Patent Trolls — To continue to serve the region, Apple plans to open a new store at the Galleria Dallas shopping mall in Dallas, just outside the Eastern District of Texas border.Linux Academy - Full Stack Ruby on Rails Developer (Remote) — Your primary focus will be development of all server-side logic, definition and maintenance of the central database, and ensuring high performance and responsiveness to requests from the front-end. What is Serverless? — Serverless computing (or serverless for short), is an execution model where the cloud provider (AWS, Azure, or Google Cloud) is responsible for executing a piece of code by dynamically allocating the resources. Serverless Architectures - Martin Fowler — Serverless architectures are application designs that incorporate third-party “Backend as a Service” (BaaS) services, and/or that include custom code run in managed, ephemeral containers on a “Functions as a Service” (FaaS) platform.Serverless Architectures at AWS — A serverless architecture is a way to build and run applications and services without having to manage infrastructure.

Linus pops another hype bubble, we go hands on with the new OnionShare, and some insights into Redis labs changing its license... Again. And why KDE joining the Matrix, along with others might be establishing a new open source standard.Links:KDE is adding Matrix to its instant messaging infrastructure — KDE is adopting non-proprietary and decentralized instant messaging services and is now running its own community-managed instance of Matrix.Matrix the basis for France’s Secure Instant Messenger appInterview with Matthew Hodgson: Matrix in the French StateNew Release: OnionShare 2 — OnionShare is an open source tool for securely and anonymously sending and receiving files using Tor onion services. Redis Labs changes its open-source license — again — “Some cloud providers have repeatedly taken advantage of successful opensource projects, without significant contributions to their communities.”Arm unveils new Neoverse chips for data centers — Arm claims that the design provides as much as 2.5 times more processing power for certain server workloads than the previous Cortex-A72 architecture.GCC 9 Compiler Support For The Arm Neoverse N1 + E1 Linus' doubtsIntel Confirms Apple Macs Will Switch to Arm CPUs by 2020, Says ReportWine Developers Release Hangover Alpha — Hangover 0.4 is the first (alpha) release from this project for running x86/x86_64 Windows programs now on 64-bit ARM Linux distributions. Linux Academy - Full Stack Ruby on Rails Developer (Remote)

Adding glue to a desktop environment, flashing the BIOS on a PC Engine, revive a Cisco IDS into a capable OpenBSD computer, An OpenBSD WindowMaker desktop, RealTime data compression, the love for pipes, and more. ##Headlines ###Adding Glue To a Desktop Environment In this article we will put some light on a lot of tools used in the world of Unix desktop environment customization, particularly regarding wmctrl, wmutils, xev, xtruss, xwininfo, xprop, xdotools, xdo, sxhkd, xbindkeys, speckeysd, xchainkeys, alttab, triggerhappy, gTile, gidmgr, keynav, and more. If those don’t make sense then this article will help. Let’s hope this can open your mind to new possibilities. With that in mind we can wonder if what’s actually needed from a window manager, presentation and operation, can be split up and complemented with other tools. We can also start thinking laterally, the communication and interaction between the different components of the environment. We have the freedom to do so because the X protocol is transparent and components usually implement many standards for interfacing between windows. It’s like gluing parts together to create a desktop environment. The tools we’ll talk about fall into one of those categories: Debugging Window manipulation Simulation of interaction Extended manipulation Hotkey daemon Layout manager ###Flashing the BIOS on the PC Engines APU4c4 I absolutely love the PC Engines APU devices. I use them for testing HardenedBSD experimental features in more constrained 64-bit environments and firewalls. Their USB and mSATA ports have a few quirks, and I bumped up against a major quirk that required flashing a different BIOS as a workaround. This article details the hacky way in which I went about doing that. What prompted this article is that something in either the CAM or GEOM layer in FreeBSD 11.2 caused the mSATA to hang, preventing file writes. OPNsense 18.7 uses FreeBSD 11.1 whereas the recently-released OPNsense 19.1 uses HardenedBSD 11.2 (based on FreeBSD 11.2). I reached out to PC Engines directly, and they let me know that the issue is a known BIOS issue. Flashing the “legacy” BIOS series would provide me with a working system. It also just so happens that a new “legacy” BIOS version was just released which turns on ECC mode for the RAM. So, I get a working OPNsense install AND ECC RAM! I’ll have one bird for dinner, the other for dessert. Though I’m using an APU4, these instructions should work for the other APU devices. The BIOS ROM download URLs should be changed to reflect the device you’re targeting along with the BIOS version you wish to deploy. SPECIAL NOTE: There be dragons! I’m primarily writing this article to document the procedure for my own purposes. My memory tends to be pretty faulty these days. So, if something goes wrong, please do not hold me responsible. You’re the one at the keyboard. ;) VERY SPECIAL NOTE: We’ll use the mSATA drive for swap space, just in case. Should the swap space be used, it will destroy whatever is on the disk. ##News Roundup ###Revive a Cisco IDS into a capable OpenBSD computer! Even though Cisco equipment is very capable, it tends to become End-of-Life before you can say “planned obsolescence”. Websites become bigger, bandwidths increase, and as a side effect of those “improvements”, routers, firewalls, and in this case, intrusion prevention systems get old quicker and quicker. Apparently, this was also the case for the Cisco IDS-4215 Intrusion Detection Sensor that I was given a few months ago. I’m not too proud to admit that at first, I didn’t care about the machine itself, but rather about the add-on PCI network card with 4 Fast Ethernet interfaces. The sensor has obviously seen better days, as it had a broken front panel and needed some cleaning, but upon a closer inspection under the hood (which is held closed by the 4 screws on top), this IDS consists of an embedded Celeron PC with two onboard Ethernet cards, a 2.5″ IDE hard disk, a CF card, and 2 PCI expansion slots (more on them later). Oh, and don’t forget the nasty server-grade fan, which pushed very little air for the noise it was making. ###An OpenBSD desktop using WindowMaker Since I started using *N?X, I’ve regularly used WindowMaker. I’ve always liked the look and feel, the dock system and the dockapps. It may look a bit oldish nowadays. And that’s enough to try to change this. So here it is, a 2019 flavored WindowMaker Desktop, running on OpenBSD 6.4/amd64. This configuration uses the Nord color-scheme, the Adapta-Nokto-Eta GTK theme and the Moblin Unofficial Icons icon set. I did remove applications icons. I just don’t need them on the bottom of the screen as I heavily use “F11” to pop-up the windows list. To be able to do that and keep the dockapps, I tweaked my ~/GNUstep/Defaults/WMWindowAttributes and created a ~/GNUstep/Library/WindowMaker/Themes/Nord.themed/style. And here it is, the NeXT OpenBSD Desktop! ###RealTime Data Compression In a previous episode, we’ve seen that it is possible to create opaque types. However, creation and destruction of such type must be delegated to some dedicated functions, which themselves rely on dynamic allocation mechanisms. Sometimes, it can be convenient to bypass the heap, and all its malloc() / free() shenanigans. Pushing a structure onto the stack, or within thread-local storage, are natural capabilities offered by a normal struct. It can be desirable at times. The previously described opaque type is so secret that it has no size, hence is not suitable for such scenario. Fortunately, static opaque types are possible. The main idea is to create a “shell type”, with a known size and an alignment, able to host the target (private) structure. For safer maintenance, the shell type and the target structure must be kept in sync, by using typically a static assert. It will ensure that the shell type is always large enough to host the target structure. This check is important to automatically detect future evolution of the target structure. ###For the Love of Pipes My top used shell command is |. This is called a pipe. In brief, the | allows for the output of one program (on the left) to become the input of another program (on the right). It is a way of connecting two commands together. According to doc.cat-v.org/unix/pipes/, the origin of pipes came long before Unix. Pipes can be traced back to this note from Doug McIlroy in 1964 ##Beastie Bits Installation Notes for NetBSD/i386 0.9 Porting Zig to NetBSD - a fun, speedy port NNN - Tiny, lightning fast, feature-packed file manager Release v2.3 eta - A tool for monitoring progress and ETA of an arbitrary process A FreeBSD User Tries Out…NetBSD 8.0 Faster vlan(4) forwarding? FuguIta - OpenBSD 6.4 Live System Adding Name-based hosting To Nginx on OpenBSD with Acme-Client HOWTO set up QEMU with HAXM acceleration on NetBSD README: gcc 7 switch coming to a port near you! ##BUG Calendar ChiBUG, Chicago, USA: Tuesday, February 26th 18:00 at the Oak Park Library CharmBUG, Baltimore, USA: Wednesday, February 27, 2019 19:30 at Columbia Ale House NYC*BUG, New York, USA: Wednesday, March 6, 2019 18:45 at Suspenders KnoxBUG, Knoxville, USA: Monday, February 25, 2019 - 18:00 at iX Systems offices BSDPL, Warsaw, Poland: February 28, 2019 18:15 - 21:00 at Wheel Systems Office ##Feedback/Questions Sam - Customizing OpenBSD ports source code Frank - Rivalry Linux & BSD Zach - mysql/mariadb tuning Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv