{"version":"https://jsonfeed.org/version/1","title":"TechSNAP","home_page_url":"https://techsnap.systems","feed_url":"https://techsnap.systems/json","description":"Systems, Network, and Administration Podcast. Every two weeks TechSNAP covers the stories that impact those of us in the tech industry, and all of us that follow it. Every episode we dedicate a portion of the show to answer audience questions, discuss best practices, and solving your problems.","_fireside":{"subtitle":"Systems, Network, and Administration Podcast. ","pubdate":"2020-05-29T00:15:00.000-07:00","explicit":false,"copyright":"2025 by Jupiter Broadcasting","owner":"Jupiter Broadcasting","image":"https://media24.fireside.fm/file/fireside-images-2024/podcasts/images/9/95197d05-40d6-4e68-8e0b-2f586ce8dc55/cover.jpg?v=4"},"items":[{"id":"697f849c-00de-4c27-9231-6c039bb93a67","title":"430: All Good Things","url":"https://techsnap.systems/430","content_text":"It's a storage showdown as Jim and Wes bust some performance myths about RAID and ZFS.\n\nPlus our favorite features from Fedora 32, and why Wes loves DNF.Links:What's new in Fedora 32 Workstation\nFedora 32 ChangeSet\nLinux distro review: Fedora Workstation 32\nTechSNAP 428: RAID Reality Check\nZFS versus RAID: Eight Ironwolf disks, two filesystems, one winner\nUnderstanding RAID: How performance scales from one disk to eight\nFind Jim on 2.5 AdminsFind Wes on LINUX UnpluggedTechSNAP 1: First episode of TechSNAP (in 2011!)\nTechSNAP 300: End of the Allan and Chris era (2017)\nTechSNAP 301: Enter Dan and Wes \nTechSNAP 347: A Farewell to Dan\nTechSNAP 348: Chris is back!\nTechSNAP 389: Jim's first time as a guest\nTechSNAP 390: Jim's second guest appearance\nTechSNAP 393: Chris says goodbye\nTechSNAP 395: Jim joins the show\n","content_html":"\u003cp\u003eIt\u0026#39;s a storage showdown as Jim and Wes bust some performance myths about RAID and ZFS.\u003c/p\u003e\n\n\u003cp\u003ePlus our favorite features from Fedora 32, and why Wes loves DNF.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"What\u0026#39;s new in Fedora 32 Workstation\" rel=\"nofollow\" href=\"https://fedoramagazine.org/whats-new-fedora-32-workstation/\"\u003eWhat\u0026#39;s new in Fedora 32 Workstation\u003c/a\u003e\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"Fedora 32 ChangeSet\" rel=\"nofollow\" href=\"https://fedoraproject.org/wiki/Releases/32/ChangeSet\"\u003eFedora 32 ChangeSet\u003c/a\u003e\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"Linux distro review: Fedora Workstation 32\" rel=\"nofollow\" href=\"https://arstechnica.com/gadgets/2020/05/linux-distro-review-fedora-workstation-32/\"\u003eLinux distro review: Fedora Workstation 32\u003c/a\u003e\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"TechSNAP 428: RAID Reality Check\" rel=\"nofollow\" href=\"https://techsnap.systems/428\"\u003eTechSNAP 428: RAID Reality Check\u003c/a\u003e\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"ZFS versus RAID: Eight Ironwolf disks, two filesystems, one winner\" rel=\"nofollow\" href=\"https://arstechnica.com/gadgets/2020/05/zfs-versus-raid-eight-ironwolf-disks-two-filesystems-one-winner/\"\u003eZFS versus RAID: Eight Ironwolf disks, two filesystems, one winner\u003c/a\u003e\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"Understanding RAID: How performance scales from one disk to eight\" rel=\"nofollow\" href=\"https://arstechnica.com/information-technology/2020/04/understanding-raid-how-performance-scales-from-one-disk-to-eight/\"\u003eUnderstanding RAID: How performance scales from one disk to eight\u003c/a\u003e\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"Find Jim on 2.5 Admins\" rel=\"nofollow\" href=\"https://2.5admins.com/\"\u003eFind Jim on 2.5 Admins\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Find Wes on LINUX Unplugged\" rel=\"nofollow\" href=\"https://linuxunplugged.com/\"\u003eFind Wes on LINUX Unplugged\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"TechSNAP 1: First episode of TechSNAP (in 2011!)\" rel=\"nofollow\" href=\"https://www.youtube.com/watch?v=n7La9Z-XrCE\"\u003eTechSNAP 1: First episode of TechSNAP (in 2011!)\u003c/a\u003e\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"TechSNAP 300: End of the Allan and Chris era (2017)\" rel=\"nofollow\" href=\"https://www.jupiterbroadcasting.com/106026/2089-days-uptime-techsnap-300/\"\u003eTechSNAP 300: End of the Allan and Chris era (2017)\u003c/a\u003e\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"TechSNAP 301: Enter Dan and Wes \" rel=\"nofollow\" href=\"https://www.jupiterbroadcasting.com/106086/the-next-generation-techsnap-301/\"\u003eTechSNAP 301: Enter Dan and Wes \u003c/a\u003e\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"TechSNAP 347: A Farewell to Dan\" rel=\"nofollow\" href=\"https://www.jupiterbroadcasting.com/120317/a-farewell-to-dan-techsnap-347/\"\u003eTechSNAP 347: A Farewell to Dan\u003c/a\u003e\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"TechSNAP 348: Chris is back!\" rel=\"nofollow\" href=\"https://www.jupiterbroadcasting.com/120687/server-neglect-techsnap-348/\"\u003eTechSNAP 348: Chris is back!\u003c/a\u003e\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"TechSNAP 389: Jim\u0026#39;s first time as a guest\" rel=\"nofollow\" href=\"https://www.jupiterbroadcasting.com/128101/the-future-of-http-techsnap-389/\"\u003eTechSNAP 389: Jim\u0026#39;s first time as a guest\u003c/a\u003e\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"TechSNAP 390: Jim\u0026#39;s second guest appearance\" rel=\"nofollow\" href=\"https://techsnap.systems/390\"\u003eTechSNAP 390: Jim\u0026#39;s second guest appearance\u003c/a\u003e\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"TechSNAP 393: Chris says goodbye\" rel=\"nofollow\" href=\"https://www.jupiterbroadcasting.com/128656/back-to-our-roots-techsnap-393/\"\u003eTechSNAP 393: Chris says goodbye\u003c/a\u003e\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"TechSNAP 395: Jim joins the show\" rel=\"nofollow\" href=\"https://www.jupiterbroadcasting.com/128941/the-acme-era-techsnap-395/\"\u003eTechSNAP 395: Jim joins the show\u003c/a\u003e\n\u003c/li\u003e\u003c/ul\u003e","summary":"It's a storage showdown as Jim and Wes bust some performance myths about RAID and ZFS.","date_published":"2020-05-29T00:15:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/697f849c-00de-4c27-9231-6c039bb93a67.mp3","mime_type":"audio/mp3","size_in_bytes":37553551,"duration_in_seconds":3129}]},{"id":"a30bad27-ffe4-4dd7-a499-0117167b9f4e","title":"429: Curious About Caddy","url":"https://techsnap.systems/429","content_text":"Jim and Wes take the latest release of the Caddy web server for a spin, investigate Intel's Comet Lake desktop CPUs, and explore the fight over 5G between the US Military and the FCC.Links:Caddy offers TLS, HTTPS, and more in one dependency-free Go Web server\r\nCaddy 2\nCaddy v2 Improvements [slightly out of date]Proposal: Permanently change all proprietary licensing to open source · Issue #2786 · caddyserver/caddy\nRevert \"Implement Caddy-Sponsors HTTP response header\" by lol768 · Pull Request #1866 · caddyserver/caddy\nIntel’s 10th generation desktop CPUs have arrived—still on 14nm\r\nIntel Comet Lake 10th Gen CPU release date, specs, price, and performance\n10th Gen Intel® Core™ Desktop Processors\nUS military is furious at FCC over 5G plan that could interfere with GPS\r\nThe Pentagon's fight to kill Ligado's 5G network\nFCC Approves Ligado L-Band Application to Facilitate 5G \u0026amp; IoT\n","content_html":"\u003cp\u003eJim and Wes take the latest release of the Caddy web server for a spin, investigate Intel\u0026#39;s Comet Lake desktop CPUs, and explore the fight over 5G between the US Military and the FCC.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Caddy offers TLS, HTTPS, and more in one dependency-free Go Web server\" rel=\"nofollow\" href=\"https://arstechnica.com/gadgets/2020/05/caddy-offers-tls-https-and-more-in-one-dependency-free-go-web-server/\"\u003eCaddy offers TLS, HTTPS, and more in one dependency-free Go Web server\u003c/a\u003e\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"Caddy 2\" rel=\"nofollow\" href=\"https://caddyserver.com/v2\"\u003eCaddy 2\u003c/a\u003e\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"Caddy v2 Improvements [slightly out of date]\" rel=\"nofollow\" href=\"https://github.com/caddyserver/caddy/wiki/v2:-Improvements\"\u003eCaddy v2 Improvements [slightly out of date]\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Proposal: Permanently change all proprietary licensing to open source · Issue #2786 · caddyserver/caddy\" rel=\"nofollow\" href=\"https://github.com/caddyserver/caddy/issues/2786\"\u003eProposal: Permanently change all proprietary licensing to open source · Issue #2786 · caddyserver/caddy\u003c/a\u003e\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"Revert \u0026quot;Implement Caddy-Sponsors HTTP response header\u0026quot; by lol768 · Pull Request #1866 · caddyserver/caddy\" rel=\"nofollow\" href=\"https://github.com/caddyserver/caddy/pull/1866\"\u003eRevert \u0026quot;Implement Caddy-Sponsors HTTP response header\u0026quot; by lol768 · Pull Request #1866 · caddyserver/caddy\u003c/a\u003e\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"Intel’s 10th generation desktop CPUs have arrived—still on 14nm\" rel=\"nofollow\" href=\"https://arstechnica.com/gadgets/2020/05/intels-comet-lake-desktop-cpus-are-here/\"\u003eIntel’s 10th generation desktop CPUs have arrived—still on 14nm\u003c/a\u003e\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"Intel Comet Lake 10th Gen CPU release date, specs, price, and performance\" rel=\"nofollow\" href=\"https://www.pcgamer.com/intel-comet-lake-release-date-specs-performance/\"\u003eIntel Comet Lake 10th Gen CPU release date, specs, price, and performance\u003c/a\u003e\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"10th Gen Intel® Core™ Desktop Processors\" rel=\"nofollow\" href=\"https://www.intel.com/content/www/us/en/products/docs/processors/core/10th-gen-core-desktop-brief.html\"\u003e10th Gen Intel® Core™ Desktop Processors\u003c/a\u003e\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"US military is furious at FCC over 5G plan that could interfere with GPS\" rel=\"nofollow\" href=\"https://arstechnica.com/tech-policy/2020/05/millions-of-gps-devices-at-risk-from-fcc-approved-5g-network-military-says/\"\u003eUS military is furious at FCC over 5G plan that could interfere with GPS\u003c/a\u003e\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"The Pentagon\u0026#39;s fight to kill Ligado\u0026#39;s 5G network\" rel=\"nofollow\" href=\"https://www.cnet.com/news/the-pentagons-fight-to-kill-ligados-5g-network/\"\u003eThe Pentagon\u0026#39;s fight to kill Ligado\u0026#39;s 5G network\u003c/a\u003e\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"FCC Approves Ligado L-Band Application to Facilitate 5G \u0026amp; IoT\" rel=\"nofollow\" href=\"https://www.fcc.gov/document/fcc-approves-ligado-l-band-application-facilitate-5g-iot\"\u003eFCC Approves Ligado L-Band Application to Facilitate 5G \u0026amp; IoT\u003c/a\u003e\n\u003c/li\u003e\u003c/ul\u003e","summary":"Jim and Wes take the latest release of the Caddy web server for a spin, investigate Intel's Comet Lake desktop CPUs, and explore the fight over 5G between the US Military and the FCC.","date_published":"2020-05-15T00:15:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/a30bad27-ffe4-4dd7-a499-0117167b9f4e.mp3","mime_type":"audio/mp3","size_in_bytes":22145590,"duration_in_seconds":1845}]},{"id":"5556e3df-292d-4b0b-8e25-27f071862c06","title":"428: RAID Reality Check","url":"https://techsnap.systems/428","content_text":"We dive deep into the world of  RAID, and discuss how to choose the right topology to optimize performance and resilience.\n\nPlus Cloudflare steps up its campaign to secure BGP, and why you might want to trade in cron for systemd timers.Links:AMD Claims World’s Fastest Per-Core Performance with New EPYC Rome 7Fx2 CPUs\nAMD EPYC 7F52 Linux Performance - AMD 7FX2 CPUs Further Increasing The Fight Against Intel Xeon Review\nUnderstanding RAID: How performance scales from one disk to eight\nNew Cloudflare tool can tell you if your ISP has deployed BGP fixes\nIs BGP safe yet?\nRPKI - The required cryptographic upgrade to BGP routing\nWhy I Prefer systemd Timers Over Cron – Thomas Stringer\nsystemd/Timers - ArchWiki\nsystemd.time (Time format docs)\nsystemd.timer (Unit docs)\n","content_html":"\u003cp\u003eWe dive deep into the world of  RAID, and discuss how to choose the right topology to optimize performance and resilience.\u003c/p\u003e\n\n\u003cp\u003ePlus Cloudflare steps up its campaign to secure BGP, and why you might want to trade in cron for systemd timers.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"AMD Claims World’s Fastest Per-Core Performance with New EPYC Rome 7Fx2 CPUs\" rel=\"nofollow\" href=\"https://www.tomshardware.com/news/amd-worlds-fastest-processor-epyc-rome-7fx2-cpus\"\u003eAMD Claims World’s Fastest Per-Core Performance with New EPYC Rome 7Fx2 CPUs\u003c/a\u003e\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"AMD EPYC 7F52 Linux Performance - AMD 7FX2 CPUs Further Increasing The Fight Against Intel Xeon Review\" rel=\"nofollow\" href=\"https://www.phoronix.com/scan.php?page=article\u0026amp;item=amd-epyc-7f52\u0026amp;num=1\"\u003eAMD EPYC 7F52 Linux Performance - AMD 7FX2 CPUs Further Increasing The Fight Against Intel Xeon Review\u003c/a\u003e\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"Understanding RAID: How performance scales from one disk to eight\" rel=\"nofollow\" href=\"https://arstechnica.com/information-technology/2020/04/understanding-raid-how-performance-scales-from-one-disk-to-eight/\"\u003eUnderstanding RAID: How performance scales from one disk to eight\u003c/a\u003e\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"New Cloudflare tool can tell you if your ISP has deployed BGP fixes\" rel=\"nofollow\" href=\"https://arstechnica.com/information-technology/2020/04/new-cloudflare-tool-can-tell-you-if-your-isp-has-deployed-bgp-fixes/\"\u003eNew Cloudflare tool can tell you if your ISP has deployed BGP fixes\u003c/a\u003e\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"Is BGP safe yet?\" rel=\"nofollow\" href=\"https://isbgpsafeyet.com/\"\u003eIs BGP safe yet?\u003c/a\u003e\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"RPKI - The required cryptographic upgrade to BGP routing\" rel=\"nofollow\" href=\"https://blog.cloudflare.com/rpki/\"\u003eRPKI - The required cryptographic upgrade to BGP routing\u003c/a\u003e\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"Why I Prefer systemd Timers Over Cron – Thomas Stringer\" rel=\"nofollow\" href=\"https://trstringer.com/systemd-timer-vs-cronjob/\"\u003eWhy I Prefer systemd Timers Over Cron – Thomas Stringer\u003c/a\u003e\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"systemd/Timers - ArchWiki\" rel=\"nofollow\" href=\"https://wiki.archlinux.org/index.php/Systemd/Timers\"\u003esystemd/Timers - ArchWiki\u003c/a\u003e\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"systemd.time (Time format docs)\" rel=\"nofollow\" href=\"https://www.freedesktop.org/software/systemd/man/systemd.time.html\"\u003esystemd.time (Time format docs)\u003c/a\u003e\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"systemd.timer (Unit docs)\" rel=\"nofollow\" href=\"https://www.freedesktop.org/software/systemd/man/systemd.timer.html\"\u003esystemd.timer (Unit docs)\u003c/a\u003e\n\u003c/li\u003e\u003c/ul\u003e","summary":"We dive deep into the world of  RAID, and discuss how to choose the right topology to optimize performance and resilience.","date_published":"2020-05-01T00:15:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/5556e3df-292d-4b0b-8e25-27f071862c06.mp3","mime_type":"audio/mp3","size_in_bytes":25930419,"duration_in_seconds":2160}]},{"id":"809b6258-3513-4344-a965-b854e8c78fd3","title":"427: Gigahertz Games","url":"https://techsnap.systems/427","content_text":"Jim finally gets his hands on an AMD Ryzen 9 laptop, some great news about Wi-Fi 6e, and our take on FreeBSD on the desktop.\n\nPlus Intel's surprisingly overclockable laptop CPU, why you shouldn't freak out about 5G, and the incredible creativity of the Demoscene.Links:Asus ROG Zephyrus G14—Ryzen 7nm mobile is here, and it’s awesomeLinux on Laptops: ASUS Zephyrus G14 with Ryzen 9 4900HSIntel’s 10th-generation H-series laptop CPUs break 5GHz | Ars TechnicaWi-Fi 6E becomes official—the FCC will vote on rules this monthCelebs share rumors linking 5G to coronavirus, nutjobs burn cell towersNot-actually Linux distro review: FreeBSD 12.1-RELEASENot actually Linux distro review deux: GhostBSDMOD (file format) - WikipediaAT\u0026amp;T.MOD (YouTube)DJ Moses Rising—Ice Cream Trance (YouTube)Farbrausch—The Product (64K Intro, 2000)Farbrausch—Poem to a Horse (64K Intro, 2002)Finland accepts the Demoscene on its national UNESCO list of intangible cultural heritage of humanity","content_html":"\u003cp\u003eJim finally gets his hands on an AMD Ryzen 9 laptop, some great news about Wi-Fi 6e, and our take on FreeBSD on the desktop.\u003c/p\u003e\n\n\u003cp\u003ePlus Intel\u0026#39;s surprisingly overclockable laptop CPU, why you shouldn\u0026#39;t freak out about 5G, and the incredible creativity of the Demoscene.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Asus ROG Zephyrus G14—Ryzen 7nm mobile is here, and it’s awesome\" rel=\"nofollow\" href=\"https://arstechnica.com/gadgets/2020/04/asus-rog-zephyrus-g14-ryzen-7nm-mobile-is-here-and-its-awesome/\"\u003eAsus ROG Zephyrus G14—Ryzen 7nm mobile is here, and it’s awesome\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Linux on Laptops: ASUS Zephyrus G14 with Ryzen 9 4900HS\" rel=\"nofollow\" href=\"https://arstechnica.com/gadgets/2020/04/linux-on-laptops-asus-zephyrus-g14-with-ryzen-9-4900hs/\"\u003eLinux on Laptops: ASUS Zephyrus G14 with Ryzen 9 4900HS\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Intel’s 10th-generation H-series laptop CPUs break 5GHz | Ars Technica\" rel=\"nofollow\" href=\"https://arstechnica.com/gadgets/2020/04/intels-10th-generation-h-series-laptop-cpus-break-5-ghz/\"\u003eIntel’s 10th-generation H-series laptop CPUs break 5GHz | Ars Technica\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Wi-Fi 6E becomes official—the FCC will vote on rules this month\" rel=\"nofollow\" href=\"https://arstechnica.com/gadgets/2020/04/fcc-will-vote-on-rules-for-1-2ghz-of-new-wi-fi-6e-spectrum-on-april-23/\"\u003eWi-Fi 6E becomes official—the FCC will vote on rules this month\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Celebs share rumors linking 5G to coronavirus, nutjobs burn cell towers\" rel=\"nofollow\" href=\"https://arstechnica.com/science/2020/04/in-the-uk-pandemic-panic-has-people-burning-cell-phone-towers/\"\u003eCelebs share rumors linking 5G to coronavirus, nutjobs burn cell towers\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Not-actually Linux distro review: FreeBSD 12.1-RELEASE\" rel=\"nofollow\" href=\"https://arstechnica.com/gadgets/2020/04/not-actually-linux-distro-review-freebsd-12-1-release/\"\u003eNot-actually Linux distro review: FreeBSD 12.1-RELEASE\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Not actually Linux distro review deux: GhostBSD\" rel=\"nofollow\" href=\"https://arstechnica.com/gadgets/2020/04/not-actually-linux-distro-review-deux-ghostbsd/\"\u003eNot actually Linux distro review deux: GhostBSD\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"MOD (file format) - Wikipedia\" rel=\"nofollow\" href=\"https://en.wikipedia.org/wiki/MOD_(file_format)\"\u003eMOD (file format) - Wikipedia\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"AT\u0026amp;T.MOD (YouTube)\" rel=\"nofollow\" href=\"https://www.youtube.com/watch?v=UspabZp09_Q\"\u003eAT\u0026amp;T.MOD (YouTube)\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"DJ Moses Rising—Ice Cream Trance (YouTube)\" rel=\"nofollow\" href=\"https://www.youtube.com/watch?v=RDDkGZWkEn0\"\u003eDJ Moses Rising—Ice Cream Trance (YouTube)\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Farbrausch—The Product (64K Intro, 2000)\" rel=\"nofollow\" href=\"https://www.youtube.com/watch?v=Y3n3c_8Nn2Y\"\u003eFarbrausch—The Product (64K Intro, 2000)\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Farbrausch—Poem to a Horse (64K Intro, 2002)\" rel=\"nofollow\" href=\"https://www.youtube.com/watch?v=gNOJhEX9YT0\"\u003eFarbrausch—Poem to a Horse (64K Intro, 2002)\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Finland accepts the Demoscene on its national UNESCO list of intangible cultural heritage of humanity\" rel=\"nofollow\" href=\"http://demoscene-the-art-of-coding.net/2020/04/15/breakthrough-finland-accepts-demoscene-on-their-national-list-of-intangible-cultural-heritage-of-humanity/\"\u003eFinland accepts the Demoscene on its national UNESCO list of intangible cultural heritage of humanity\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Jim finally gets his hands on an AMD Ryzen 9 laptop, some great news about Wi-Fi 6e, and our take on FreeBSD on the desktop.","date_published":"2020-04-17T00:15:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/809b6258-3513-4344-a965-b854e8c78fd3.mp3","mime_type":"audio/mp3","size_in_bytes":37075823,"duration_in_seconds":3089}]},{"id":"658dd254-b721-4281-8415-9357e180e92b","title":"426: Storage Stories","url":"https://techsnap.systems/426","content_text":"We take a look at Cloudflare's impressive Linux disk encryption speed-ups, and explore how zoned storage tools like dm-zoned and zonefs might help mitigate the downsides of Shingled Magnetic Recording.  \n\nPlus we celebrate WireGuard's inclusion in the Linux 5.6 kernel, and fight some exFAT FUD.Links:WireGuard VPN makes it to 1.0.0—and into the next Linux kernel — It's a good day for WireGuard users—DKMS builds will soon be behind us.\r\nLinux 5.6 Is The Most Exciting Kernel In Years With So Many New Featuresfs: New zonefs file system — zonefs is a very simple file system exposing each zone of a zoned block device as a file. This is intended to simplify implementation of application zoned block device raw access support by allowing switching to the well known POSIX file API rather than relying on direct block device file ioctls and read/write.Ama-ZNS! Zonefs File-System Will Land with Linux® 5.6What is Zoned Storage and the Zoned Storage Initiative? — Zoned Storage is a new paradigm in storage motivated by the incredible explosion of data. Our data-driven society is increasingly dependent on data for every-day life and extreme scale data management is becoming a necessity. Linux Kernel Support - ZonedStorage.iodm-zoned — The dm-zoned device mapper target exposes a zoned block device as a regular block device.Device Mapper - ZonedStorage.io What are PMR and SMR hard disk drives?Beware of SMR drives in PMR clothing — WD and Seagate are both submarining Drive-managed SMR (DM-SMR) drives into channels, disguised as \"normal\" drives.Beware of SMR drives in PMR clothing [Reddit]The exFAT filesystem is coming to Linux—Paragon software’s not happy about it — When software and operating system giant Microsoft announced its support for inclusion of the exFAT filesystem directly into the Linux kernel back in August, it didn't get a ton of press coverage. But filesystem vendor Paragon Software clearly noticed this month's merge of the Microsoft-approved, largely Samsung-authored version of exFAT into the VFS for-next repository, which will in turn merge into Linux 5.7—and Paragon doesn't seem happy about it.The New Microsoft exFAT File-System Driver Is Set To Land With Linux 5.7Speeding up Linux disk encryption - The Cloudflare Blog — Encrypting data at rest is vital for Cloudflare with more than 200 data centres across the world. In this post, we will investigate the performance of disk encryption on Linux and explain how we made it at least two times faster for ourselves and our customers.Add inline dm-crypt patch and xtsproxy Crypto API patch","content_html":"\u003cp\u003eWe take a look at Cloudflare\u0026#39;s impressive Linux disk encryption speed-ups, and explore how zoned storage tools like dm-zoned and zonefs might help mitigate the downsides of Shingled Magnetic Recording.  \u003c/p\u003e\n\n\u003cp\u003ePlus we celebrate WireGuard\u0026#39;s inclusion in the Linux 5.6 kernel, and fight some exFAT FUD.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"WireGuard VPN makes it to 1.0.0—and into the next Linux kernel\" rel=\"nofollow\" href=\"https://arstechnica.com/gadgets/2020/03/wireguard-vpn-makes-it-to-1-0-0-and-into-the-next-linux-kernel/\"\u003eWireGuard VPN makes it to 1.0.0—and into the next Linux kernel\u003c/a\u003e \u0026mdash; It's a good day for WireGuard users—DKMS builds will soon be behind us.\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"Linux 5.6 Is The Most Exciting Kernel In Years With So Many New Features\" rel=\"nofollow\" href=\"https://www.phoronix.com/scan.php?page=article\u0026amp;item=linux-56-features\u0026amp;num=1\"\u003eLinux 5.6 Is The Most Exciting Kernel In Years With So Many New Features\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"fs: New zonefs file system\" rel=\"nofollow\" href=\"https://lwn.net/Articles/793585/\"\u003efs: New zonefs file system\u003c/a\u003e \u0026mdash; zonefs is a very simple file system exposing each zone of a zoned block device as a file. This is intended to simplify implementation of application zoned block device raw access support by allowing switching to the well known POSIX file API rather than relying on direct block device file ioctls and read/write.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Ama-ZNS! Zonefs File-System Will Land with Linux® 5.6\" rel=\"nofollow\" href=\"https://blog.westerndigital.com/zonefs-file-system-linux-5-6/\"\u003eAma-ZNS! Zonefs File-System Will Land with Linux® 5.6\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"What is Zoned Storage and the Zoned Storage Initiative?\" rel=\"nofollow\" href=\"https://blog.westerndigital.com/what-is-zoned-storage-initiative/\"\u003eWhat is Zoned Storage and the Zoned Storage Initiative?\u003c/a\u003e \u0026mdash; Zoned Storage is a new paradigm in storage motivated by the incredible explosion of data. Our data-driven society is increasingly dependent on data for every-day life and extreme scale data management is becoming a necessity. \u003c/li\u003e\u003cli\u003e\u003ca title=\"Linux Kernel Support - ZonedStorage.io\" rel=\"nofollow\" href=\"https://www.zonedstorage.io/introduction/linux-support/\"\u003eLinux Kernel Support - ZonedStorage.io\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"dm-zoned\" rel=\"nofollow\" href=\"https://www.kernel.org/doc/html/latest/admin-guide/device-mapper/dm-zoned.html\"\u003edm-zoned\u003c/a\u003e \u0026mdash; The dm-zoned device mapper target exposes a zoned block device as a regular block device.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Device Mapper - ZonedStorage.io\" rel=\"nofollow\" href=\"https://zonedstorage.io/linux/dm/#dm-zoned\"\u003eDevice Mapper - ZonedStorage.io\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\" What are PMR and SMR hard disk drives?\" rel=\"nofollow\" href=\"https://www.synology.com/en-us/knowledgebase/DSM/tutorial/Storage/PMR_SMR_hard_disk_drives\"\u003e What are PMR and SMR hard disk drives?\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Beware of SMR drives in PMR clothing\" rel=\"nofollow\" href=\"https://zfsonlinux.topicbox.com/groups/zfs-discuss/T759a10612888a9d9-Me469c98023e1a2cb059f9391/beware-of-smr-drives-in-pmr-clothing\"\u003eBeware of SMR drives in PMR clothing\u003c/a\u003e \u0026mdash; WD and Seagate are both submarining Drive-managed SMR (DM-SMR) drives into channels, disguised as \"normal\" drives.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Beware of SMR drives in PMR clothing [Reddit]\" rel=\"nofollow\" href=\"https://www.reddit.com/r/zfs/comments/frsic7/beware_of_smr_drives_in_pmr_clothing/\"\u003eBeware of SMR drives in PMR clothing [Reddit]\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"The exFAT filesystem is coming to Linux—Paragon software’s not happy about it\" rel=\"nofollow\" href=\"https://arstechnica.com/information-technology/2020/03/the-exfat-filesystem-is-coming-to-linux-paragon-softwares-not-happy-about-it/\"\u003eThe exFAT filesystem is coming to Linux—Paragon software’s not happy about it\u003c/a\u003e \u0026mdash; When software and operating system giant Microsoft announced its support for inclusion of the exFAT filesystem directly into the Linux kernel back in August, it didn't get a ton of press coverage. But filesystem vendor Paragon Software clearly noticed this month's merge of the Microsoft-approved, largely Samsung-authored version of exFAT into the VFS for-next repository, which will in turn merge into Linux 5.7—and Paragon doesn't seem happy about it.\u003c/li\u003e\u003cli\u003e\u003ca title=\"The New Microsoft exFAT File-System Driver Is Set To Land With Linux 5.7\" rel=\"nofollow\" href=\"https://www.phoronix.com/scan.php?page=news_item\u0026amp;px=New-exFAT-For-Linux-5.7\"\u003eThe New Microsoft exFAT File-System Driver Is Set To Land With Linux 5.7\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Speeding up Linux disk encryption - The Cloudflare Blog\" rel=\"nofollow\" href=\"https://blog.cloudflare.com/speeding-up-linux-disk-encryption/\"\u003eSpeeding up Linux disk encryption - The Cloudflare Blog\u003c/a\u003e \u0026mdash; Encrypting data at rest is vital for Cloudflare with more than 200 data centres across the world. In this post, we will investigate the performance of disk encryption on Linux and explain how we made it at least two times faster for ourselves and our customers.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Add inline dm-crypt patch and xtsproxy Crypto API patch\" rel=\"nofollow\" href=\"https://github.com/cloudflare/linux/blob/master/patches/0023-Add-DM_CRYPT_FORCE_INLINE-flag-to-dm-crypt-target.patch\"\u003eAdd inline dm-crypt patch and xtsproxy Crypto API patch\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"We take a look at Cloudflare's impressive Linux disk encryption speed-ups, and explore how zoned storage tools like dm-zoned and zonefs might help mitigate the downsides of Shingled Magnetic Recording.","date_published":"2020-04-03T00:15:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/658dd254-b721-4281-8415-9357e180e92b.mp3","mime_type":"audio/mp3","size_in_bytes":22528023,"duration_in_seconds":1877}]},{"id":"fc127e6a-cc96-408c-ae38-8049074a8f34","title":"425: Ryzen Gets Real","url":"https://techsnap.systems/425","content_text":"We take a look at AMD's upcoming line of Ryzen 4000 mobile CPUs, and share our first impressions of Ubuntu 20.04's approach to ZFS on root. \n\nPlus Let's Encrypt's certificate validation mix-up, Intel's questionable new power supply design, and more.Links:Let's Encrypt changes course on certificate revocation\r\nRevoking certain certificates on March 4\nLet's Encrypt: Incomplete revocation for CAA rechecking bugPass authzModel by value, not reference\r\nThe Complete Guide to CAA RecordsDNS Certification Authority Authorization\r\nAMD's 7nm Ryzen 4000 laptop processors are finally here\r\nHow Intel is changing the future of power supplies with its ATX12VO spec\nSingle Rail Power Supply ATX12VO Design GuideFreeNAS and TrueNAS are UnifyingFreeNAS and TrueNAS are Unifying [Video Announcement]\r\nUbuntu 20.04's zsys adds ZFS snapshots to package management\r\nubuntu/zsys: zsys daemon and client for zfs systems\n","content_html":"\u003cp\u003eWe take a look at AMD\u0026#39;s upcoming line of Ryzen 4000 mobile CPUs, and share our first impressions of Ubuntu 20.04\u0026#39;s approach to ZFS on root. \u003c/p\u003e\n\n\u003cp\u003ePlus Let\u0026#39;s Encrypt\u0026#39;s certificate validation mix-up, Intel\u0026#39;s questionable new power supply design, and more.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Let\u0026#39;s Encrypt changes course on certificate revocation\" rel=\"nofollow\" href=\"https://arstechnica.com/information-technology/2020/03/lets-encrypt-holds-off-on-revocation-of-certificates/\"\u003eLet\u0026#39;s Encrypt changes course on certificate revocation\u003c/a\u003e\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"Revoking certain certificates on March 4\" rel=\"nofollow\" href=\"https://community.letsencrypt.org/t/revoking-certain-certificates-on-march-4/114864\"\u003eRevoking certain certificates on March 4\u003c/a\u003e\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"Let\u0026#39;s Encrypt: Incomplete revocation for CAA rechecking bug\" rel=\"nofollow\" href=\"https://bugzilla.mozilla.org/show_bug.cgi?id=1619179#c7\"\u003eLet\u0026#39;s Encrypt: Incomplete revocation for CAA rechecking bug\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Pass authzModel by value, not reference\" rel=\"nofollow\" href=\"https://github.com/letsencrypt/boulder/pull/4690/files#diff-2285b0268539881fde96d9928ecef358R1412\"\u003ePass authzModel by value, not reference\u003c/a\u003e\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"The Complete Guide to CAA Records\" rel=\"nofollow\" href=\"https://jasonofflorida.com/the-complete-guide-to-caa-records/\"\u003eThe Complete Guide to CAA Records\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"DNS Certification Authority Authorization\" rel=\"nofollow\" href=\"https://en.wikipedia.org/wiki/DNS_Certification_Authority_Authorization\"\u003eDNS Certification Authority Authorization\u003c/a\u003e\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"AMD\u0026#39;s 7nm Ryzen 4000 laptop processors are finally here\" rel=\"nofollow\" href=\"https://arstechnica.com/gadgets/2020/03/amds-7nm-ryzen-4000-laptop-processors-are-finally-here/\"\u003eAMD\u0026#39;s 7nm Ryzen 4000 laptop processors are finally here\u003c/a\u003e\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"How Intel is changing the future of power supplies with its ATX12VO spec\" rel=\"nofollow\" href=\"https://www.pcworld.com/article/3518831/how-intels-changing-the-future-of-power-supplies-with-its-atx12vo-spec.html\"\u003eHow Intel is changing the future of power supplies with its ATX12VO spec\u003c/a\u003e\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"Single Rail Power Supply ATX12VO Design Guide\" rel=\"nofollow\" href=\"https://www.intel.com/content/dam/www/public/us/en/documents/guides/single-rail-power-supply-platform-atx12vo-design-guide.pdf\"\u003eSingle Rail Power Supply ATX12VO Design Guide\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"FreeNAS and TrueNAS are Unifying\" rel=\"nofollow\" href=\"https://www.ixsystems.com/blog/freenas-truenas-unification/\"\u003eFreeNAS and TrueNAS are Unifying\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"FreeNAS and TrueNAS are Unifying [Video Announcement]\" rel=\"nofollow\" href=\"https://www.youtube.com/watch?v=0gK2g8g0btI\"\u003eFreeNAS and TrueNAS are Unifying [Video Announcement]\u003c/a\u003e\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"Ubuntu 20.04\u0026#39;s zsys adds ZFS snapshots to package management\" rel=\"nofollow\" href=\"https://arstechnica.com/gadgets/2020/03/ubuntu-20-04s-zsys-adds-zfs-snapshots-to-package-management/\"\u003eUbuntu 20.04\u0026#39;s zsys adds ZFS snapshots to package management\u003c/a\u003e\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"ubuntu/zsys: zsys daemon and client for zfs systems\" rel=\"nofollow\" href=\"https://github.com/ubuntu/zsys\"\u003eubuntu/zsys: zsys daemon and client for zfs systems\u003c/a\u003e\n\u003c/li\u003e\u003c/ul\u003e","summary":"We take a look at AMD's upcoming line of Ryzen 4000 mobile CPUs, and share our first impressions of Ubuntu 20.04's approach to ZFS on root.","date_published":"2020-03-20T00:15:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/fc127e6a-cc96-408c-ae38-8049074a8f34.mp3","mime_type":"audio/mp3","size_in_bytes":23682530,"duration_in_seconds":1973}]},{"id":"770823cf-5179-4132-91fb-d67d5ddd5ff4","title":"424: AMD Inside","url":"https://techsnap.systems/424","content_text":"Cloudflare recently embarked on an epic quest to choose a CPU for its next-generation server build, so we explore the importance of requests per watt, the benefits of full memory encryption, and why AMD won.  \n\nPlus Mozilla's rollout of DNS over HTTPS has begun, a big milestone for Let's Encrypt, and more.Links:Firefox continues push to bring DNS over HTTPS by default for US users - The Mozilla Blog\r\nThe Facts: Mozilla’s DNS over HTTPs (DoH)\r\nSecurity/DOH-resolver-policy - MozillaWiki\r\nHTTPS for all: Let’s Encrypt reaches one billion certificates issued | Ars Technica\r\nLet’s Encrypt Has Issued a Billion Certificates - Let’s Encrypt - Free SSL/TLS Certificates\r\nLet’s Encrypt: A History - The Morning Paper\r\nApple drops a bomb on long-life HTTPS certificates: Safari to snub new security certs valid for more than 13 months • The Register\r\nBallot SC22: Reduce Certificate LifetimesGoogle Chrome’s fear of Microsoft Edge is revealing its bad side\r\nMicrosoft shares a roadmap for the new Microsoft Edge\r\nMicrosoft Edge: Top Feedback Summary for March 4\r\nDownload Microsoft Edge Insider Channels\r\nFlaw in billions of Wi-Fi devices left communications open to eavesdropping | Ars Technica\r\nkr00k: A serious vulnerability deep inside Wi-Fi encryption\r\nKr00k Paper\r\nTechnical Details of Why Cloudflare Chose AMD EPYC for Gen X Servers\r\nAn EPYC trip to Rome: AMD is Cloudflare’s 10th-generation Edge server CPU\r\nCloudflare’s Gen X: Servers for an Accelerated Future\r\nImpact of Cache Locality\r\nGen X Performance Tuning\r\nSecuring Memory at EPYC Scale\r\nIntel promises Full Memory Encryption in upcoming CPUs | Ars Technica\r\n","content_html":"\u003cp\u003eCloudflare recently embarked on an epic quest to choose a CPU for its next-generation server build, so we explore the importance of requests per watt, the benefits of full memory encryption, and why AMD won.  \u003c/p\u003e\n\n\u003cp\u003ePlus Mozilla\u0026#39;s rollout of DNS over HTTPS has begun, a big milestone for Let\u0026#39;s Encrypt, and more.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Firefox continues push to bring DNS over HTTPS by default for US users - The Mozilla Blog\" rel=\"nofollow\" href=\"https://blog.mozilla.org/blog/2020/02/25/firefox-continues-push-to-bring-dns-over-https-by-default-for-us-users/\"\u003eFirefox continues push to bring DNS over HTTPS by default for US users - The Mozilla Blog\u003c/a\u003e\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"The Facts: Mozilla’s DNS over HTTPs (DoH)\" rel=\"nofollow\" href=\"https://blog.mozilla.org/netpolicy/2020/02/25/the-facts-mozillas-dns-over-https-doh/\"\u003eThe Facts: Mozilla’s DNS over HTTPs (DoH)\u003c/a\u003e\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"Security/DOH-resolver-policy - MozillaWiki\" rel=\"nofollow\" href=\"https://wiki.mozilla.org/Security/DOH-resolver-policy\"\u003eSecurity/DOH-resolver-policy - MozillaWiki\u003c/a\u003e\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"HTTPS for all: Let’s Encrypt reaches one billion certificates issued | Ars Technica\" rel=\"nofollow\" href=\"https://arstechnica.com/gadgets/2020/02/lets-encrypt-issued-its-billionth-certificate-today/\"\u003eHTTPS for all: Let’s Encrypt reaches one billion certificates issued | Ars Technica\u003c/a\u003e\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"Let’s Encrypt Has Issued a Billion Certificates - Let’s Encrypt - Free SSL/TLS Certificates\" rel=\"nofollow\" href=\"https://letsencrypt.org/2020/02/27/one-billion-certs.html\"\u003eLet’s Encrypt Has Issued a Billion Certificates - Let’s Encrypt - Free SSL/TLS Certificates\u003c/a\u003e\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"Let’s Encrypt: A History - The Morning Paper\" rel=\"nofollow\" href=\"https://blog.acolyer.org/2020/02/12/lets-encrypt-an-automated-certificate-authority-to-encrypt-the-entire-web/\"\u003eLet’s Encrypt: A History - The Morning Paper\u003c/a\u003e\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"Apple drops a bomb on long-life HTTPS certificates: Safari to snub new security certs valid for more than 13 months • The Register\" rel=\"nofollow\" href=\"https://www.theregister.co.uk/2020/02/20/apple_shorter_cert_lifetime/\"\u003eApple drops a bomb on long-life HTTPS certificates: Safari to snub new security certs valid for more than 13 months • The Register\u003c/a\u003e\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"Ballot SC22: Reduce Certificate Lifetimes\" rel=\"nofollow\" href=\"https://scotthelme.co.uk/ballot-sc22-reduce-certificate-lifetimes/\"\u003eBallot SC22: Reduce Certificate Lifetimes\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Google Chrome’s fear of Microsoft Edge is revealing its bad side\" rel=\"nofollow\" href=\"https://www.laptopmag.com/news/googles-fear-of-microsoft-edge-is-revealing-its-bad-side\"\u003eGoogle Chrome’s fear of Microsoft Edge is revealing its bad side\u003c/a\u003e\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"Microsoft shares a roadmap for the new Microsoft Edge\" rel=\"nofollow\" href=\"https://www.windowscentral.com/microsoft-shares-roadmap-new-microsoft-edges-upcoming-features\"\u003eMicrosoft shares a roadmap for the new Microsoft Edge\u003c/a\u003e\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"Microsoft Edge: Top Feedback Summary for March 4\" rel=\"nofollow\" href=\"https://techcommunity.microsoft.com/t5/discussions/top-feedback-summary-for-march-4/m-p/1209808\"\u003eMicrosoft Edge: Top Feedback Summary for March 4\u003c/a\u003e\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"Download Microsoft Edge Insider Channels\" rel=\"nofollow\" href=\"https://www.microsoftedgeinsider.com/en-us/download/\"\u003eDownload Microsoft Edge Insider Channels\u003c/a\u003e\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"Flaw in billions of Wi-Fi devices left communications open to eavesdropping | Ars Technica\" rel=\"nofollow\" href=\"https://arstechnica.com/information-technology/2020/02/flaw-in-billions-of-wi-fi-devices-left-communications-open-to-eavesdroppng/\"\u003eFlaw in billions of Wi-Fi devices left communications open to eavesdropping | Ars Technica\u003c/a\u003e\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"kr00k: A serious vulnerability deep inside Wi-Fi encryption\" rel=\"nofollow\" href=\"https://www.eset.com/int/kr00k/\"\u003ekr00k: A serious vulnerability deep inside Wi-Fi encryption\u003c/a\u003e\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"Kr00k Paper\" rel=\"nofollow\" href=\"https://www.welivesecurity.com/wp-content/uploads/2020/02/ESET_Kr00k.pdf\"\u003eKr00k Paper\u003c/a\u003e\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"Technical Details of Why Cloudflare Chose AMD EPYC for Gen X Servers\" rel=\"nofollow\" href=\"https://blog.cloudflare.com/technical-details-of-why-cloudflare-chose-amd-epyc-for-gen-x-servers/\"\u003eTechnical Details of Why Cloudflare Chose AMD EPYC for Gen X Servers\u003c/a\u003e\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"An EPYC trip to Rome: AMD is Cloudflare’s 10th-generation Edge server CPU\" rel=\"nofollow\" href=\"https://blog.cloudflare.com/an-epyc-trip-to-rome-amd-is-cloudflares-10th-generation-edge-server-cpu/\"\u003eAn EPYC trip to Rome: AMD is Cloudflare’s 10th-generation Edge server CPU\u003c/a\u003e\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"Cloudflare’s Gen X: Servers for an Accelerated Future\" rel=\"nofollow\" href=\"https://blog.cloudflare.com/cloudflares-gen-x-servers-for-an-accelerated-future/\"\u003eCloudflare’s Gen X: Servers for an Accelerated Future\u003c/a\u003e\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"Impact of Cache Locality\" rel=\"nofollow\" href=\"https://blog.cloudflare.com/impact-of-cache-locality/\"\u003eImpact of Cache Locality\u003c/a\u003e\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"Gen X Performance Tuning\" rel=\"nofollow\" href=\"https://blog.cloudflare.com/gen-x-performance-tuning/\"\u003eGen X Performance Tuning\u003c/a\u003e\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"Securing Memory at EPYC Scale\" rel=\"nofollow\" href=\"https://blog.cloudflare.com/securing-memory-at-epyc-scale/\"\u003eSecuring Memory at EPYC Scale\u003c/a\u003e\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"Intel promises Full Memory Encryption in upcoming CPUs | Ars Technica\" rel=\"nofollow\" href=\"https://arstechnica.com/gadgets/2020/02/intel-promises-full-memory-encryption-in-upcoming-cpus/\"\u003eIntel promises Full Memory Encryption in upcoming CPUs | Ars Technica\u003c/a\u003e\r\n\u003c/li\u003e\u003c/ul\u003e","summary":"Cloudflare recently embarked on an epic quest to choose a CPU for its next-generation server build, so we explore the importance of requests per watt, the benefits of full memory encryption, and why AMD won.","date_published":"2020-03-06T00:15:00.000-08:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/770823cf-5179-4132-91fb-d67d5ddd5ff4.mp3","mime_type":"audio/mp3","size_in_bytes":20391102,"duration_in_seconds":1699}]},{"id":"579b3028-f4b8-408a-ad04-ee0f8d017f78","title":"423: Hopeful for HAMR","url":"https://techsnap.systems/423","content_text":"We explore the potential of heat-assisted magnetic recording and get excited about a possibly persistent L2ARC. \n\nPlus Jim's journeys with Clear Linux, and why Ubuntu 18.04.4 is a maintenance release worth talking about.Links:Ubuntu 18.04.4 LTS: here's what's new — It's not as shiny and exciting as entirely new versions, of course, but it does pack in some worthwhile security and bugfix upgrades, as well as support for more and newer hardware.18.04.4 - Ubuntu WikiMobaXterm — Enhanced terminal for Windows with X11 server, tabbed SSH client, network tools and much more.Linux distro review: Intel’s own Clear Linux OS — There's not much question that Clear Linux is your best bet if you want to turn in the best possible benchmark numbers. The question not addressed here is, what's it like to run Clear Linux as a daily driver? We were curious, so we took it for a spin.Clear Linux* Project — Clear Linux OS is an open source, rolling release Linux distribution optimized for performance and security, from the Cloud to the Edge, designed for customization, and manageability.swupd — Documentation for Clear Linux* projectclr-boot-manager: Kernel \u0026amp; Boot Loader ManagementCannot compile zfs for 5.5-rc2 · Issue #9745 · zfsonlinux/zfsPersistent L2ARC might be coming to ZFS on Linux — The primary ARC is kept in system RAM, but an L2ARC device can be created from one or more fast disks. In a ZFS pool with one or more L2ARC devices, when blocks are evicted from the primary ARC in RAM, they are moved down to L2ARC rather than being thrown away entirely. In the past, this feature has been of limited value, both because indexing a large L2ARC occupies system RAM which could have been better used for primary ARC and because L2ARC was not persistent across reboots.Persistent L2ARC by gamanakis · Pull Request #9582 · zfsonlinux/zfs — This feature implements a light-weight persistent L2ARC metadata structure that allows L2ARC contents to be recovered after a reboot. This significantly eases the impact a reboot has on read performance on systems with large caches.LINUX Unplugged 303: Stateless and Dateless — We visit Intel to figure out what Clear Linux is all about and explain a few tricks that make it unique.LINUX Unplugged Blog: Clear Linux OS 2019HAMR don’t hurt ’em: laser-assisted hard drives are coming in 2020 — Although the 2012 \"just around the corner\" HAMR drives seem to have been mostly vapor, the technology is a reality now. Seagate has been trialing 16TB HAMR drives with select customers for more than a year and claims that the trials have proved that its HAMR drives are \"plug and play replacements\" for traditional CMR drives, requiring no special care and having no particular poor use cases compared to the drives we're all used to.HAMR Milestone: Seagate Achieves 16TB Capacity on Internal HAMR Test UnitsWestern Digital debuts 18TB and 20TB near-MAMR disk drivesPreviously on TechSNAP 341: HAMR Time — We've got bad news for Wifi-lovers as the KRACK hack takes the world by storm; We have the details \u0026amp; some places to watch to make sure you stay patched. Plus, some distressing revelations about third party access to your personal information through some US mobile carriers. Then we cover the ongoing debate over HAMR, MAMR, and the future of hard drive technology \u0026amp; take a mini deep dive into the world of elliptic curve cryptography.\r\n\r\n","content_html":"\u003cp\u003eWe explore the potential of heat-assisted magnetic recording and get excited about a possibly persistent L2ARC. \u003c/p\u003e\n\n\u003cp\u003ePlus Jim\u0026#39;s journeys with Clear Linux, and why Ubuntu 18.04.4 is a maintenance release worth talking about.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Ubuntu 18.04.4 LTS: here\u0026#39;s what\u0026#39;s new\" rel=\"nofollow\" href=\"https://arstechnica.com/gadgets/2020/02/ubuntu-18-04-4-lts-released-wednesday-heres-whats-new/\"\u003eUbuntu 18.04.4 LTS: here\u0026#39;s what\u0026#39;s new\u003c/a\u003e \u0026mdash; It's not as shiny and exciting as entirely new versions, of course, but it does pack in some worthwhile security and bugfix upgrades, as well as support for more and newer hardware.\u003c/li\u003e\u003cli\u003e\u003ca title=\"18.04.4 - Ubuntu Wiki\" rel=\"nofollow\" href=\"https://wiki.ubuntu.com/BionicBeaver/ReleaseNotes/ChangeSummary/18.04.4\"\u003e18.04.4 - Ubuntu Wiki\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"MobaXterm\" rel=\"nofollow\" href=\"https://mobaxterm.mobatek.net/\"\u003eMobaXterm\u003c/a\u003e \u0026mdash; Enhanced terminal for Windows with X11 server, tabbed SSH client, network tools and much more.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Linux distro review: Intel’s own Clear Linux OS\" rel=\"nofollow\" href=\"https://arstechnica.com/gadgets/2020/02/linux-distro-review-intels-own-clear-linux-os/?comments=1\"\u003eLinux distro review: Intel’s own Clear Linux OS\u003c/a\u003e \u0026mdash; There's not much question that Clear Linux is your best bet if you want to turn in the best possible benchmark numbers. The question not addressed here is, what's it like to run Clear Linux as a daily driver? We were curious, so we took it for a spin.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Clear Linux* Project\" rel=\"nofollow\" href=\"https://clearlinux.org/\"\u003eClear Linux* Project\u003c/a\u003e \u0026mdash; Clear Linux OS is an open source, rolling release Linux distribution optimized for performance and security, from the Cloud to the Edge, designed for customization, and manageability.\u003c/li\u003e\u003cli\u003e\u003ca title=\"swupd — Documentation for Clear Linux* project\" rel=\"nofollow\" href=\"https://docs.01.org/clearlinux/latest/guides/clear/swupd.html\"\u003eswupd — Documentation for Clear Linux* project\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"clr-boot-manager: Kernel \u0026amp; Boot Loader Management\" rel=\"nofollow\" href=\"https://github.com/clearlinux/clr-boot-manager\"\u003eclr-boot-manager: Kernel \u0026amp; Boot Loader Management\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Cannot compile zfs for 5.5-rc2 · Issue #9745 · zfsonlinux/zfs\" rel=\"nofollow\" href=\"https://github.com/zfsonlinux/zfs/issues/9745\"\u003eCannot compile zfs for 5.5-rc2 · Issue #9745 · zfsonlinux/zfs\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Persistent L2ARC might be coming to ZFS on Linux\" rel=\"nofollow\" href=\"https://arstechnica.com/gadgets/2020/02/zfs-on-linux-should-get-a-persistent-ssd-read-cache-feature-soon/\"\u003ePersistent L2ARC might be coming to ZFS on Linux\u003c/a\u003e \u0026mdash; The primary ARC is kept in system RAM, but an L2ARC device can be created from one or more fast disks. In a ZFS pool with one or more L2ARC devices, when blocks are evicted from the primary ARC in RAM, they are moved down to L2ARC rather than being thrown away entirely. In the past, this feature has been of limited value, both because indexing a large L2ARC occupies system RAM which could have been better used for primary ARC and because L2ARC was not persistent across reboots.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Persistent L2ARC by gamanakis · Pull Request #9582 · zfsonlinux/zfs\" rel=\"nofollow\" href=\"https://github.com/zfsonlinux/zfs/pull/9582\"\u003ePersistent L2ARC by gamanakis · Pull Request #9582 · zfsonlinux/zfs\u003c/a\u003e \u0026mdash; This feature implements a light-weight persistent L2ARC metadata structure that allows L2ARC contents to be recovered after a reboot. This significantly eases the impact a reboot has on read performance on systems with large caches.\u003c/li\u003e\u003cli\u003e\u003ca title=\"LINUX Unplugged 303: Stateless and Dateless\" rel=\"nofollow\" href=\"https://linuxunplugged.com/303\"\u003eLINUX Unplugged 303: Stateless and Dateless\u003c/a\u003e \u0026mdash; We visit Intel to figure out what Clear Linux is all about and explain a few tricks that make it unique.\u003c/li\u003e\u003cli\u003e\u003ca title=\"LINUX Unplugged Blog: Clear Linux OS 2019\" rel=\"nofollow\" href=\"https://linuxunplugged.com/articles/clear-linux-os-2019\"\u003eLINUX Unplugged Blog: Clear Linux OS 2019\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"HAMR don’t hurt ’em: laser-assisted hard drives are coming in 2020\" rel=\"nofollow\" href=\"https://arstechnica.com/gadgets/2020/02/hamr-dont-hurt-em-laser-assisted-hard-drives-are-coming-in-2020/\"\u003eHAMR don’t hurt ’em: laser-assisted hard drives are coming in 2020\u003c/a\u003e \u0026mdash; Although the 2012 \"just around the corner\" HAMR drives seem to have been mostly vapor, the technology is a reality now. Seagate has been trialing 16TB HAMR drives with select customers for more than a year and claims that the trials have proved that its HAMR drives are \"plug and play replacements\" for traditional CMR drives, requiring no special care and having no particular poor use cases compared to the drives we're all used to.\u003c/li\u003e\u003cli\u003e\u003ca title=\"HAMR Milestone: Seagate Achieves 16TB Capacity on Internal HAMR Test Units\" rel=\"nofollow\" href=\"https://blog.seagate.com/craftsman-ship/hamr-milestone-seagate-achieves-16tb-capacity-on-internal-hamr-test-units/\"\u003eHAMR Milestone: Seagate Achieves 16TB Capacity on Internal HAMR Test Units\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Western Digital debuts 18TB and 20TB near-MAMR disk drives\" rel=\"nofollow\" href=\"https://blocksandfiles.com/2019/09/03/western-digital-18tb-and-20tb-mamr-disk-drives/\"\u003eWestern Digital debuts 18TB and 20TB near-MAMR disk drives\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Previously on TechSNAP 341: HAMR Time\" rel=\"nofollow\" href=\"https://techsnap.systems/341\"\u003ePreviously on TechSNAP 341: HAMR Time\u003c/a\u003e \u0026mdash; We've got bad news for Wifi-lovers as the KRACK hack takes the world by storm; We have the details \u0026 some places to watch to make sure you stay patched. Plus, some distressing revelations about third party access to your personal information through some US mobile carriers. Then we cover the ongoing debate over HAMR, MAMR, and the future of hard drive technology \u0026 take a mini deep dive into the world of elliptic curve cryptography.\r\n\r\n\u003c/li\u003e\u003c/ul\u003e","summary":"We explore the potential of heat-assisted magnetic recording and get excited about a possibly persistent L2ARC.","date_published":"2020-02-21T18:00:00.000-08:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/579b3028-f4b8-408a-ad04-ee0f8d017f78.mp3","mime_type":"audio/mp3","size_in_bytes":21313956,"duration_in_seconds":1776}]},{"id":"7c9cef4d-3995-411c-9613-8e74e8156f5a","title":"422: Multipath Musings","url":"https://techsnap.systems/422","content_text":"We take a look at a few exciting features coming to Linux kernel 5.6, including the first steps to multipath TCP. \n\nPlus the latest Intel speculative execution vulnerability, and Microsoft's troubled history with certificate renewal.Links:Oregon company makes top bid for Microsoft check - CNET\nMicrosoft’s failures to renew: Teams, Hotmail, and Hotmail.co.uk | Ars Technica\nMicrosoft Teams goes down after Microsoft forgot to renew a certificate - The Verge\nBrowser review: Microsoft’s new “Edgium” Chromium-based Edge | Ars Technica\nLinus Torvalds pulled WireGuard VPN into the 5.6 kernel source tree | Ars Technica\nUbuntu 20.04 LTS Adds WireGuard Support - Phoronix\nMultipath TCP Support Is Working Its Upstream - First Bits Landing With Linux 5.6 - Phoronix\nMultiPath TCP - Linux Kernel implementation\nUpstreaming multipath TCP\nLPC2019 - Multipath TCP Upstreaming - YouTube\nLPC2019 - Multipath TCP Upstreaming - Slides\r\nLPC2019 - Multipath TCP Upstreaming - Paper\r\nUsing MultiPath TCP to enhance home networks\nLinux 5.6 Crypto Getting AVX/AVX2/AVX-512 Optimized Poly1305Poly1305CacheOut\nCacheOut PaperIntel Responds to ZombieLoad and CacheOut Attacks | Tom's Hardware\nNew CacheOut Attack Targets Intel CPUs, Leaks Data From VMs And Secure Enclave\n","content_html":"\u003cp\u003eWe take a look at a few exciting features coming to Linux kernel 5.6, including the first steps to multipath TCP. \u003c/p\u003e\n\n\u003cp\u003ePlus the latest Intel speculative execution vulnerability, and Microsoft\u0026#39;s troubled history with certificate renewal.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Oregon company makes top bid for Microsoft check - CNET\" rel=\"nofollow\" href=\"https://www.cnet.com/news/oregon-company-makes-top-bid-for-microsoft-check/\"\u003eOregon company makes top bid for Microsoft check - CNET\u003c/a\u003e\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"Microsoft’s failures to renew: Teams, Hotmail, and Hotmail.co.uk | Ars Technica\" rel=\"nofollow\" href=\"https://arstechnica.com/gadgets/2020/02/yesterdays-multi-hour-teams-outage-was-due-to-an-expired-ssl-certificate/\"\u003eMicrosoft’s failures to renew: Teams, Hotmail, and Hotmail.co.uk | Ars Technica\u003c/a\u003e\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"Microsoft Teams goes down after Microsoft forgot to renew a certificate - The Verge\" rel=\"nofollow\" href=\"https://www.theverge.com/2020/2/3/21120248/microsoft-teams-down-outage-certificate-issue-status\"\u003eMicrosoft Teams goes down after Microsoft forgot to renew a certificate - The Verge\u003c/a\u003e\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"Browser review: Microsoft’s new “Edgium” Chromium-based Edge | Ars Technica\" rel=\"nofollow\" href=\"https://arstechnica.com/gadgets/2020/01/browser-review-microsofts-new-edgium-chromium-based-edge/\"\u003eBrowser review: Microsoft’s new “Edgium” Chromium-based Edge | Ars Technica\u003c/a\u003e\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"Linus Torvalds pulled WireGuard VPN into the 5.6 kernel source tree | Ars Technica\" rel=\"nofollow\" href=\"https://arstechnica.com/gadgets/2020/01/linus-torvalds-pulled-wireguard-vpn-into-the-5-6-kernel-source-tree/\"\u003eLinus Torvalds pulled WireGuard VPN into the 5.6 kernel source tree | Ars Technica\u003c/a\u003e\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"Ubuntu 20.04 LTS Adds WireGuard Support - Phoronix\" rel=\"nofollow\" href=\"https://www.phoronix.com/scan.php?page=news_item\u0026amp;px=Ubuntu-20.04-Adds-WireGuard\"\u003eUbuntu 20.04 LTS Adds WireGuard Support - Phoronix\u003c/a\u003e\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"Multipath TCP Support Is Working Its Upstream - First Bits Landing With Linux 5.6 - Phoronix\" rel=\"nofollow\" href=\"https://www.phoronix.com/scan.php?page=news_item\u0026amp;px=Linux-5.6-Starts-Multipath-TCP\"\u003eMultipath TCP Support Is Working Its Upstream - First Bits Landing With Linux 5.6 - Phoronix\u003c/a\u003e\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"MultiPath TCP - Linux Kernel implementation\" rel=\"nofollow\" href=\"https://www.multipath-tcp.org/\"\u003eMultiPath TCP - Linux Kernel implementation\u003c/a\u003e\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"Upstreaming multipath TCP\" rel=\"nofollow\" href=\"https://lwn.net/Articles/800501/\"\u003eUpstreaming multipath TCP\u003c/a\u003e\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"LPC2019 - Multipath TCP Upstreaming - YouTube\" rel=\"nofollow\" href=\"https://www.youtube.com/watch?v=Y64n_R14GtI\"\u003eLPC2019 - Multipath TCP Upstreaming - YouTube\u003c/a\u003e\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"LPC2019 - Multipath TCP Upstreaming - Slides\" rel=\"nofollow\" href=\"https://linuxplumbersconf.org/event/4/contributions/435/attachments/247/438/LPC2019-Upstreaming-MPTCP-slides.pdf\"\u003eLPC2019 - Multipath TCP Upstreaming - Slides\u003c/a\u003e\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"LPC2019 - Multipath TCP Upstreaming - Paper\" rel=\"nofollow\" href=\"https://linuxplumbersconf.org/event/4/contributions/435/attachments/246/428/LPC2019-Upstreaming-MPTCP-paper.pdf\"\u003eLPC2019 - Multipath TCP Upstreaming - Paper\u003c/a\u003e\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"Using MultiPath TCP to enhance home networks\" rel=\"nofollow\" href=\"https://www.sajalkayan.com/post/fun-with-mptcp.html\"\u003eUsing MultiPath TCP to enhance home networks\u003c/a\u003e\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"Linux 5.6 Crypto Getting AVX/AVX2/AVX-512 Optimized Poly1305\" rel=\"nofollow\" href=\"https://www.phoronix.com/scan.php?page=news_item\u0026amp;px=Linux-5.6-Crypto-AVX-Poly1305\"\u003eLinux 5.6 Crypto Getting AVX/AVX2/AVX-512 Optimized Poly1305\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Poly1305\" rel=\"nofollow\" href=\"https://en.wikipedia.org/wiki/Poly1305\"\u003ePoly1305\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"CacheOut\" rel=\"nofollow\" href=\"https://cacheoutattack.com/\"\u003eCacheOut\u003c/a\u003e\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"CacheOut Paper\" rel=\"nofollow\" href=\"https://cacheoutattack.com/CacheOut.pdf\"\u003eCacheOut Paper\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Intel Responds to ZombieLoad and CacheOut Attacks | Tom\u0026#39;s Hardware\" rel=\"nofollow\" href=\"https://www.tomshardware.com/news/intel-responds-to-zombieload-and-cacheout-attacks\"\u003eIntel Responds to ZombieLoad and CacheOut Attacks | Tom\u0026#39;s Hardware\u003c/a\u003e\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"New CacheOut Attack Targets Intel CPUs, Leaks Data From VMs And Secure Enclave\" rel=\"nofollow\" href=\"https://hothardware.com/news/cacheout-attack-intel-cpus-leaks-data-vms-secure-enclave\"\u003eNew CacheOut Attack Targets Intel CPUs, Leaks Data From VMs And Secure Enclave\u003c/a\u003e\n\u003c/li\u003e\u003c/ul\u003e","summary":"We take a look at a few exciting features coming to Linux kernel 5.6, including the first steps to multipath TCP.","date_published":"2020-02-07T00:15:00.000-08:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/7c9cef4d-3995-411c-9613-8e74e8156f5a.mp3","mime_type":"audio/mp3","size_in_bytes":17013783,"duration_in_seconds":1417}]},{"id":"34f7722c-c7da-4f86-a8f9-14e67de6d899","title":"421: Firewall Fun","url":"https://techsnap.systems/421","content_text":"We explore the latest round of Windows vulnerabilities and Jim shares his journey adding OPNsense to his firewall family. \n\nPlus a look back at Apollo-era audio that's still relevant today with the surprising story of the Quindar tones.Links:Critical Vulnerabilities in Microsoft Windows Operating Systems\nWin10 Crypto Vulnerability: Cheating in Elliptic Curve Billiards 2\nNSA discovers a serious flaw in Windows 10\nExploiting CVE-2020-0601\nCVE-2020-0601 POC\nNSA Cybersecurity Advisory on CryptoAPI Flaw\nWhy can’t I get to the internet on my new OPNsense install?! - Jim's Blog\nOPNsense: a true open source security platform and more\nThere's An Actual Name And Reason For Those Beeps You Hear In Recordings Of Astronauts In Space\nQuindar Tones\nCap'n Crunch Whistle and the Secrets of the Little Blue Box\n","content_html":"\u003cp\u003eWe explore the latest round of Windows vulnerabilities and Jim shares his journey adding OPNsense to his firewall family. \u003c/p\u003e\n\n\u003cp\u003ePlus a look back at Apollo-era audio that\u0026#39;s still relevant today with the surprising story of the Quindar tones.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Critical Vulnerabilities in Microsoft Windows Operating Systems\" rel=\"nofollow\" href=\"https://www.us-cert.gov/ncas/alerts/aa20-014a\"\u003eCritical Vulnerabilities in Microsoft Windows Operating Systems\u003c/a\u003e\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"Win10 Crypto Vulnerability: Cheating in Elliptic Curve Billiards 2\" rel=\"nofollow\" href=\"https://medium.com/zengo/win10-crypto-vulnerability-cheating-in-elliptic-curve-billiards-2-69b45f2dcab6\"\u003eWin10 Crypto Vulnerability: Cheating in Elliptic Curve Billiards 2\u003c/a\u003e\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"NSA discovers a serious flaw in Windows 10\" rel=\"nofollow\" href=\"https://betanews.com/2020/01/14/nsa-discovers-a-serious-flaw-in-windows-10/\"\u003eNSA discovers a serious flaw in Windows 10\u003c/a\u003e\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"Exploiting CVE-2020-0601\" rel=\"nofollow\" href=\"https://blog.sean-wright.com/exploiting-cve-2020-0601/\"\u003eExploiting CVE-2020-0601\u003c/a\u003e\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"CVE-2020-0601 POC\" rel=\"nofollow\" href=\"https://github.com/ollypwn/cve-2020-0601\"\u003eCVE-2020-0601 POC\u003c/a\u003e\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"NSA Cybersecurity Advisory on CryptoAPI Flaw\" rel=\"nofollow\" href=\"https://media.defense.gov/2020/Jan/14/2002234275/-1/-1/0/CSA-WINDOWS-10-CRYPT-LIB-20190114.PDF\"\u003eNSA Cybersecurity Advisory on CryptoAPI Flaw\u003c/a\u003e\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"Why can’t I get to the internet on my new OPNsense install?! - Jim\u0026#39;s Blog\" rel=\"nofollow\" href=\"https://jrs-s.net/2020/01/19/why-cant-i-get-to-the-internet-on-my-new-opnsense-install/\"\u003eWhy can’t I get to the internet on my new OPNsense install?! - Jim\u0026#39;s Blog\u003c/a\u003e\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"OPNsense: a true open source security platform and more\" rel=\"nofollow\" href=\"https://opnsense.org\"\u003eOPNsense: a true open source security platform and more\u003c/a\u003e\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"There\u0026#39;s An Actual Name And Reason For Those Beeps You Hear In Recordings Of Astronauts In Space\" rel=\"nofollow\" href=\"https://jalopnik.com/theres-an-actual-name-and-reason-for-those-beeps-you-he-1841024797\"\u003eThere\u0026#39;s An Actual Name And Reason For Those Beeps You Hear In Recordings Of Astronauts In Space\u003c/a\u003e\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"Quindar Tones\" rel=\"nofollow\" href=\"https://www.hq.nasa.gov/alsj/quindar.html\"\u003eQuindar Tones\u003c/a\u003e\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"Cap\u0026#39;n Crunch Whistle and the Secrets of the Little Blue Box\" rel=\"nofollow\" href=\"https://telephone-museum.org/telephone-collections/capn-crunch-bosun-whistle/\"\u003eCap\u0026#39;n Crunch Whistle and the Secrets of the Little Blue Box\u003c/a\u003e\n\u003c/li\u003e\u003c/ul\u003e","summary":"We explore the latest round of Windows vulnerabilities and Jim shares his journey adding OPNsense to his firewall family. ","date_published":"2020-01-24T00:15:00.000-08:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/34f7722c-c7da-4f86-a8f9-14e67de6d899.mp3","mime_type":"audio/mp3","size_in_bytes":18463600,"duration_in_seconds":1509}]},{"id":"00154604-0b9c-480c-9fe2-2fba4ed8420a","title":"420: Choose Your Own Compiler","url":"https://techsnap.systems/420","content_text":"Compiling the Linux kernel with Clang has never been easier, so we explore this alternative compiler and what it brings to the ecosystem.\n\nPlus Debian's continued init system debate, and our frustrations over 5G reporting.Links:5G Underwhelms in Its First Big Test - WSJHow South Korea built 5G, and what it's learning - RCR Wireless NewsAfter seven months, here’s what South Korea can teach us about 5G - CNASouth Korea secures 4 million 5G subscribers | ZDNetDebian Developers Take To Voting Over Init System DiversityDebian GR ResultsGeneral Resolution: Init systems and systemdRinging In 2020 By Clang’ing The Linux 5.5 Kernel - Benchmarks Of GCC vs. Clang Built KernelsUsing LLVM Clang To Compile The Linux Kernel Is Heating Up Again Thanks To GoogleBuilding the kernel with Clang - LWNClangBuiltLinuxCompiling the Linux kernel with LLVM tools (FOSDEM 2019)","content_html":"\u003cp\u003eCompiling the Linux kernel with Clang has never been easier, so we explore this alternative compiler and what it brings to the ecosystem.\u003c/p\u003e\n\n\u003cp\u003ePlus Debian\u0026#39;s continued init system debate, and our frustrations over 5G reporting.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"5G Underwhelms in Its First Big Test - WSJ\" rel=\"nofollow\" href=\"https://www.wsj.com/articles/5g-underwhelms-in-its-first-big-test-11577788203\"\u003e5G Underwhelms in Its First Big Test - WSJ\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"How South Korea built 5G, and what it\u0026#39;s learning - RCR Wireless News\" rel=\"nofollow\" href=\"https://www.rcrwireless.com/20190912/5g/how-south-korea-built-5g-and-what-its-learning\"\u003eHow South Korea built 5G, and what it\u0026#39;s learning - RCR Wireless News\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"After seven months, here’s what South Korea can teach us about 5G - CNA\" rel=\"nofollow\" href=\"https://www.channelnewsasia.com/news/cnainsider/what-south-korea-first-country-launch-5g-network-can-teach-us-12056726\"\u003eAfter seven months, here’s what South Korea can teach us about 5G - CNA\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"South Korea secures 4 million 5G subscribers | ZDNet\" rel=\"nofollow\" href=\"https://www.zdnet.com/article/south-korea-secures-4-million-5g-subscribers/\"\u003eSouth Korea secures 4 million 5G subscribers | ZDNet\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Debian Developers Take To Voting Over Init System Diversity\" rel=\"nofollow\" href=\"https://www.phoronix.com/scan.php?page=news_item\u0026amp;px=Debian-Init-Diversity-Vote\"\u003eDebian Developers Take To Voting Over Init System Diversity\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Debian GR Results\" rel=\"nofollow\" href=\"https://vote.debian.org/~secretary/gr_initsystems/results.txt\"\u003eDebian GR Results\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"General Resolution: Init systems and systemd\" rel=\"nofollow\" href=\"https://www.debian.org/vote/2019/vote_002\"\u003eGeneral Resolution: Init systems and systemd\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Ringing In 2020 By Clang’ing The Linux 5.5 Kernel - Benchmarks Of GCC vs. Clang Built Kernels\" rel=\"nofollow\" href=\"https://www.phoronix.com/scan.php?page=article\u0026amp;item=linux-55-clang\u0026amp;num=1\"\u003eRinging In 2020 By Clang’ing The Linux 5.5 Kernel - Benchmarks Of GCC vs. Clang Built Kernels\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Using LLVM Clang To Compile The Linux Kernel Is Heating Up Again Thanks To Google\" rel=\"nofollow\" href=\"https://www.phoronix.com/scan.php?page=news_item\u0026amp;px=Google-2019-Clang-Kernel\"\u003eUsing LLVM Clang To Compile The Linux Kernel Is Heating Up Again Thanks To Google\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Building the kernel with Clang - LWN\" rel=\"nofollow\" href=\"https://lwn.net/Articles/734071/\"\u003eBuilding the kernel with Clang - LWN\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"ClangBuiltLinux\" rel=\"nofollow\" href=\"https://clangbuiltlinux.github.io\"\u003eClangBuiltLinux\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Compiling the Linux kernel with LLVM tools (FOSDEM 2019)\" rel=\"nofollow\" href=\"https://archive.fosdem.org/2019/schedule/event/llvm_kernel/\"\u003eCompiling the Linux kernel with LLVM tools (FOSDEM 2019)\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Compiling the Linux kernel with Clang has never been easier, so we explore this alternative compiler and what it brings to the ecosystem.","date_published":"2020-01-10T00:15:00.000-08:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/00154604-0b9c-480c-9fe2-2fba4ed8420a.mp3","mime_type":"audio/mp3","size_in_bytes":17409694,"duration_in_seconds":1450}]},{"id":"9a06579c-89cb-4562-a2bc-09199c6790f5","title":"419: Nebulous Networking","url":"https://techsnap.systems/419","content_text":"From classifying cats to colorizing old photos we share our top tips and tools for starting your machine learning journey. Plus, learn why Nebula is our favorite new VPN technology, and how it can help simplify and secure your network.Links:Introducing Nebula, the open source global overlay network from Slack\nnebula: A scalable overlay networking tool with a focus on performance, simplicity and security\r\nNebula VPN routes between hosts privately, flexibly, and efficiently\r\nHow to set up your own Nebula mesh VPN, step by step\r\nLINUX Unplugged 329: Flat Network Truthers\nCloudy with a chance of neurons: The tools that make neural networks work\r\nWelcome To Colaboratory\r\nImageColorizer Notebook\r\nDeOldify: A Deep Learning based project for colorizing and restoring old images (and video!)","content_html":"\u003cp\u003eFrom classifying cats to colorizing old photos we share our top tips and tools for starting your machine learning journey. Plus, learn why Nebula is our favorite new VPN technology, and how it can help simplify and secure your network.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Introducing Nebula, the open source global overlay network from Slack\" rel=\"nofollow\" href=\"https://slack.engineering/introducing-nebula-the-open-source-global-overlay-network-from-slack-884110a5579\"\u003eIntroducing Nebula, the open source global overlay network from Slack\u003c/a\u003e\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"nebula: A scalable overlay networking tool with a focus on performance, simplicity and security\" rel=\"nofollow\" href=\"https://github.com/slackhq/nebula\"\u003enebula: A scalable overlay networking tool with a focus on performance, simplicity and security\u003c/a\u003e\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"Nebula VPN routes between hosts privately, flexibly, and efficiently\" rel=\"nofollow\" href=\"https://arstechnica.com/gadgets/2019/12/nebula-vpn-routes-between-hosts-privately-flexibly-and-efficiently/\"\u003eNebula VPN routes between hosts privately, flexibly, and efficiently\u003c/a\u003e\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"How to set up your own Nebula mesh VPN, step by step\" rel=\"nofollow\" href=\"https://arstechnica.com/gadgets/2019/12/how-to-set-up-your-own-nebula-mesh-vpn-step-by-step/\"\u003eHow to set up your own Nebula mesh VPN, step by step\u003c/a\u003e\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"LINUX Unplugged 329: Flat Network Truthers\" rel=\"nofollow\" href=\"https://linuxunplugged.com/329\"\u003eLINUX Unplugged 329: Flat Network Truthers\u003c/a\u003e\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"Cloudy with a chance of neurons: The tools that make neural networks work\" rel=\"nofollow\" href=\"https://arstechnica.com/gadgets/2019/12/so-you-want-to-build-a-neural-network-the-cloud-can-help-with-that/\"\u003eCloudy with a chance of neurons: The tools that make neural networks work\u003c/a\u003e\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"Welcome To Colaboratory\" rel=\"nofollow\" href=\"https://colab.research.google.com/notebooks/welcome.ipynb\"\u003eWelcome To Colaboratory\u003c/a\u003e\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"ImageColorizer Notebook\" rel=\"nofollow\" href=\"https://colab.research.google.com/github/jantic/DeOldify/blob/master/ImageColorizerColab.ipynb\"\u003eImageColorizer Notebook\u003c/a\u003e\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"DeOldify: A Deep Learning based project for colorizing and restoring old images (and video!)\" rel=\"nofollow\" href=\"https://github.com/jantic/DeOldify\"\u003eDeOldify: A Deep Learning based project for colorizing and restoring old images (and video!)\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"From classifying cats to colorizing old photos we share our top tips and tools for starting your machine learning journey. Plus, learn why Nebula is our favorite new VPN technology, and how it can help simplify and secure your network.","date_published":"2019-12-27T00:15:00.000-08:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/9a06579c-89cb-4562-a2bc-09199c6790f5.mp3","mime_type":"audio/mpeg","size_in_bytes":24506008,"duration_in_seconds":2013}]},{"id":"2af0a57c-a88d-4aaa-9998-2b77110900c4","title":"418: 5G Fundamentals","url":"https://techsnap.systems/418","content_text":"As the rollout of 5G finally arrives, we take some time to explain the fundamentals of the next generation of wireless technology.\n\nPlus the surprising performance of eero's mesh Wi-Fi, some great news for WireGuard, and an update on the Librem 5.Links:T-Mobile launches 600MHz 5G across the US, but no one can use it yetStudy confirms AT\u0026amp;T’s fake 5G E network is no faster than Verizon, T-Mobile or Sprint 4G5G on the horizon: Here’s what it is and what’s comingCan 5G replace everybody’s home broadband?The Snapdragon 865 will make phones worse in 2020, thanks to mandatory 5GLibrem 5 backers have begun receiving their Linux phonesAmazon’s inexpensive Eero mesh Wi-Fi kit is shockingly goodWireGuard VPN is a step closer to mainstream adoption","content_html":"\u003cp\u003eAs the rollout of 5G finally arrives, we take some time to explain the fundamentals of the next generation of wireless technology.\u003c/p\u003e\n\n\u003cp\u003ePlus the surprising performance of eero\u0026#39;s mesh Wi-Fi, some great news for WireGuard, and an update on the Librem 5.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"T-Mobile launches 600MHz 5G across the US, but no one can use it yet\" rel=\"nofollow\" href=\"https://www.theverge.com/2019/12/2/20991566/tmobile-nationwide-5g-600mhz-launch-samsung-oneplus\"\u003eT-Mobile launches 600MHz 5G across the US, but no one can use it yet\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Study confirms AT\u0026amp;T’s fake 5G E network is no faster than Verizon, T-Mobile or Sprint 4G\" rel=\"nofollow\" href=\"https://www.theverge.com/2019/3/22/18277484/att-fake-5g-e-network-lte-study\"\u003eStudy confirms AT\u0026amp;T’s fake 5G E network is no faster than Verizon, T-Mobile or Sprint 4G\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"5G on the horizon: Here’s what it is and what’s coming\" rel=\"nofollow\" href=\"https://arstechnica.com/information-technology/2019/12/5g-wont-change-everything-or-at-least-probably-not-your-things/\"\u003e5G on the horizon: Here’s what it is and what’s coming\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Can 5G replace everybody’s home broadband?\" rel=\"nofollow\" href=\"https://arstechnica.com/information-technology/2019/12/5g-as-a-home-broadband-replacement-isnt-a-slam-dunk-yet-but-it-might-be-soon/\"\u003eCan 5G replace everybody’s home broadband?\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"The Snapdragon 865 will make phones worse in 2020, thanks to mandatory 5G\" rel=\"nofollow\" href=\"https://arstechnica.com/gadgets/2019/12/qualcomms-new-snapdragon-865-is-a-step-backwards-for-smartphone-design/\"\u003eThe Snapdragon 865 will make phones worse in 2020, thanks to mandatory 5G\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Librem 5 backers have begun receiving their Linux phones\" rel=\"nofollow\" href=\"https://arstechnica.com/gadgets/2019/12/librem-5-backers-receiving-their-linux-phones/\"\u003eLibrem 5 backers have begun receiving their Linux phones\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Amazon’s inexpensive Eero mesh Wi-Fi kit is shockingly good\" rel=\"nofollow\" href=\"https://arstechnica.com/gadgets/2019/12/amazons-inexpensive-eero-mesh-wi-fi-kit-is-shockingly-good/\"\u003eAmazon’s inexpensive Eero mesh Wi-Fi kit is shockingly good\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"WireGuard VPN is a step closer to mainstream adoption\" rel=\"nofollow\" href=\"https://arstechnica.com/gadgets/2019/12/wireguard-vpn-is-a-step-closer-to-mainstream-adoption/\"\u003eWireGuard VPN is a step closer to mainstream adoption\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"As the rollout of 5G finally arrives, we take some time to explain the fundamentals of the next generation of wireless technology.","date_published":"2019-12-13T00:15:00.000-08:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/2af0a57c-a88d-4aaa-9998-2b77110900c4.mp3","mime_type":"audio/mp3","size_in_bytes":24524196,"duration_in_seconds":2043}]},{"id":"88c620a6-0b1c-4698-aac4-ac757b632286","title":"417: Machine Learning Magic","url":"https://techsnap.systems/417","content_text":"We explore the rapid adoption of machine learning, its impact on computer architecture, and how to avoid AI snake oil.\n\nPlus so-so SSD security, and a new wireless protocol that works best where the Wi-Fi sucks.Links:“Where the Wi-Fi sucks” is where a new wireless protocol does its magic\r\nUbiquiti’s new “Amplifi Alien” is a mesh-capable Wi-Fi 6 router\r\nSelf-encrypting deception: weaknesses in the encryption of solid state drives\r\nSecurely erase a solid-state drive\r\nSolid state drive/Memory cell clearing - ArchWiki\r\nThe Deep Learning Revolution and Its Implications for Computer Architecture and Chip Design\r\nIntel Core i9-10980XE—a step forward for AI, a step back for everything else\r\nHow to recognize AI snake oil\r\n","content_html":"\u003cp\u003eWe explore the rapid adoption of machine learning, its impact on computer architecture, and how to avoid AI snake oil.\u003c/p\u003e\n\n\u003cp\u003ePlus so-so SSD security, and a new wireless protocol that works best where the Wi-Fi sucks.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"“Where the Wi-Fi sucks” is where a new wireless protocol does its magic\" rel=\"nofollow\" href=\"https://arstechnica.com/gadgets/2019/11/where-the-wi-fi-sucks-is-where-a-new-wireless-protocol-does-its-magic/\"\u003e“Where the Wi-Fi sucks” is where a new wireless protocol does its magic\u003c/a\u003e\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"Ubiquiti’s new “Amplifi Alien” is a mesh-capable Wi-Fi 6 router\" rel=\"nofollow\" href=\"https://arstechnica.com/gadgets/2019/11/ubiquitis-new-amplifi-alien-is-a-mesh-capable-wi-fi-6-router/\"\u003eUbiquiti’s new “Amplifi Alien” is a mesh-capable Wi-Fi 6 router\u003c/a\u003e\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"Self-encrypting deception: weaknesses in the encryption of solid state drives\" rel=\"nofollow\" href=\"https://www.ieee-security.org/TC/SP2019/papers/310.pdf\"\u003eSelf-encrypting deception: weaknesses in the encryption of solid state drives\u003c/a\u003e\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"Securely erase a solid-state drive\" rel=\"nofollow\" href=\"https://kb.iu.edu/d/aiut\"\u003eSecurely erase a solid-state drive\u003c/a\u003e\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"Solid state drive/Memory cell clearing - ArchWiki\" rel=\"nofollow\" href=\"https://wiki.archlinux.org/index.php/Solid_state_drive/Memory_cell_clearing\"\u003eSolid state drive/Memory cell clearing - ArchWiki\u003c/a\u003e\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"The Deep Learning Revolution and Its Implications for Computer Architecture and Chip Design\" rel=\"nofollow\" href=\"https://arxiv.org/abs/1911.05289\"\u003eThe Deep Learning Revolution and Its Implications for Computer Architecture and Chip Design\u003c/a\u003e\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"Intel Core i9-10980XE—a step forward for AI, a step back for everything else\" rel=\"nofollow\" href=\"https://arstechnica.com/gadgets/2019/11/intel-core-i9-10980xe-a-step-forward-for-ai-a-step-back-for-everything-else/\"\u003eIntel Core i9-10980XE—a step forward for AI, a step back for everything else\u003c/a\u003e\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"How to recognize AI snake oil\" rel=\"nofollow\" href=\"https://www.cs.princeton.edu/~arvindn/talks/MIT-STS-AI-snakeoil.pdf\"\u003eHow to recognize AI snake oil\u003c/a\u003e\r\n\u003c/li\u003e\u003c/ul\u003e","summary":"We explore the rapid adoption of machine learning, its impact on computer architecture, and how to avoid AI snake oil.","date_published":"2019-11-29T00:15:00.000-08:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/88c620a6-0b1c-4698-aac4-ac757b632286.mp3","mime_type":"audio/mp3","size_in_bytes":19052274,"duration_in_seconds":1587}]},{"id":"e38f2c78-c42c-4c73-b785-322cbeb33552","title":"416: I.T. Phone Home","url":"https://techsnap.systems/416","content_text":"Ubiquiti's troublesome new telemetry, Jim's take on the modern Microsoft, and why Project Silica just might be the future of long term storage.Links:Sure, we made your Wi-Fi routers phone home with telemetry, says Ubiquiti. What of it? — Ubiquiti Networks is fending off customer complaints after emitting a firmware update that caused its UniFi wireless routers to quietly phone HQ with telemetry.UI official: urgent, please answer | Ubiquiti Community\nUpdate: UniFi Phone Home/Performance Data Collection | Ubiquiti Community\nPossible example data\nLatest firmware with changes\nMicrosoft’s Project Silica offers robust thousand-year storage | Ars Technica — Silica aims to replace both tape and optical archival discs as the media of choice for large-scale, (very) long duration cold storage.Project Silica\r\nThe Future of Data Storage\r\nMicrosoft Ignite 2019\r\nMicrosoft Edge is coming to Linux. But will anybody use it? | Ars Technica — At Microsoft Ignite a slide announced that Microsoft's project to rebase its perennially unloved Edge browser on Google's open source project Chromium is well underway. Sharper-eyed attendees also noticed a promise for future Linux support.Has Microsoft Changed?\r\nThis isn’t your father’s Microsoft\n","content_html":"\u003cp\u003eUbiquiti\u0026#39;s troublesome new telemetry, Jim\u0026#39;s take on the modern Microsoft, and why Project Silica just might be the future of long term storage.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Sure, we made your Wi-Fi routers phone home with telemetry, says Ubiquiti. What of it?\" rel=\"nofollow\" href=\"https://www.theregister.co.uk/2019/11/07/ubiquiti_networks_phone_home/\"\u003eSure, we made your Wi-Fi routers phone home with telemetry, says Ubiquiti. What of it?\u003c/a\u003e \u0026mdash; Ubiquiti Networks is fending off customer complaints after emitting a firmware update that caused its UniFi wireless routers to quietly phone HQ with telemetry.\u003c/li\u003e\u003cli\u003e\u003ca title=\"UI official: urgent, please answer | Ubiquiti Community\" rel=\"nofollow\" href=\"https://community.ui.com/questions/UI-official-urgent-please-answer/14259289-e4c3-4c5e-aaa0-02a5baa6cbbe?page=11\"\u003eUI official: urgent, please answer | Ubiquiti Community\u003c/a\u003e\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"Update: UniFi Phone Home/Performance Data Collection | Ubiquiti Community\" rel=\"nofollow\" href=\"https://community.ui.com/questions/Update-UniFi-Phone-Home-Performance-Data-Collection/f84a71c9-0b81-4d69-a3b3-45640aba1c8b\"\u003eUpdate: UniFi Phone Home/Performance Data Collection | Ubiquiti Community\u003c/a\u003e\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"Possible example data\" rel=\"nofollow\" href=\"https://community.ui.com/questions/UI-official-urgent-please-answer/14259289-e4c3-4c5e-aaa0-02a5baa6cbbe#answer/2eca7d3f-5824-43ae-bd1d-fe6a18af1c79\"\u003ePossible example data\u003c/a\u003e\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"Latest firmware with changes\" rel=\"nofollow\" href=\"https://community.ui.com/releases/UAP-USW-Firmware-4-0-69-10871/245e428c-d111-4b9d-a550-ec0cc86ef646\"\u003eLatest firmware with changes\u003c/a\u003e\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"Microsoft’s Project Silica offers robust thousand-year storage | Ars Technica\" rel=\"nofollow\" href=\"https://arstechnica.com/gadgets/2019/11/microsofts-project-silica-offers-robust-thousand-year-storage/\"\u003eMicrosoft’s Project Silica offers robust thousand-year storage | Ars Technica\u003c/a\u003e \u0026mdash; Silica aims to replace both tape and optical archival discs as the media of choice for large-scale, (very) long duration cold storage.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Project Silica\" rel=\"nofollow\" href=\"https://www.microsoft.com/en-us/research/uploads/prod/2018/07/hotstorage18-paper-anderson.pdf\"\u003eProject Silica\u003c/a\u003e\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"The Future of Data Storage\" rel=\"nofollow\" href=\"https://cacm.acm.org/magazines/2019/4/235573-the-future-of-data-storage/fulltext?mobile=false\"\u003eThe Future of Data Storage\u003c/a\u003e\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"Microsoft Ignite 2019\" rel=\"nofollow\" href=\"https://news.microsoft.com/ignite2019/\"\u003eMicrosoft Ignite 2019\u003c/a\u003e\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"Microsoft Edge is coming to Linux. But will anybody use it? | Ars Technica\" rel=\"nofollow\" href=\"https://arstechnica.com/gadgets/2019/11/microsoft-edge-is-coming-to-linux-but-will-anybody-use-it/\"\u003eMicrosoft Edge is coming to Linux. But will anybody use it? | Ars Technica\u003c/a\u003e \u0026mdash; At Microsoft Ignite a slide announced that Microsoft's project to rebase its perennially unloved Edge browser on Google's open source project Chromium is well underway. Sharper-eyed attendees also noticed a promise for future Linux support.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Has Microsoft Changed?\" rel=\"nofollow\" href=\"https://medium.com/@wtfmitchel/has-microsoft-changed-431db9d1d153\"\u003eHas Microsoft Changed?\u003c/a\u003e\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"This isn’t your father’s Microsoft\" rel=\"nofollow\" href=\"http://sawers.com/blog/this-isnt-your-fathers-microsoft/\"\u003eThis isn’t your father’s Microsoft\u003c/a\u003e\n\u003c/li\u003e\u003c/ul\u003e","summary":"Ubiquiti's troublesome new telemetry, Jim's take on the modern Microsoft, and why Project Silica just might be the future of long term storage.","date_published":"2019-11-15T00:15:00.000-08:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/e38f2c78-c42c-4c73-b785-322cbeb33552.mp3","mime_type":"audio/mp3","size_in_bytes":20112427,"duration_in_seconds":1676}]},{"id":"876a69f9-340a-4bc9-bfaa-be87b35ac4c9","title":"415: It's All About IOPS","url":"https://techsnap.systems/415","content_text":"We share our simple approach to disk benchmarking and explain why you should always test your pain points.\n\nPlus the basics of solid state disks and how to evaluate which model is right for you.Links:History of hard disk drives — WikipediaHow to Buy the Right SSD: A Guide for 2019  — Tom's HardwareThe Development and History of Solid State Drives (SSDs)Understanding IOPS, latency and storage performanceFIO cheat sheet — Jim's Blog","content_html":"\u003cp\u003eWe share our simple approach to disk benchmarking and explain why you should always test your pain points.\u003c/p\u003e\n\n\u003cp\u003ePlus the basics of solid state disks and how to evaluate which model is right for you.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"History of hard disk drives\" rel=\"nofollow\" href=\"https://en.wikipedia.org/wiki/History_of_hard_disk_drives\"\u003eHistory of hard disk drives\u003c/a\u003e \u0026mdash; Wikipedia\u003c/li\u003e\u003cli\u003e\u003ca title=\"How to Buy the Right SSD: A Guide for 2019 \" rel=\"nofollow\" href=\"https://www.tomshardware.com/reviews/ssd-buying-guide,5602.html\"\u003eHow to Buy the Right SSD: A Guide for 2019 \u003c/a\u003e \u0026mdash; Tom's Hardware\u003c/li\u003e\u003cli\u003e\u003ca title=\"The Development and History of Solid State Drives (SSDs)\" rel=\"nofollow\" href=\"https://www.semiconductorstore.com/blog/2014/The-Development-and-History-of-Solid-State-Drives-SSDs/854/\"\u003eThe Development and History of Solid State Drives (SSDs)\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Understanding IOPS, latency and storage performance\" rel=\"nofollow\" href=\"https://louwrentius.com/understanding-iops-latency-and-storage-performance.html\"\u003eUnderstanding IOPS, latency and storage performance\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"FIO cheat sheet\" rel=\"nofollow\" href=\"https://jrs-s.net/2015/11/23/fio-cheat-sheet/\"\u003eFIO cheat sheet\u003c/a\u003e \u0026mdash; Jim's Blog\u003c/li\u003e\u003c/ul\u003e","summary":"We share our simple approach to disk benchmarking and explain why you should always test your pain points.","date_published":"2019-11-01T00:15:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/876a69f9-340a-4bc9-bfaa-be87b35ac4c9.mp3","mime_type":"audio/mp3","size_in_bytes":24837038,"duration_in_seconds":2069}]},{"id":"890ebb60-fe73-476d-bd48-1bcb93c016ba","title":"414: Rooting for ZFS","url":"https://techsnap.systems/414","content_text":"We dive into Ubuntu 19.10's experimental ZFS installer and share our tips for making the most of ZFS on root. \n\nPlus why you may want to skip Nest Wifi, and our latest explorations of long range wireless protocols.Links:Decoding LoRa: Realizing a Modern LPWAN with SDR — LoRa is an emerging Low Power Wide Area Network (LPWAN), a type of wireless communication technology suitable for connecting low\r\npower embedded devices over long ranges. This paper details the modulation and encoding elements that comprise the LoRa PHY, the structure of which is the result of the author’s recent blind analysis of the protocol. It also introduces grlora, an open source software defined implementation of the PHY that will empower wireless developers and security researchers to investigate this nascent protocol.Nest Wifi announced at Made by Google 2019 | Ars Technica — Google says that a two-piece Nest Wifi kit—one Nest Router and one Nest Point—should cover up to 3,800 square feet and 85% of homes. This claim, like most arbitrary claims of Wi-Fi coverage with no real detail, should be taken with several grains of salt.\r\n\r\nTP-LINK EAP series Business Wi-Fi Solution — The EAP Series Business Wi-Fi Solution incorporates EAP Series hardware, which provides a smooth, reliable wireless internet experience, and a powerful centralized management platform. Bloody Stupid Johnson | Discworld Wiki — Although evidently able in certain fields, Johnson is notorious for his complete inability to produce anything according to specification or common sense, or (sometimes) even the laws of physics. A Quick Look At EXT4 vs. ZFS Performance On Ubuntu 19.10 With An NVMe SSD — For those thinking of playing with Ubuntu 19.10's new experimental ZFS desktop install option in opting for using ZFS On Linux in place of EXT4 as the root file-system, here are some quick benchmarks looking at the out-of-the-box performance of ZFS/ZoL vs. EXT4 on Ubuntu 19.10 using a common NVMe solid-state drive.\r\n\r\nubuntu/zsys: zsys daemon and client for zfs systems — It allows running multiple ZFS systems in parallel on the same machine, get automated snapshots, managing complex zfs dataset layouts separating user data from system and persistent data, and more.\r\n\r\nUbuntu ZFS support in 19.10: ZFS on root · ~DidRocks — We are shipping ZFS On Linux version 0.8.1, with features like native encryption, trimming support, checkpoints, raw encrypted zfs transmissions, project accounting and quota and a lot of performance enhancements.Ubuntu ZFS support in 19.10: introduction · ~DidRocks — We want to support ZFS on root as an experimental installer option, initially for desktop, but keeping the layout extensible for server later on.A detailed look at Ubuntu’s new experimental ZFS installer | Ars Technica — If you're new to the ZFS hype train, you might wonder why a new filesystem option in an OS installer is a big deal. So here's a quick explanation: ZFS is a copy-on-write filesystem, which can take atomic snapshots of entire filesystems. ","content_html":"\u003cp\u003eWe dive into Ubuntu 19.10\u0026#39;s experimental ZFS installer and share our tips for making the most of ZFS on root. \u003c/p\u003e\n\n\u003cp\u003ePlus why you may want to skip Nest Wifi, and our latest explorations of long range wireless protocols.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Decoding LoRa: Realizing a Modern LPWAN with SDR\" rel=\"nofollow\" href=\"https://pdfs.semanticscholar.org/710d/417a93fa65e30941ee337dbc49ce238871f0.pdf\"\u003eDecoding LoRa: Realizing a Modern LPWAN with SDR\u003c/a\u003e \u0026mdash; LoRa is an emerging Low Power Wide Area Network (LPWAN), a type of wireless communication technology suitable for connecting low\r\npower embedded devices over long ranges. This paper details the modulation and encoding elements that comprise the LoRa PHY, the structure of which is the result of the author’s recent blind analysis of the protocol. It also introduces grlora, an open source software defined implementation of the PHY that will empower wireless developers and security researchers to investigate this nascent protocol.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Nest Wifi announced at Made by Google 2019 | Ars Technica\" rel=\"nofollow\" href=\"https://arstechnica.com/gadgets/2019/10/nest-wi-fi-announced-at-made-by-google-2019-today/\"\u003eNest Wifi announced at Made by Google 2019 | Ars Technica\u003c/a\u003e \u0026mdash; Google says that a two-piece Nest Wifi kit—one Nest Router and one Nest Point—should cover up to 3,800 square feet and 85% of homes. This claim, like most arbitrary claims of Wi-Fi coverage with no real detail, should be taken with several grains of salt.\r\n\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"TP-LINK EAP series Business Wi-Fi Solution\" rel=\"nofollow\" href=\"https://www.tp-link.com/common/Promo/en/WiFi-Solution/default.html\"\u003eTP-LINK EAP series Business Wi-Fi Solution\u003c/a\u003e \u0026mdash; The EAP Series Business Wi-Fi Solution incorporates EAP Series hardware, which provides a smooth, reliable wireless internet experience, and a powerful centralized management platform. \u003c/li\u003e\u003cli\u003e\u003ca title=\"Bloody Stupid Johnson | Discworld Wiki\" rel=\"nofollow\" href=\"https://discworld.fandom.com/wiki/Bloody_Stupid_Johnson\"\u003eBloody Stupid Johnson | Discworld Wiki\u003c/a\u003e \u0026mdash; Although evidently able in certain fields, Johnson is notorious for his complete inability to produce anything according to specification or common sense, or (sometimes) even the laws of physics. \u003c/li\u003e\u003cli\u003e\u003ca title=\"A Quick Look At EXT4 vs. ZFS Performance On Ubuntu 19.10 With An NVMe SSD\" rel=\"nofollow\" href=\"https://www.phoronix.com/scan.php?page=article\u0026amp;item=ubuntu1910-ext4-zfs\u0026amp;num=1\"\u003eA Quick Look At EXT4 vs. ZFS Performance On Ubuntu 19.10 With An NVMe SSD\u003c/a\u003e \u0026mdash; For those thinking of playing with Ubuntu 19.10's new experimental ZFS desktop install option in opting for using ZFS On Linux in place of EXT4 as the root file-system, here are some quick benchmarks looking at the out-of-the-box performance of ZFS/ZoL vs. EXT4 on Ubuntu 19.10 using a common NVMe solid-state drive.\r\n\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"ubuntu/zsys: zsys daemon and client for zfs systems\" rel=\"nofollow\" href=\"https://github.com/ubuntu/zsys\"\u003eubuntu/zsys: zsys daemon and client for zfs systems\u003c/a\u003e \u0026mdash; It allows running multiple ZFS systems in parallel on the same machine, get automated snapshots, managing complex zfs dataset layouts separating user data from system and persistent data, and more.\r\n\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"Ubuntu ZFS support in 19.10: ZFS on root · ~DidRocks\" rel=\"nofollow\" href=\"https://didrocks.fr/2019/10/11/ubuntu-zfs-support-in-19.10-zfs-on-root/\"\u003eUbuntu ZFS support in 19.10: ZFS on root · ~DidRocks\u003c/a\u003e \u0026mdash; We are shipping ZFS On Linux version 0.8.1, with features like native encryption, trimming support, checkpoints, raw encrypted zfs transmissions, project accounting and quota and a lot of performance enhancements.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Ubuntu ZFS support in 19.10: introduction · ~DidRocks\" rel=\"nofollow\" href=\"https://didrocks.fr/2019/08/06/ubuntu-zfs-support-in-19.10-introduction/\"\u003eUbuntu ZFS support in 19.10: introduction · ~DidRocks\u003c/a\u003e \u0026mdash; We want to support ZFS on root as an experimental installer option, initially for desktop, but keeping the layout extensible for server later on.\u003c/li\u003e\u003cli\u003e\u003ca title=\"A detailed look at Ubuntu’s new experimental ZFS installer | Ars Technica\" rel=\"nofollow\" href=\"https://arstechnica.com/information-technology/2019/10/a-detailed-look-at-ubuntus-new-experimental-zfs-installer/\"\u003eA detailed look at Ubuntu’s new experimental ZFS installer | Ars Technica\u003c/a\u003e \u0026mdash; If you're new to the ZFS hype train, you might wonder why a new filesystem option in an OS installer is a big deal. So here's a quick explanation: ZFS is a copy-on-write filesystem, which can take atomic snapshots of entire filesystems. \u003c/li\u003e\u003c/ul\u003e","summary":"We dive into Ubuntu 19.10's experimental ZFS installer and share our tips for making the most of ZFS on root. ","date_published":"2019-10-18T04:15:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/890ebb60-fe73-476d-bd48-1bcb93c016ba.mp3","mime_type":"audio/mp3","size_in_bytes":30566945,"duration_in_seconds":2547}]},{"id":"2c022259-3aec-490f-b2e3-0560336bafce","title":"413: The Coffee Shop Problem","url":"https://techsnap.systems/413","content_text":"We peer into the future with a quick look at quantum supremacy, debate the latest DNS over HTTPS drama, and jump through the hoops of HTTP/3.\n\nPlus when to use WARP, the secrets of Startpage, and the latest Ryzen release. Links:Why big ISPs aren’t happy about Google’s plans for encrypted DNS\r\nChromium Blog: Experimenting with same-provider DNS-over-HTTPS upgradeHow to enable DNS-over-HTTPS (DoH) in Google ChromeWhat’s next in making Encrypted DNS-over-HTTPS the Default - Future ReleasesWARP is here\r\nThe Technical Challenges of Building Cloudflare WARPmmproxy - Creative Linux routing to preserve client IP addresses in L7 proxiesHTTP/3: the past, the present, and the future\r\nCloudflare, Google Chrome, and Firefox add HTTP/3 support | ZDNetQUIC ImplementationsStartpage.com - The world's most private search engineGoogle extends support lifespan for seven Lenovo Chromebooks to 2025\r\nGoogle’s Quantum Supremacy Announcement Shouldn't Be a Surprise\r\nScott’s Supreme Quantum Supremacy FAQAMD Ryzen Pro 3000 series desktop CPUs will offer full RAM encryption | Ars Technica\r\n","content_html":"\u003cp\u003eWe peer into the future with a quick look at quantum supremacy, debate the latest DNS over HTTPS drama, and jump through the hoops of HTTP/3.\u003c/p\u003e\n\n\u003cp\u003ePlus when to use WARP, the secrets of Startpage, and the latest Ryzen release. \u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Why big ISPs aren’t happy about Google’s plans for encrypted DNS\" rel=\"nofollow\" href=\"https://arstechnica.com/tech-policy/2019/09/isps-worry-a-new-chrome-feature-will-stop-them-from-spying-on-you/\"\u003eWhy big ISPs aren’t happy about Google’s plans for encrypted DNS\u003c/a\u003e\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"Chromium Blog: Experimenting with same-provider DNS-over-HTTPS upgrade\" rel=\"nofollow\" href=\"https://blog.chromium.org/2019/09/experimenting-with-same-provider-dns.html\"\u003eChromium Blog: Experimenting with same-provider DNS-over-HTTPS upgrade\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"How to enable DNS-over-HTTPS (DoH) in Google Chrome\" rel=\"nofollow\" href=\"https://www.zdnet.com/article/how-to-enable-dns-over-https-doh-in-google-chrome/\"\u003eHow to enable DNS-over-HTTPS (DoH) in Google Chrome\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"What’s next in making Encrypted DNS-over-HTTPS the Default - Future Releases\" rel=\"nofollow\" href=\"https://blog.mozilla.org/futurereleases/2019/09/06/whats-next-in-making-dns-over-https-the-default/\"\u003eWhat’s next in making Encrypted DNS-over-HTTPS the Default - Future Releases\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"WARP is here\" rel=\"nofollow\" href=\"https://blog.cloudflare.com/announcing-warp-plus/\"\u003eWARP is here\u003c/a\u003e\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"The Technical Challenges of Building Cloudflare WARP\" rel=\"nofollow\" href=\"https://blog.cloudflare.com/warp-technical-challenges/\"\u003eThe Technical Challenges of Building Cloudflare WARP\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"mmproxy - Creative Linux routing to preserve client IP addresses in L7 proxies\" rel=\"nofollow\" href=\"https://blog.cloudflare.com/mmproxy-creative-way-of-preserving-client-ips-in-spectrum/\"\u003emmproxy - Creative Linux routing to preserve client IP addresses in L7 proxies\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"HTTP/3: the past, the present, and the future\" rel=\"nofollow\" href=\"https://blog.cloudflare.com/http3-the-past-present-and-future/\"\u003eHTTP/3: the past, the present, and the future\u003c/a\u003e\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"Cloudflare, Google Chrome, and Firefox add HTTP/3 support | ZDNet\" rel=\"nofollow\" href=\"https://www.zdnet.com/article/cloudflare-google-chrome-and-firefox-add-http3-support/\"\u003eCloudflare, Google Chrome, and Firefox add HTTP/3 support | ZDNet\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"QUIC Implementations\" rel=\"nofollow\" href=\"https://github.com/quicwg/base-drafts/wiki/Implementations\"\u003eQUIC Implementations\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Startpage.com - The world\u0026#39;s most private search engine\" rel=\"nofollow\" href=\"https://www.startpage.com/en/\"\u003eStartpage.com - The world\u0026#39;s most private search engine\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Google extends support lifespan for seven Lenovo Chromebooks to 2025\" rel=\"nofollow\" href=\"https://www.androidpolice.com/2019/09/25/lenovo-chromebook-update-support-expire/\"\u003eGoogle extends support lifespan for seven Lenovo Chromebooks to 2025\u003c/a\u003e\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"Google’s Quantum Supremacy Announcement Shouldn\u0026#39;t Be a Surprise\" rel=\"nofollow\" href=\"https://gizmodo.com/google-s-quantum-supremacy-announcement-shouldnt-be-a-s-1838357278\"\u003eGoogle’s Quantum Supremacy Announcement Shouldn\u0026#39;t Be a Surprise\u003c/a\u003e\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"Scott’s Supreme Quantum Supremacy FAQ\" rel=\"nofollow\" href=\"https://www.scottaaronson.com/blog/?p=4317\"\u003eScott’s Supreme Quantum Supremacy FAQ\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"AMD Ryzen Pro 3000 series desktop CPUs will offer full RAM encryption | Ars Technica\" rel=\"nofollow\" href=\"https://arstechnica.com/gadgets/2019/10/amd-ryzen-pro-3000-series-desktop-cpus-will-offer-full-ram-encryption/\"\u003eAMD Ryzen Pro 3000 series desktop CPUs will offer full RAM encryption | Ars Technica\u003c/a\u003e\r\n\u003c/li\u003e\u003c/ul\u003e","summary":"We peer into the future with a quick look at quantum supremacy, debate the latest DNS over HTTPS drama, and jump through the hoops of HTTP/3.\r\n","date_published":"2019-10-04T00:15:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/2c022259-3aec-490f-b2e3-0560336bafce.mp3","mime_type":"audio/mp3","size_in_bytes":23110449,"duration_in_seconds":1925}]},{"id":"d6b4d1e4-a600-45ff-bad6-5d1cd032a4af","title":"412: Too Good To Be True","url":"https://techsnap.systems/412","content_text":"It's TechSNAP story time as we head out into the field with Jim and put Sure-Fi technology to the test.\n\nPlus an update on Wifi 6, an enlightening Chromebook bug, and some not-quite-quantum key distribution.Links:RF Chirp tech: Long distance, incredible penetration, low bandwidth | Ars Technica — Recently, I took the company's technology for a spin with a pair of hand-held demo communicators about the size of a kid's walkie-talkie. They don't do much—just light up with a signal strength reading on both devices, whenever a transmit button on either is pressed—but that's enough to get a good indication of whether the tech will work to solve a given problem.Wi-Fi 6 Is Officially Here: Certification Program Begins — Finally, along with the launch of the certification program itself, the Wi-Fi Alliance has already certified its first dozen devices. Say hello to 802.11ax: Wi-Fi 6 device certification begins today | Ars Technica — Today, the Wi-Fi Alliance launched its Wi-Fi Certified 6 program, which means that the standard has been completely finalized, and device manufacturers and OEMs can begin the process of having the organization certify their products to carry the Wi-Fi 6 branding.\r\nSomeone sent us 21 more pictures of the leaked Pixel 4 XL - The VergeiPhone 11, iPhone 11 Pro, and iPhone 11 Pro Max: Hands-on with Apple’s new phones | Ars TechnicaSome Chromebooks mistakenly declared themselves end-of-life last week | Ars Technica — A lot of Chromebook and Chromebox users don't realize this, but all ChromeOS devices have an expiration date. Google's original policy was for devices to be supported for five years, but the company has recently extended that time to 6.5 years.\r\n\r\nLINUX Unplugged 318: Manjaro Levels UpFear the Man in the Middle? This company wants to sell quantum key distribution | Ars TechnicaGentle intro to Quantum Key Distribution (QKD) – Lahiru MadushankaThe Super-Secure Quantum Cable Hiding in the Holland Tunnel - Bloomberg —  Banks and governments are testing quantum key distribution technology to guard their closest secrets.Quantum Key Distribution - QKD — This paper provides an overview of quantum key distribution targeted towards the computer science community. A brief description of the relevant principles from quantum mechanics is provided before surveying the most prominent quantum key distribution protocols present in the literature.TechSNAP 403: Keeping Systems SimpleLinux Headlines — Linux and open source headlines every weekday, in under 3 minutes.\r\n\r\n","content_html":"\u003cp\u003eIt\u0026#39;s TechSNAP story time as we head out into the field with Jim and put Sure-Fi technology to the test.\u003c/p\u003e\n\n\u003cp\u003ePlus an update on Wifi 6, an enlightening Chromebook bug, and some not-quite-quantum key distribution.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"RF Chirp tech: Long distance, incredible penetration, low bandwidth | Ars Technica\" rel=\"nofollow\" href=\"https://arstechnica.com/gadgets/2019/09/rf-chirp-tech-long-distance-incredible-penetration-low-bandwidth/\"\u003eRF Chirp tech: Long distance, incredible penetration, low bandwidth | Ars Technica\u003c/a\u003e \u0026mdash; Recently, I took the company's technology for a spin with a pair of hand-held demo communicators about the size of a kid's walkie-talkie. They don't do much—just light up with a signal strength reading on both devices, whenever a transmit button on either is pressed—but that's enough to get a good indication of whether the tech will work to solve a given problem.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Wi-Fi 6 Is Officially Here: Certification Program Begins\" rel=\"nofollow\" href=\"https://www.anandtech.com/show/14875/wifi-6-is-officially-here-certification-program-begins\"\u003eWi-Fi 6 Is Officially Here: Certification Program Begins\u003c/a\u003e \u0026mdash; Finally, along with the launch of the certification program itself, the Wi-Fi Alliance has already certified its first dozen devices. \u003c/li\u003e\u003cli\u003e\u003ca title=\"Say hello to 802.11ax: Wi-Fi 6 device certification begins today | Ars Technica\" rel=\"nofollow\" href=\"https://arstechnica.com/gadgets/2019/09/say-hello-to-802-11ax-wi-fi-6-device-certification-begins-today/\"\u003eSay hello to 802.11ax: Wi-Fi 6 device certification begins today | Ars Technica\u003c/a\u003e \u0026mdash; Today, the Wi-Fi Alliance launched its Wi-Fi Certified 6 program, which means that the standard has been completely finalized, and device manufacturers and OEMs can begin the process of having the organization certify their products to carry the Wi-Fi 6 branding.\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"Someone sent us 21 more pictures of the leaked Pixel 4 XL - The Verge\" rel=\"nofollow\" href=\"https://www.theverge.com/2019/9/14/20865699/pixel-4-xl-leaked-photos-camera-specs\"\u003eSomeone sent us 21 more pictures of the leaked Pixel 4 XL - The Verge\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"iPhone 11, iPhone 11 Pro, and iPhone 11 Pro Max: Hands-on with Apple’s new phones | Ars Technica\" rel=\"nofollow\" href=\"https://arstechnica.com/gadgets/2019/09/iphone-11-iphone-11-pro-and-iphone-11-pro-max-hands-on-with-apples-new-phones/\"\u003eiPhone 11, iPhone 11 Pro, and iPhone 11 Pro Max: Hands-on with Apple’s new phones | Ars Technica\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Some Chromebooks mistakenly declared themselves end-of-life last week | Ars Technica\" rel=\"nofollow\" href=\"https://arstechnica.com/gadgets/2019/09/some-chromebooks-mistakenly-declared-themselves-end-of-life-last-week/\"\u003eSome Chromebooks mistakenly declared themselves end-of-life last week | Ars Technica\u003c/a\u003e \u0026mdash; A lot of Chromebook and Chromebox users don't realize this, but all ChromeOS devices have an expiration date. Google's original policy was for devices to be supported for five years, but the company has recently extended that time to 6.5 years.\r\n\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"LINUX Unplugged 318: Manjaro Levels Up\" rel=\"nofollow\" href=\"https://linuxunplugged.com/318\"\u003eLINUX Unplugged 318: Manjaro Levels Up\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Fear the Man in the Middle? This company wants to sell quantum key distribution | Ars Technica\" rel=\"nofollow\" href=\"https://arstechnica.com/gadgets/2019/04/fear-the-man-in-the-middle-this-company-wants-to-sell-quantum-key-distribution/\"\u003eFear the Man in the Middle? This company wants to sell quantum key distribution | Ars Technica\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Gentle intro to Quantum Key Distribution (QKD) – Lahiru Madushanka\" rel=\"nofollow\" href=\"https://lahirumadushankablog.wordpress.com/2017/10/01/gentle-intro-to-quantum-key-distribution-qkd/\"\u003eGentle intro to Quantum Key Distribution (QKD) – Lahiru Madushanka\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"The Super-Secure Quantum Cable Hiding in the Holland Tunnel - Bloomberg\" rel=\"nofollow\" href=\"https://www.bloomberg.com/news/articles/2019-01-14/the-super-secure-quantum-cable-hiding-in-the-holland-tunnel\"\u003eThe Super-Secure Quantum Cable Hiding in the Holland Tunnel - Bloomberg\u003c/a\u003e \u0026mdash;  Banks and governments are testing quantum key distribution technology to guard their closest secrets.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Quantum Key Distribution - QKD\" rel=\"nofollow\" href=\"https://www.cse.wustl.edu/~jain/cse571-07/ftp/quantum/\"\u003eQuantum Key Distribution - QKD\u003c/a\u003e \u0026mdash; This paper provides an overview of quantum key distribution targeted towards the computer science community. A brief description of the relevant principles from quantum mechanics is provided before surveying the most prominent quantum key distribution protocols present in the literature.\u003c/li\u003e\u003cli\u003e\u003ca title=\"TechSNAP 403: Keeping Systems Simple\" rel=\"nofollow\" href=\"https://techsnap.systems/403\"\u003eTechSNAP 403: Keeping Systems Simple\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Linux Headlines\" rel=\"nofollow\" href=\"https://linuxheadlines.show/\"\u003eLinux Headlines\u003c/a\u003e \u0026mdash; Linux and open source headlines every weekday, in under 3 minutes.\r\n\r\n\u003c/li\u003e\u003c/ul\u003e","summary":"It's TechSNAP story time as we head out into the field with Jim and put Sure-Fi technology to the test.","date_published":"2019-09-20T00:15:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/d6b4d1e4-a600-45ff-bad6-5d1cd032a4af.mp3","mime_type":"audio/mp3","size_in_bytes":24913525,"duration_in_seconds":2076}]},{"id":"b9fd8f0e-82a3-44bb-b373-eea0ac62412d","title":"411: Mobile Security Mistakes","url":"https://techsnap.systems/411","content_text":"We take a look at a few recent zero-day vulnerabilities for iOS and Android and find targeted attacks, bad assumptions, and changing markets.\n\nPlus what to expect from USB4 and an upcoming Linux scheduler speed-up for AMD's Epyc CPUs.Links:Google says hackers have put ‘monitoring implants’ in iPhones for years | Technology | The Guardian — Their location was uploaded every minute; their device’s keychain, containing all their passwords, was uploaded, as were their chat histories on popular apps including WhatsApp, Telegram and iMessage, their address book, and their Gmail database.Project Zero: A very deep dive into iOS Exploit chains found in the wild — We discovered exploits for a total of fourteen vulnerabilities across the five exploit chains: seven for the iPhone’s web browser, five for the kernel and two separate sandbox escapes. Project Zero: In-the-wild iOS Exploit Chain 1 — This exploit provides evidence that these exploit chains were likely written contemporaneously with their supported iOS versions; that is, the exploit techniques which were used suggest that this exploit was written around the time of iOS 10. This suggests that this group had a capability against a fully patched iPhone for at least two years.  Project Zero: In-the-wild iOS Exploit Chain 3 — It’s difficult to understand how this error could be introduced into a core IPC library that shipped to end users. While errors are common in software development, a serious one like this should have quickly been found by a unit test, code review or even fuzzing. Project Zero: JSC Exploits — In this post, we will take a look at the WebKit exploits used to gain an initial foothold onto the iOS device and stage the privilege escalation exploits. All exploits here achieve shellcode execution inside the sandboxed renderer process (WebContent) on iOS.Project Zero: Implant Teardown — There is no visual indicator on the device that the implant is running. There's no way for a user on iOS to view a process listing, so the implant binary makes no attempt to hide its execution from the system. The implant is primarily focused on stealing files and uploading live location data. The implant requests commands from a command and control server every 60 seconds.The implant has access to all the database files (on the victim’s phone) used by popular end-to-end encryption apps like Whatsapp, Telegram and iMessage.iPhone Hackers Caught By Google Also Targeted Android And Microsoft Windows, Say Sources — Multiple sources with knowledge of the situation said that Google’s own Android operating system and Microsoft Windows PCs were also targeted in a campaign that sought to infect the computers and smartphones of the Uighur ethnic group in China.Google's Shocking Decision To Ignore A Critical Android Vulnerability In Latest Security Update — Despite immediately acknowledging the vulnerability and confirming in June that it will be fixed, Google had not provided an estimated time frame for the patch.Android Zero-Day Bug Opens Door to Privilege Escalation Attack, Researchers Warn | Threatpost — “In the unlikely event an attacker succeeds in exploiting this bug, they would effectively have complete control over the target device,” he told Threatpost. Once an attacker obtains escalated privileges, “it means they could completely take over a device if they can convince a user to install and run their application,”Why 'Zero Day' Android Hacking Now Costs More Than iOS Attacks | WIRED — \"During the last few months, we have observed an increase in the number of iOS exploits, mostly Safari and iMessage chains, being developed and sold by researchers from all around the world. The zero-day market is so flooded by iOS exploits that we've recently started refusing some them\"Linux 5.4 Kernel To Bring Improved Load Balancing On AMD EPYC Servers — The scheduler topology improvement by SUSE's Matt Fleming changes the behavior as currently it turns out for EPYC hardware the kernel has failed to properly load balance across NUMA nodes on different sockets. USB4 is coming soon and will (mostly) unify USB and Thunderbolt | Ars Technica — The USB Implementers Forum published the official USB4 protocol specification. If your initial reaction was \"oh no, not again,\" don't worry—the new spec is backward-compatible with USB 2 and USB 3, and it uses the same USB Type-C connectors that modern USB 3 devices do.","content_html":"\u003cp\u003eWe take a look at a few recent zero-day vulnerabilities for iOS and Android and find targeted attacks, bad assumptions, and changing markets.\u003c/p\u003e\n\n\u003cp\u003ePlus what to expect from USB4 and an upcoming Linux scheduler speed-up for AMD\u0026#39;s Epyc CPUs.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Google says hackers have put ‘monitoring implants’ in iPhones for years | Technology | The Guardian\" rel=\"nofollow\" href=\"https://www.theguardian.com/technology/2019/aug/30/hackers-monitoring-implants-iphones-google-says\"\u003eGoogle says hackers have put ‘monitoring implants’ in iPhones for years | Technology | The Guardian\u003c/a\u003e \u0026mdash; Their location was uploaded every minute; their device’s keychain, containing all their passwords, was uploaded, as were their chat histories on popular apps including WhatsApp, Telegram and iMessage, their address book, and their Gmail database.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Project Zero: A very deep dive into iOS Exploit chains found in the wild\" rel=\"nofollow\" href=\"https://googleprojectzero.blogspot.com/2019/08/a-very-deep-dive-into-ios-exploit.html\"\u003eProject Zero: A very deep dive into iOS Exploit chains found in the wild\u003c/a\u003e \u0026mdash; We discovered exploits for a total of fourteen vulnerabilities across the five exploit chains: seven for the iPhone’s web browser, five for the kernel and two separate sandbox escapes. \u003c/li\u003e\u003cli\u003e\u003ca title=\"Project Zero: In-the-wild iOS Exploit Chain 1\" rel=\"nofollow\" href=\"https://googleprojectzero.blogspot.com/2019/08/in-wild-ios-exploit-chain-1.html\"\u003eProject Zero: In-the-wild iOS Exploit Chain 1\u003c/a\u003e \u0026mdash; This exploit provides evidence that these exploit chains were likely written contemporaneously with their supported iOS versions; that is, the exploit techniques which were used suggest that this exploit was written around the time of iOS 10. This suggests that this group had a capability against a fully patched iPhone for at least two years.  \u003c/li\u003e\u003cli\u003e\u003ca title=\"Project Zero: In-the-wild iOS Exploit Chain 3\" rel=\"nofollow\" href=\"https://googleprojectzero.blogspot.com/2019/08/in-wild-ios-exploit-chain-3.html\"\u003eProject Zero: In-the-wild iOS Exploit Chain 3\u003c/a\u003e \u0026mdash; It’s difficult to understand how this error could be introduced into a core IPC library that shipped to end users. While errors are common in software development, a serious one like this should have quickly been found by a unit test, code review or even fuzzing. \u003c/li\u003e\u003cli\u003e\u003ca title=\"Project Zero: JSC Exploits\" rel=\"nofollow\" href=\"https://googleprojectzero.blogspot.com/2019/08/jsc-exploits.html\"\u003eProject Zero: JSC Exploits\u003c/a\u003e \u0026mdash; In this post, we will take a look at the WebKit exploits used to gain an initial foothold onto the iOS device and stage the privilege escalation exploits. All exploits here achieve shellcode execution inside the sandboxed renderer process (WebContent) on iOS.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Project Zero: Implant Teardown\" rel=\"nofollow\" href=\"https://googleprojectzero.blogspot.com/2019/08/implant-teardown.html\"\u003eProject Zero: Implant Teardown\u003c/a\u003e \u0026mdash; There is no visual indicator on the device that the implant is running. There's no way for a user on iOS to view a process listing, so the implant binary makes no attempt to hide its execution from the system. The implant is primarily focused on stealing files and uploading live location data. The implant requests commands from a command and control server every 60 seconds.The implant has access to all the database files (on the victim’s phone) used by popular end-to-end encryption apps like Whatsapp, Telegram and iMessage.\u003c/li\u003e\u003cli\u003e\u003ca title=\"iPhone Hackers Caught By Google Also Targeted Android And Microsoft Windows, Say Sources\" rel=\"nofollow\" href=\"https://www.forbes.com/sites/thomasbrewster/2019/09/01/iphone-hackers-caught-by-google-also-targeted-android-and-microsoft-windows-say-sources/#374244a44adf\"\u003eiPhone Hackers Caught By Google Also Targeted Android And Microsoft Windows, Say Sources\u003c/a\u003e \u0026mdash; Multiple sources with knowledge of the situation said that Google’s own Android operating system and Microsoft Windows PCs were also targeted in a campaign that sought to infect the computers and smartphones of the Uighur ethnic group in China.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Google\u0026#39;s Shocking Decision To Ignore A Critical Android Vulnerability In Latest Security Update\" rel=\"nofollow\" href=\"https://www.forbes.com/sites/jeanbaptiste/2019/09/05/googles-shocking-decision-to-ignore-a-critical-android-vulnerability-in-its-latest-security-update/#5fa2487213bb\"\u003eGoogle\u0026#39;s Shocking Decision To Ignore A Critical Android Vulnerability In Latest Security Update\u003c/a\u003e \u0026mdash; Despite immediately acknowledging the vulnerability and confirming in June that it will be fixed, Google had not provided an estimated time frame for the patch.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Android Zero-Day Bug Opens Door to Privilege Escalation Attack, Researchers Warn | Threatpost\" rel=\"nofollow\" href=\"https://threatpost.com/android-zero-day-bug-opens-door-to-privilege-escalation-attack-researchers-warn/148014/\"\u003eAndroid Zero-Day Bug Opens Door to Privilege Escalation Attack, Researchers Warn | Threatpost\u003c/a\u003e \u0026mdash; “In the unlikely event an attacker succeeds in exploiting this bug, they would effectively have complete control over the target device,” he told Threatpost. Once an attacker obtains escalated privileges, “it means they could completely take over a device if they can convince a user to install and run their application,”\u003c/li\u003e\u003cli\u003e\u003ca title=\"Why \u0026#39;Zero Day\u0026#39; Android Hacking Now Costs More Than iOS Attacks | WIRED\" rel=\"nofollow\" href=\"https://www.wired.com/story/android-zero-day-more-than-ios-zerodium/\"\u003eWhy \u0026#39;Zero Day\u0026#39; Android Hacking Now Costs More Than iOS Attacks | WIRED\u003c/a\u003e \u0026mdash; \"During the last few months, we have observed an increase in the number of iOS exploits, mostly Safari and iMessage chains, being developed and sold by researchers from all around the world. The zero-day market is so flooded by iOS exploits that we've recently started refusing some them\"\u003c/li\u003e\u003cli\u003e\u003ca title=\"Linux 5.4 Kernel To Bring Improved Load Balancing On AMD EPYC Servers\" rel=\"nofollow\" href=\"https://www.phoronix.com/scan.php?page=news_item\u0026amp;px=Linux-5.4-Improve-EPYC-Balance\"\u003eLinux 5.4 Kernel To Bring Improved Load Balancing On AMD EPYC Servers\u003c/a\u003e \u0026mdash; The scheduler topology improvement by SUSE's Matt Fleming changes the behavior as currently it turns out for EPYC hardware the kernel has failed to properly load balance across NUMA nodes on different sockets. \u003c/li\u003e\u003cli\u003e\u003ca title=\"USB4 is coming soon and will (mostly) unify USB and Thunderbolt | Ars Technica\" rel=\"nofollow\" href=\"https://arstechnica.com/gadgets/2019/09/usb4-is-coming-soon-and-will-mostly-unify-usb-and-thunderbolt/?comments=1\u0026amp;start=40\"\u003eUSB4 is coming soon and will (mostly) unify USB and Thunderbolt | Ars Technica\u003c/a\u003e \u0026mdash; The USB Implementers Forum published the official USB4 protocol specification. If your initial reaction was \"oh no, not again,\" don't worry—the new spec is backward-compatible with USB 2 and USB 3, and it uses the same USB Type-C connectors that modern USB 3 devices do.\u003c/li\u003e\u003c/ul\u003e","summary":"We take a look at a few recent zero-day vulnerabilities for iOS and Android and find targeted attacks, bad assumptions, and changing markets.","date_published":"2019-09-06T00:15:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/b9fd8f0e-82a3-44bb-b373-eea0ac62412d.mp3","mime_type":"audio/mp3","size_in_bytes":21338406,"duration_in_seconds":1778}]},{"id":"31d2ecad-fd20-405f-bbbe-e2e6bc566e0c","title":"410: Epyc Encryption","url":"https://techsnap.systems/410","content_text":"It's CPU release season and we get excited about AMD's new line of server chips. Plus our take on AMD's approach to memory encryption, and our struggle to make sense of Intel's Comet Lake line.\n\nAlso, a few Windows worms you should know about, the end of the road for EV certs, and an embarrassing new Bluetooth attack.Links:A detailed look at AMD’s new Epyc “Rome” 7nm server CPUs | Ars Technica — The short version of the story is, Epyc \"Rome\" is to the server what Ryzen 3000 was to the desktop—bringing significantly improved IPC, more cores, and better thermal efficiency than either its current-generation Intel equivalents or its first-generation Epyc predecessors.AMD Rome Second Generation EPYC Review: 2x 64-core Benchmarked — Ever since the Opteron days, AMD's market share has been rounded to zero percent, and with its first generation of EPYC processors using its new Zen microarchitecture, that number skipped up a small handful of points, but everyone has been waiting with bated breath for the second swing at the ball. AMD's Rome platform solves the concerns that first gen Naples had, plus this CPU family is designed to do many things: a new CPU microarchitecture on 7nm, offer up to 64 cores, offer 128 lanes of PCIe 4.0, offer 8 memory channels, and offer a unified memory architecture based on chiplets. AMD EPYC Rome Still Conquering Cascadelake Even Without Mitigations - Phoronix — Out of curiosity, I've run some unmitigated benchmarks for the various relevant CPU speculative execution vulnerabilities on both the Intel Xeon Platinum 8280 Cascadelake and AMD EPYC 7742 Rome processors for seeing how the performance differs.Intel’s line of notebook CPUs gets more confusing with 14nm Comet Lake | Ars Technica — Going by Intel's numbers, Comet Lake looks like a competent upgrade to its predecessor Whiskey Lake. The interesting question—and one largely left unanswered by Intel—is why the company has decided to launch a new line of 14nm notebook CPUs less than a month after launching Ice Lake, its first 10nm notebook CPUs.A look at the Windows 10 exploit Google Zero disclosed this week | Ars Technica — On Tuesday, Tavis Ormandy of Google's Project Zero released an exploit kit called ctftool, which uses and abuses Microsoft's Text Services Framework in ways that can effectively get anyone root—er, system that is—on any unpatched Windows 10 system they're able to log in toPatch new wormable vulnerabilities in Remote Desktop Services (CVE-2019-1181/1182) – Microsoft Security Response Center — Today Microsoft released a set of fixes for Remote Desktop Services that include two critical Remote Code Execution (RCE) vulnerabilities, CVE-2019-1181 and CVE-2019-1182. Like the previously-fixed ‘BlueKeep’ vulnerability (CVE-2019-0708), these two vulnerabilities are also ‘wormable’, meaning that any future malware that exploits these could propagate from vulnerable computer to vulnerable computer without user interaction.\r\n\r\nKNOB Attack — TL;DR: The specification of Bluetooth includes an encryption key negotiation protocol that allows to negotiate encryption keys with 1 Byte of entropy without protecting the integrity of the negotiation process. A remote attacker can manipulate the entropy negotiation to let any standard compliant Bluetooth device negotiate encryption keys with 1 byte of entropy and then brute force the low entropy keys in real time.\r\nTroy Hunt: Extended Validation Certificates are (Really, Really) Dead — With both browsers auto-updating for most people, we're about 10 weeks out from no more EV and the vast majority of web users no longer seeing something they didn't even know was there to begin with! Oh sure, you can still drill down into the certificate and see the entity name, but who's really going to do that? You and I, perhaps, but we're not exactly in the meat of the browser demographics.Google wants to reduce lifespan for HTTPS certificates to one year | ZDNet — Scott Helme argues that the security benefits of shorter SSL certificate lifespans have nothing to do with phishing or malware sites, but instead with the SSL certificate revocation process. Helme claims that this process is broken and that bad SSL certificates continue to live on for years after being mississued and revoked.","content_html":"\u003cp\u003eIt\u0026#39;s CPU release season and we get excited about AMD\u0026#39;s new line of server chips. Plus our take on AMD\u0026#39;s approach to memory encryption, and our struggle to make sense of Intel\u0026#39;s Comet Lake line.\u003c/p\u003e\n\n\u003cp\u003eAlso, a few Windows worms you should know about, the end of the road for EV certs, and an embarrassing new Bluetooth attack.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"A detailed look at AMD’s new Epyc “Rome” 7nm server CPUs | Ars Technica\" rel=\"nofollow\" href=\"https://arstechnica.com/gadgets/2019/08/a-detailed-look-at-amds-new-epyc-rome-7nm-server-cpus/\"\u003eA detailed look at AMD’s new Epyc “Rome” 7nm server CPUs | Ars Technica\u003c/a\u003e \u0026mdash; The short version of the story is, Epyc \"Rome\" is to the server what Ryzen 3000 was to the desktop—bringing significantly improved IPC, more cores, and better thermal efficiency than either its current-generation Intel equivalents or its first-generation Epyc predecessors.\u003c/li\u003e\u003cli\u003e\u003ca title=\"AMD Rome Second Generation EPYC Review: 2x 64-core Benchmarked\" rel=\"nofollow\" href=\"https://www.anandtech.com/show/14694/amd-rome-epyc-2nd-gen\"\u003eAMD Rome Second Generation EPYC Review: 2x 64-core Benchmarked\u003c/a\u003e \u0026mdash; Ever since the Opteron days, AMD's market share has been rounded to zero percent, and with its first generation of EPYC processors using its new Zen microarchitecture, that number skipped up a small handful of points, but everyone has been waiting with bated breath for the second swing at the ball. AMD's Rome platform solves the concerns that first gen Naples had, plus this CPU family is designed to do many things: a new CPU microarchitecture on 7nm, offer up to 64 cores, offer 128 lanes of PCIe 4.0, offer 8 memory channels, and offer a unified memory architecture based on chiplets. \u003c/li\u003e\u003cli\u003e\u003ca title=\"AMD EPYC Rome Still Conquering Cascadelake Even Without Mitigations - Phoronix\" rel=\"nofollow\" href=\"https://www.phoronix.com/scan.php?page=article\u0026amp;item=epyc-rome-mitigations\u0026amp;num=1\"\u003eAMD EPYC Rome Still Conquering Cascadelake Even Without Mitigations - Phoronix\u003c/a\u003e \u0026mdash; Out of curiosity, I've run some unmitigated benchmarks for the various relevant CPU speculative execution vulnerabilities on both the Intel Xeon Platinum 8280 Cascadelake and AMD EPYC 7742 Rome processors for seeing how the performance differs.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Intel’s line of notebook CPUs gets more confusing with 14nm Comet Lake | Ars Technica\" rel=\"nofollow\" href=\"https://arstechnica.com/gadgets/2019/08/intels-line-of-notebook-cpus-gets-more-confusing-with-14nm-comet-lake/\"\u003eIntel’s line of notebook CPUs gets more confusing with 14nm Comet Lake | Ars Technica\u003c/a\u003e \u0026mdash; Going by Intel's numbers, Comet Lake looks like a competent upgrade to its predecessor Whiskey Lake. The interesting question—and one largely left unanswered by Intel—is why the company has decided to launch a new line of 14nm notebook CPUs less than a month after launching Ice Lake, its first 10nm notebook CPUs.\u003c/li\u003e\u003cli\u003e\u003ca title=\"A look at the Windows 10 exploit Google Zero disclosed this week | Ars Technica\" rel=\"nofollow\" href=\"https://arstechnica.com/information-technology/2019/08/a-look-at-the-windows-10-exploit-google-zero-disclosed-this-week/\"\u003eA look at the Windows 10 exploit Google Zero disclosed this week | Ars Technica\u003c/a\u003e \u0026mdash; On Tuesday, Tavis Ormandy of Google's Project Zero released an exploit kit called ctftool, which uses and abuses Microsoft's Text Services Framework in ways that can effectively get anyone root—er, system that is—on any unpatched Windows 10 system they're able to log in to\u003c/li\u003e\u003cli\u003e\u003ca title=\"Patch new wormable vulnerabilities in Remote Desktop Services (CVE-2019-1181/1182) – Microsoft Security Response Center\" rel=\"nofollow\" href=\"https://msrc-blog.microsoft.com/2019/08/13/patch-new-wormable-vulnerabilities-in-remote-desktop-services-cve-2019-1181-1182/\"\u003ePatch new wormable vulnerabilities in Remote Desktop Services (CVE-2019-1181/1182) – Microsoft Security Response Center\u003c/a\u003e \u0026mdash; Today Microsoft released a set of fixes for Remote Desktop Services that include two critical Remote Code Execution (RCE) vulnerabilities, CVE-2019-1181 and CVE-2019-1182. Like the previously-fixed ‘BlueKeep’ vulnerability (CVE-2019-0708), these two vulnerabilities are also ‘wormable’, meaning that any future malware that exploits these could propagate from vulnerable computer to vulnerable computer without user interaction.\r\n\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"KNOB Attack\" rel=\"nofollow\" href=\"https://knobattack.com/\"\u003eKNOB Attack\u003c/a\u003e \u0026mdash; TL;DR: The specification of Bluetooth includes an encryption key negotiation protocol that allows to negotiate encryption keys with 1 Byte of entropy without protecting the integrity of the negotiation process. A remote attacker can manipulate the entropy negotiation to let any standard compliant Bluetooth device negotiate encryption keys with 1 byte of entropy and then brute force the low entropy keys in real time.\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"Troy Hunt: Extended Validation Certificates are (Really, Really) Dead\" rel=\"nofollow\" href=\"https://www.troyhunt.com/extended-validation-certificates-are-really-really-dead/\"\u003eTroy Hunt: Extended Validation Certificates are (Really, Really) Dead\u003c/a\u003e \u0026mdash; With both browsers auto-updating for most people, we're about 10 weeks out from no more EV and the vast majority of web users no longer seeing something they didn't even know was there to begin with! Oh sure, you can still drill down into the certificate and see the entity name, but who's really going to do that? You and I, perhaps, but we're not exactly in the meat of the browser demographics.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Google wants to reduce lifespan for HTTPS certificates to one year | ZDNet\" rel=\"nofollow\" href=\"https://www.zdnet.com/article/google-wants-to-reduce-lifespan-for-https-certificates-to-one-year/\"\u003eGoogle wants to reduce lifespan for HTTPS certificates to one year | ZDNet\u003c/a\u003e \u0026mdash; Scott Helme argues that the security benefits of shorter SSL certificate lifespans have nothing to do with phishing or malware sites, but instead with the SSL certificate revocation process. Helme claims that this process is broken and that bad SSL certificates continue to live on for years after being mississued and revoked.\u003c/li\u003e\u003c/ul\u003e","summary":"It's CPU release season and we get excited about AMD's new line of server chips. Plus our take on AMD's approach to memory encryption, and our struggle to make sense of Intel's Comet Lake line.","date_published":"2019-08-23T00:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/31d2ecad-fd20-405f-bbbe-e2e6bc566e0c.mp3","mime_type":"audio/mp3","size_in_bytes":36093724,"duration_in_seconds":3007}]},{"id":"fb83ed86-b76d-4837-ac24-17ceb1f787aa","title":"409: Privacy Perspectives","url":"https://techsnap.systems/409","content_text":"We examine why it's so difficult to protect your privacy online and discuss browser fingerprinting, when to use a VPN, and the limits of private browsing.\n\nPlus Apple's blaring bluetooth beacons and Facebook's worrying plans for WhatsApp.Links:Apple bleee. Everyone knows What Happens on Your iPhone – hexway — If Bluetooth is ON on your Apple device everyone nearby can understand current status of your device, get info about battery, device name, Wi-Fi status, buffer availability, OS version and even get your mobile phone number\r\n\r\nFacebook Plans on Backdooring WhatsApp - Schneier on Security — In Facebook's vision, the actual end-to-end encryption client itself such as WhatsApp will include embedded content moderation and blacklist filtering algorithms. These algorithms will be continually updated from a central cloud service, but will run locally on the user's device, scanning each cleartext message before it is sent and each encrypted message after it is decrypted.\r\n\r\nSignal — Privacy that fits in your pocket.\r\nxkcd: Security — Turns out it's a $5 wrench, even better!Jim Salter on Twitter — I wonder why #privacy wonks aren't talking about browser fingerprinting more frequently? Privacy Badger, Ghostery, etc don't do a damn thing to prevent or mitigate Canvas / WebGL #fingerprinting.\r\nBrowser Fingerprinting: What Is It and What Should You Do About It? - PixelPrivacy — Browser fingerprinting is a powerful method that websites use to collect information about your browser type and version, as well as your operating system, active plugins, timezone, language, screen resolution and various other active settings.Canvas Fingerprinting - BrowserLeaks.com — The technique is based on the fact that the same canvas image may be rendered differently in different computers. This happens for several reasons. At the image format level – web browsers uses different image processing engines, image export options, compression level, the final images may got different checksum even if they are pixel-identical. At the system level – operating systems have different fonts, they use different algorithms and settings for anti-aliasing and sub-pixel rendering.\r\n\r\nWebGL Browser Report - WebGL Fingerprinting - WebGL 2 Test - BrowserLeaks.com — WebGL Browser Report checks WebGL support in your web browser, produce WebGL Device Fingerprinting, and shows the other WebGL and GPU capabilities more or less related web browser identity.\r\n\r\nAmIUnique — Device fingerprinting or browser fingerprinting is the systematic collection of information about a remote device, for identification purposes. Client-side scripting languages allow the development of procedures to collect very rich fingerprints: browser and operating system type and version, screen resolution, architecture type, lists of fonts, plugins, microphone, camera, etc.\r\n\r\nPanopticlick — Panopticlick will analyze how well your browser and add-ons protect you against online tracking techniques. We’ll also see if your system is uniquely configured—and thus identifiable—even if you are using privacy-protective software. However, we only do so with your explicit consent, through the TEST ME button below.\r\n\r\nHow private is your browser’s Private mode? Research into porn suggests “not very” | Ars Technica — This leaves browser fingerprinting as a method to tie your profiles together—and unfortunately, Incognito mode doesn't appear to help. Privacy Tools - Encryption Against Global Mass Surveillance — You are being watched. Private and state-sponsored organizations are monitoring and recording your online activities. privacytools.io provides services, tools and knowledge to protect your privacy against global mass surveillance.\r\n\r\n‘Fingerprinting’ to Track Us Online Is on the Rise. Here’s What to Do. - The New York Times — Fingerprinting involves looking at the many characteristics of your mobile device or computer, like the screen resolution, operating system and model, and triangulating this information to pinpoint and follow you as you browse the web and use apps. Once enough device characteristics are known, the theory goes, the data can be assembled into a profile that helps identify you the way a fingerprint would.Digital 'Fingerprinting' Is The Next Generation Tracking Technology | The Takeaway | WNYC Studios — This growing technology is almost invisible, making it impossible for users to opt-out of the tracking system. As it becomes more popular, tech companies are developing new ways to try and protect consumers from this form of tracking. But is it going to work?\r\n\r\nNew Warning Issued Over Google's Chrome Ad-Blocking Plans — The plans, dubbed Manifest V3, represent a major transformation to Chrome extensions including a revamp of the permissions system. As a result, modern ad blockers such as uBlock Origin—which uses Chrome’s webRequest API to block ads before they’re downloaded–won’t work. Comment on Chrome extension manifest v3 proposal by gorhill — The blocking ability of the webRequest API is still deprecated, and Google Chrome's limited matching algorithm will be the only one possible, and with limits dictated by Google employees.\r\n\r\nIt's annoying that they keep saying \"the webRequest API is not deprecated\" as if developers have been worried about this -- and as if they want to drown the real issue in a fabricated one nobody made.CanvasBlockerGhosteryDisconnect","content_html":"\u003cp\u003eWe examine why it\u0026#39;s so difficult to protect your privacy online and discuss browser fingerprinting, when to use a VPN, and the limits of private browsing.\u003c/p\u003e\n\n\u003cp\u003ePlus Apple\u0026#39;s blaring bluetooth beacons and Facebook\u0026#39;s worrying plans for WhatsApp.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Apple bleee. Everyone knows What Happens on Your iPhone – hexway\" rel=\"nofollow\" href=\"https://hexway.io/blog/apple-bleee/\"\u003eApple bleee. Everyone knows What Happens on Your iPhone – hexway\u003c/a\u003e \u0026mdash; If Bluetooth is ON on your Apple device everyone nearby can understand current status of your device, get info about battery, device name, Wi-Fi status, buffer availability, OS version and even get your mobile phone number\r\n\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"Facebook Plans on Backdooring WhatsApp - Schneier on Security\" rel=\"nofollow\" href=\"https://www.schneier.com/blog/archives/2019/08/facebook_plans_.html\"\u003eFacebook Plans on Backdooring WhatsApp - Schneier on Security\u003c/a\u003e \u0026mdash; In Facebook's vision, the actual end-to-end encryption client itself such as WhatsApp will include embedded content moderation and blacklist filtering algorithms. These algorithms will be continually updated from a central cloud service, but will run locally on the user's device, scanning each cleartext message before it is sent and each encrypted message after it is decrypted.\r\n\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"Signal\" rel=\"nofollow\" href=\"https://signal.org/\"\u003eSignal\u003c/a\u003e \u0026mdash; Privacy that fits in your pocket.\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"xkcd: Security\" rel=\"nofollow\" href=\"https://xkcd.com/538/\"\u003exkcd: Security\u003c/a\u003e \u0026mdash; Turns out it's a $5 wrench, even better!\u003c/li\u003e\u003cli\u003e\u003ca title=\"Jim Salter on Twitter\" rel=\"nofollow\" href=\"https://twitter.com/jrssnet/status/1152281183692185600\"\u003eJim Salter on Twitter\u003c/a\u003e \u0026mdash; I wonder why #privacy wonks aren't talking about browser fingerprinting more frequently? Privacy Badger, Ghostery, etc don't do a damn thing to prevent or mitigate Canvas / WebGL #fingerprinting.\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"Browser Fingerprinting: What Is It and What Should You Do About It? - PixelPrivacy\" rel=\"nofollow\" href=\"https://pixelprivacy.com/resources/browser-fingerprinting/\"\u003eBrowser Fingerprinting: What Is It and What Should You Do About It? - PixelPrivacy\u003c/a\u003e \u0026mdash; Browser fingerprinting is a powerful method that websites use to collect information about your browser type and version, as well as your operating system, active plugins, timezone, language, screen resolution and various other active settings.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Canvas Fingerprinting - BrowserLeaks.com\" rel=\"nofollow\" href=\"https://browserleaks.com/canvas\"\u003eCanvas Fingerprinting - BrowserLeaks.com\u003c/a\u003e \u0026mdash; The technique is based on the fact that the same canvas image may be rendered differently in different computers. This happens for several reasons. At the image format level – web browsers uses different image processing engines, image export options, compression level, the final images may got different checksum even if they are pixel-identical. At the system level – operating systems have different fonts, they use different algorithms and settings for anti-aliasing and sub-pixel rendering.\r\n\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"WebGL Browser Report - WebGL Fingerprinting - WebGL 2 Test - BrowserLeaks.com\" rel=\"nofollow\" href=\"https://browserleaks.com/webgl\"\u003eWebGL Browser Report - WebGL Fingerprinting - WebGL 2 Test - BrowserLeaks.com\u003c/a\u003e \u0026mdash; WebGL Browser Report checks WebGL support in your web browser, produce WebGL Device Fingerprinting, and shows the other WebGL and GPU capabilities more or less related web browser identity.\r\n\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"AmIUnique\" rel=\"nofollow\" href=\"https://amiunique.org/faq\"\u003eAmIUnique\u003c/a\u003e \u0026mdash; Device fingerprinting or browser fingerprinting is the systematic collection of information about a remote device, for identification purposes. Client-side scripting languages allow the development of procedures to collect very rich fingerprints: browser and operating system type and version, screen resolution, architecture type, lists of fonts, plugins, microphone, camera, etc.\r\n\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"Panopticlick\" rel=\"nofollow\" href=\"https://panopticlick.eff.org/\"\u003ePanopticlick\u003c/a\u003e \u0026mdash; Panopticlick will analyze how well your browser and add-ons protect you against online tracking techniques. We’ll also see if your system is uniquely configured—and thus identifiable—even if you are using privacy-protective software. However, we only do so with your explicit consent, through the TEST ME button below.\r\n\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"How private is your browser’s Private mode? Research into porn suggests “not very” | Ars Technica\" rel=\"nofollow\" href=\"https://arstechnica.com/tech-policy/2019/07/researchers-investigate-whether-major-advertisers-track-porn-habits-seems-likely/\"\u003eHow private is your browser’s Private mode? Research into porn suggests “not very” | Ars Technica\u003c/a\u003e \u0026mdash; This leaves browser fingerprinting as a method to tie your profiles together—and unfortunately, Incognito mode doesn't appear to help. \u003c/li\u003e\u003cli\u003e\u003ca title=\"Privacy Tools - Encryption Against Global Mass Surveillance\" rel=\"nofollow\" href=\"https://www.privacytools.io/\"\u003ePrivacy Tools - Encryption Against Global Mass Surveillance\u003c/a\u003e \u0026mdash; You are being watched. Private and state-sponsored organizations are monitoring and recording your online activities. privacytools.io provides services, tools and knowledge to protect your privacy against global mass surveillance.\r\n\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"‘Fingerprinting’ to Track Us Online Is on the Rise. Here’s What to Do. - The New York Times\" rel=\"nofollow\" href=\"https://www.nytimes.com/2019/07/03/technology/personaltech/fingerprinting-track-devices-what-to-do.html\"\u003e‘Fingerprinting’ to Track Us Online Is on the Rise. Here’s What to Do. - The New York Times\u003c/a\u003e \u0026mdash; Fingerprinting involves looking at the many characteristics of your mobile device or computer, like the screen resolution, operating system and model, and triangulating this information to pinpoint and follow you as you browse the web and use apps. Once enough device characteristics are known, the theory goes, the data can be assembled into a profile that helps identify you the way a fingerprint would.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Digital \u0026#39;Fingerprinting\u0026#39; Is The Next Generation Tracking Technology | The Takeaway | WNYC Studios\" rel=\"nofollow\" href=\"https://www.wnycstudios.org/story/digital-fingerprinting-next-generation-tracking-technology\"\u003eDigital \u0026#39;Fingerprinting\u0026#39; Is The Next Generation Tracking Technology | The Takeaway | WNYC Studios\u003c/a\u003e \u0026mdash; This growing technology is almost invisible, making it impossible for users to opt-out of the tracking system. As it becomes more popular, tech companies are developing new ways to try and protect consumers from this form of tracking. But is it going to work?\r\n\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"New Warning Issued Over Google\u0026#39;s Chrome Ad-Blocking Plans\" rel=\"nofollow\" href=\"https://www.forbes.com/sites/kateoflahertyuk/2019/08/01/warning-issued-over-google-chrome-ad-blocking-plans/#7b020974219a\"\u003eNew Warning Issued Over Google\u0026#39;s Chrome Ad-Blocking Plans\u003c/a\u003e \u0026mdash; The plans, dubbed Manifest V3, represent a major transformation to Chrome extensions including a revamp of the permissions system. As a result, modern ad blockers such as uBlock Origin—which uses Chrome’s webRequest API to block ads before they’re downloaded–won’t work. \u003c/li\u003e\u003cli\u003e\u003ca title=\"Comment on Chrome extension manifest v3 proposal by gorhill\" rel=\"nofollow\" href=\"https://github.com/uBlockOrigin/uBlock-issues/issues/338#issuecomment-496009417\"\u003eComment on Chrome extension manifest v3 proposal by gorhill\u003c/a\u003e \u0026mdash; The blocking ability of the webRequest API is still deprecated, and Google Chrome's limited matching algorithm will be the only one possible, and with limits dictated by Google employees.\r\n\r\nIt's annoying that they keep saying \"the webRequest API is not deprecated\" as if developers have been worried about this -- and as if they want to drown the real issue in a fabricated one nobody made.\u003c/li\u003e\u003cli\u003e\u003ca title=\"CanvasBlocker\" rel=\"nofollow\" href=\"https://addons.mozilla.org/en-US/firefox/addon/canvasblocker/\"\u003eCanvasBlocker\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Ghostery\" rel=\"nofollow\" href=\"https://www.ghostery.com/\"\u003eGhostery\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Disconnect\" rel=\"nofollow\" href=\"https://disconnect.me/\"\u003eDisconnect\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"We examine why it's so difficult to protect your privacy online and discuss browser fingerprinting, when to use a VPN, and the limits of private browsing.","date_published":"2019-08-09T00:15:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/fb83ed86-b76d-4837-ac24-17ceb1f787aa.mp3","mime_type":"audio/mp3","size_in_bytes":28249466,"duration_in_seconds":2354}]},{"id":"2577b50c-e740-46c8-a75b-14f074cb812a","title":"408: Apollo's ARC","url":"https://techsnap.systems/408","content_text":"We take a look at the amazing abilities of the Apollo Guidance Computer and Jim breaks down everything you need to know about the ZFS ARC. \n\nPlus an update on ZoL SIMD acceleration, your feedback, and an interesting new neuromorphic system from Intel.Links:ZFS On Linux Has Figured Out A Way To Restore SIMD Support On Linux 5.0+ — Those running ZFS On Linux (ZoL) on post-5.0 (and pre-5.0 supported LTS releases) have seen big performance hits to the ZFS encryption performance in particular. That came due to upstream breaking an interface used by ZFS On Linux and admittedly not caring about ZoL due to it being an out-of-tree user. But now several kernel releases later, a workaround has been devised. ZFS On Linux Runs Into A Snag With Linux 5.0NixOS Takes Action After 1.2GB/s ZFS Encryption Speed Drops To 200MB/s With Linux 5.0+ —  A NixOS developer reports that the functions no longer exported by Linux 5.0+ and previously used by ZoL for AVX/AES-NI support end up dropping the ZFS data-set encryption performance to 200MB/s where as pre-5.0 kernels ran around 1.2GB/sLinux 5.0 compat: SIMD compatibility · zfsonlinux/zfs@e5db313 — Restore the SIMD optimization for 4.19.38 LTS, 4.14.120 LTS,\r\nand 5.0 and newer kernels.  This is accomplished by leveraging\r\nthe fact that by definition dedicated kernel threads never need\r\nto concern themselves with saving and restoring the user FPU state.\r\nTherefore, they may use the FPU as long as we can guarantee user\r\ntasks always restore their FPU state before context switching back\r\nto user space.no SIMD acceleration · Issue #8793 · zfsonlinux/zfs — 4.14.x, 4.19.x, 5.x all have no SIMD acceleration, it is like a turtle. very slow.\r\n\r\nChris's Wiki :: ZFS on Linux still has annoying issues with ARC size — One of the frustrating things about operating ZFS on Linux is that the ARC size is critical but ZFS's auto-tuning of it is opaque and apparently prone to malfunctions, where your ARC will mysteriously shrink drastically and then stick there.\r\nSoftware woven into wire, Core rope and the Apollo Guidance Computer — One of the first computers to use integrated circuits, the Apollo Guidance Computer was lightweight enough and small enough to fly in space. An unusual feature that contributed to its small size was core rope memory, a technique of physically weaving software into high-density storage.Virtual Apollo Guidance Computer (AGC) software — Since you are looking at this README file, you are in the \"master\" branch of the repository, which contains source-code transcriptions of the original Project Apollo software for the Apollo Guidance Computer (AGC) and Abort Guidance System (AGS), as well as our software for emulating the AGC, AGS, and some of their peripheral devices (such as the display-keyboard unit, or DSKY).The Underappreciated Power of the Apollo Computer - The Atlantic — Without the computers on board the Apollo spacecraft, there would have been no moon landing, no triumphant first step, no high-water mark for human space travel. A pilot could never have navigated the way to the moon, as if a spaceship were simply a more powerful airplane. The calculations required to make in-flight adjustments and the complexity of the thrust controls outstripped human capacities.Brains scale better than CPUs. So Intel is building brains | Ars Technica — Neuromorphic engineering—building machines that mimic the function of organic brains in hardware as well as software—is becoming more and more prominent. The field has progressed rapidly, from conceptual beginnings in the late 1980s to experimental field programmable neural arrays in 2006, early memristor-powered device proposals in 2012, IBM's TrueNorth NPU in 2014, and Intel's Loihi neuromorphic processor in 2017. Yesterday, Intel broke a little more new ground with the debut of a larger-scale neuromorphic system, Pohoiki Beach, which integrates 64 of its Loihi chips.\r\nDancing Demon - YouTube — Written in 1979 by Leo Christopherson for the Radio Shack TRS-80 Model I computer. This is the best game ever for at that time.","content_html":"\u003cp\u003eWe take a look at the amazing abilities of the Apollo Guidance Computer and Jim breaks down everything you need to know about the ZFS ARC. \u003c/p\u003e\n\n\u003cp\u003ePlus an update on ZoL SIMD acceleration, your feedback, and an interesting new neuromorphic system from Intel.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"ZFS On Linux Has Figured Out A Way To Restore SIMD Support On Linux 5.0+\" rel=\"nofollow\" href=\"https://www.phoronix.com/scan.php?page=news_item\u0026amp;px=ZFS-On-Linux-Restoring-SIMD\"\u003eZFS On Linux Has Figured Out A Way To Restore SIMD Support On Linux 5.0+\u003c/a\u003e \u0026mdash; Those running ZFS On Linux (ZoL) on post-5.0 (and pre-5.0 supported LTS releases) have seen big performance hits to the ZFS encryption performance in particular. That came due to upstream breaking an interface used by ZFS On Linux and admittedly not caring about ZoL due to it being an out-of-tree user. But now several kernel releases later, a workaround has been devised. \u003c/li\u003e\u003cli\u003e\u003ca title=\"ZFS On Linux Runs Into A Snag With Linux 5.0\" rel=\"nofollow\" href=\"https://www.phoronix.com/scan.php?page=news_item\u0026amp;px=ZFS-On-Linux-5.0-Problem\"\u003eZFS On Linux Runs Into A Snag With Linux 5.0\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"NixOS Takes Action After 1.2GB/s ZFS Encryption Speed Drops To 200MB/s With Linux 5.0+\" rel=\"nofollow\" href=\"https://www.phoronix.com/scan.php?page=news_item\u0026amp;px=NixOS-Linux-5.0-ZFS-FPU-Drop\"\u003eNixOS Takes Action After 1.2GB/s ZFS Encryption Speed Drops To 200MB/s With Linux 5.0+\u003c/a\u003e \u0026mdash;  A NixOS developer reports that the functions no longer exported by Linux 5.0+ and previously used by ZoL for AVX/AES-NI support end up dropping the ZFS data-set encryption performance to 200MB/s where as pre-5.0 kernels ran around 1.2GB/s\u003c/li\u003e\u003cli\u003e\u003ca title=\"Linux 5.0 compat: SIMD compatibility · zfsonlinux/zfs@e5db313\" rel=\"nofollow\" href=\"https://github.com/zfsonlinux/zfs/commit/e5db31349484e5e859c7a942eb15b98d68ce5b4d\"\u003eLinux 5.0 compat: SIMD compatibility · zfsonlinux/zfs@e5db313\u003c/a\u003e \u0026mdash; Restore the SIMD optimization for 4.19.38 LTS, 4.14.120 LTS,\r\nand 5.0 and newer kernels.  This is accomplished by leveraging\r\nthe fact that by definition dedicated kernel threads never need\r\nto concern themselves with saving and restoring the user FPU state.\r\nTherefore, they may use the FPU as long as we can guarantee user\r\ntasks always restore their FPU state before context switching back\r\nto user space.\u003c/li\u003e\u003cli\u003e\u003ca title=\"no SIMD acceleration · Issue #8793 · zfsonlinux/zfs\" rel=\"nofollow\" href=\"https://github.com/zfsonlinux/zfs/issues/8793\"\u003eno SIMD acceleration · Issue #8793 · zfsonlinux/zfs\u003c/a\u003e \u0026mdash; 4.14.x, 4.19.x, 5.x all have no SIMD acceleration, it is like a turtle. very slow.\r\n\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"Chris\u0026#39;s Wiki :: ZFS on Linux still has annoying issues with ARC size\" rel=\"nofollow\" href=\"https://utcc.utoronto.ca/~cks/space/blog/linux/ZFSOnLinuxARCShrinkage\"\u003eChris\u0026#39;s Wiki :: ZFS on Linux still has annoying issues with ARC size\u003c/a\u003e \u0026mdash; One of the frustrating things about operating ZFS on Linux is that the ARC size is critical but ZFS's auto-tuning of it is opaque and apparently prone to malfunctions, where your ARC will mysteriously shrink drastically and then stick there.\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"Software woven into wire, Core rope and the Apollo Guidance Computer\" rel=\"nofollow\" href=\"http://www.righto.com/2019/07/software-woven-into-wire-core-rope-and.html\"\u003eSoftware woven into wire, Core rope and the Apollo Guidance Computer\u003c/a\u003e \u0026mdash; One of the first computers to use integrated circuits, the Apollo Guidance Computer was lightweight enough and small enough to fly in space. An unusual feature that contributed to its small size was core rope memory, a technique of physically weaving software into high-density storage.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Virtual Apollo Guidance Computer (AGC) software\" rel=\"nofollow\" href=\"https://github.com/virtualagc/virtualagc\"\u003eVirtual Apollo Guidance Computer (AGC) software\u003c/a\u003e \u0026mdash; Since you are looking at this README file, you are in the \"master\" branch of the repository, which contains source-code transcriptions of the original Project Apollo software for the Apollo Guidance Computer (AGC) and Abort Guidance System (AGS), as well as our software for emulating the AGC, AGS, and some of their peripheral devices (such as the display-keyboard unit, or DSKY).\u003c/li\u003e\u003cli\u003e\u003ca title=\"The Underappreciated Power of the Apollo Computer - The Atlantic\" rel=\"nofollow\" href=\"https://www.theatlantic.com/science/archive/2019/07/underappreciated-power-apollo-computer/594121/\"\u003eThe Underappreciated Power of the Apollo Computer - The Atlantic\u003c/a\u003e \u0026mdash; Without the computers on board the Apollo spacecraft, there would have been no moon landing, no triumphant first step, no high-water mark for human space travel. A pilot could never have navigated the way to the moon, as if a spaceship were simply a more powerful airplane. The calculations required to make in-flight adjustments and the complexity of the thrust controls outstripped human capacities.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Brains scale better than CPUs. So Intel is building brains | Ars Technica\" rel=\"nofollow\" href=\"https://arstechnica.com/science/2019/07/brains-scale-better-than-cpus-so-intel-is-building-brains/\"\u003eBrains scale better than CPUs. So Intel is building brains | Ars Technica\u003c/a\u003e \u0026mdash; Neuromorphic engineering—building machines that mimic the function of organic brains in hardware as well as software—is becoming more and more prominent. The field has progressed rapidly, from conceptual beginnings in the late 1980s to experimental field programmable neural arrays in 2006, early memristor-powered device proposals in 2012, IBM's TrueNorth NPU in 2014, and Intel's Loihi neuromorphic processor in 2017. Yesterday, Intel broke a little more new ground with the debut of a larger-scale neuromorphic system, Pohoiki Beach, which integrates 64 of its Loihi chips.\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"Dancing Demon - YouTube\" rel=\"nofollow\" href=\"https://www.youtube.com/watch?v=6CCJFQ_bP0E\"\u003eDancing Demon - YouTube\u003c/a\u003e \u0026mdash; Written in 1979 by Leo Christopherson for the Radio Shack TRS-80 Model I computer. This is the best game ever for at that time.\u003c/li\u003e\u003c/ul\u003e","summary":"We take a look at the amazing abilities of the Apollo Guidance Computer and Jim breaks down everything you need to know about the ZFS ARC.","date_published":"2019-07-26T00:15:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/2577b50c-e740-46c8-a75b-14f074cb812a.mp3","mime_type":"audio/mp3","size_in_bytes":25365234,"duration_in_seconds":2113}]},{"id":"a442674d-ddd6-471a-ac89-448f1d9a3284","title":"407: Old School Outages","url":"https://techsnap.systems/407","content_text":"Jim shares his Nagios tips and Wes chimes in with some modern tools as we chat monitoring in the wake of some high-profile outages.\n\nPlus we turn our eye to hardware and get excited about the latest Ryzen line from AMD.Links:Third parties confirm AMD’s outstanding Ryzen 3000 numbers | Ars Technica — AMD debuted its new Ryzen 3000 desktop CPU line a few weeks ago at E3, and it looked fantastic. For the first time in 20 years, it looked like AMD could go head to head with Intel's desktop CPU line-up across the board. The question: would independent, third-party testing back up AMD's assertions?The Internet broke today: Facebook, Verizon, and more see major outages | Ars Technica — Last week, Verizon caused a major BGP misroute that took large chunks of the Internet, including CDN company Cloudflare, partially down for a day. This week, the rest of the Internet has apparently asked Verizon to hold its beer.\r\n\r\nIt was a really bad month for the internet | TechCrunch — In the past month there were several major internet outages affecting millions of users across the world. Sites buckled, services broke, images wouldn’t load, direct messages ground to a halt and calendars and email were unavailable for hours at a time.Cloudflare outage caused by bad software deploy (updated) — For about 30 minutes today, visitors to Cloudflare sites received 502 errors caused by a massive spike in CPU utilization on our network. This CPU spike was caused by a bad software deploy that was rolled back.\r\nHow Verizon and a BGP Optimizer Knocked Large Parts of the Internet Offline Today — Today at 10:30UTC, the Internet had a small heart attack. A small company in Northern Pennsylvania became a preferred path of many Internet routes through Verizon (AS701), a major Internet transit provider. Getting started | Prometheus — This guide is a \"Hello World\"-style tutorial which shows how to install, configure, and use Prometheus in a simple example setup. prometheus/node_exporter — Prometheus exporter for hardware and OS metrics exposed by *NIX kernels, written in Go with pluggable metric collectors.\r\n\r\nUsing netdata with Prometheus — Prometheus is a distributed monitoring system which offers a very simple setup along with a robust data model. Recently netdata added support for Prometheus.prometheus/nagios_plugins — Nagios plugin for alerting on prometheus query results.RobustPerception/nrpe_exporter — The NRPE exporter exposes metrics on commands sent to a running NRPE daemon.\r\n\r\nm-lab/prometheus-nagios-exporter — The Prometheus Nagios exporter reads status and performance data from nagios plugins via the MK Livestatus Nagios plugin and publishes this in a form that can be scrapped by Prometheus.Comparison to alternatives | Prometheus — Prometheus is a full monitoring and trending system that includes built-in and active scraping, storing, querying, graphing, and alerting based on time series data.Quality server monitoring solution using NetData/Prometheus/Grafana — I’m going to quickly show you how to install both netdata and Prometheus on the client and server. We can then use grafana pointed at Prometheus to obtain long-term metrics netdata offers.Monitoring stack by using Grafana + Prometheus + Netdata — This monitoring stack you can monitoring in real-time by Netdata and see the history by using Grafana.Monitoring Agent · NCPA — New to NCPA? See some of the awesome features present in the Web GUI and API, available on any operating system.\r\n\r\nNagios 101: Understanding the Fundamentals - NagiosNagios Documentation ","content_html":"\u003cp\u003eJim shares his Nagios tips and Wes chimes in with some modern tools as we chat monitoring in the wake of some high-profile outages.\u003c/p\u003e\n\n\u003cp\u003ePlus we turn our eye to hardware and get excited about the latest Ryzen line from AMD.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Third parties confirm AMD’s outstanding Ryzen 3000 numbers | Ars Technica\" rel=\"nofollow\" href=\"https://arstechnica.com/gadgets/2019/07/third-parties-confirm-amds-outstanding-ryzen-3000-numbers/\"\u003eThird parties confirm AMD’s outstanding Ryzen 3000 numbers | Ars Technica\u003c/a\u003e \u0026mdash; AMD debuted its new Ryzen 3000 desktop CPU line a few weeks ago at E3, and it looked fantastic. For the first time in 20 years, it looked like AMD could go head to head with Intel's desktop CPU line-up across the board. The question: would independent, third-party testing back up AMD's assertions?\u003c/li\u003e\u003cli\u003e\u003ca title=\"The Internet broke today: Facebook, Verizon, and more see major outages | Ars Technica\" rel=\"nofollow\" href=\"https://arstechnica.com/information-technology/2019/07/facebook-cloudflare-microsoft-and-twitter-suffer-outages/\"\u003eThe Internet broke today: Facebook, Verizon, and more see major outages | Ars Technica\u003c/a\u003e \u0026mdash; Last week, Verizon caused a major BGP misroute that took large chunks of the Internet, including CDN company Cloudflare, partially down for a day. This week, the rest of the Internet has apparently asked Verizon to hold its beer.\r\n\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"It was a really bad month for the internet | TechCrunch\" rel=\"nofollow\" href=\"https://techcrunch.com/2019/07/05/bad-month-for-the-internet/\"\u003eIt was a really bad month for the internet | TechCrunch\u003c/a\u003e \u0026mdash; In the past month there were several major internet outages affecting millions of users across the world. Sites buckled, services broke, images wouldn’t load, direct messages ground to a halt and calendars and email were unavailable for hours at a time.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Cloudflare outage caused by bad software deploy (updated)\" rel=\"nofollow\" href=\"https://blog.cloudflare.com/cloudflare-outage/\"\u003eCloudflare outage caused by bad software deploy (updated)\u003c/a\u003e \u0026mdash; For about 30 minutes today, visitors to Cloudflare sites received 502 errors caused by a massive spike in CPU utilization on our network. This CPU spike was caused by a bad software deploy that was rolled back.\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"How Verizon and a BGP Optimizer Knocked Large Parts of the Internet Offline Today\" rel=\"nofollow\" href=\"https://blog.cloudflare.com/how-verizon-and-a-bgp-optimizer-knocked-large-parts-of-the-internet-offline-today/\"\u003eHow Verizon and a BGP Optimizer Knocked Large Parts of the Internet Offline Today\u003c/a\u003e \u0026mdash; Today at 10:30UTC, the Internet had a small heart attack. A small company in Northern Pennsylvania became a preferred path of many Internet routes through Verizon (AS701), a major Internet transit provider. \u003c/li\u003e\u003cli\u003e\u003ca title=\"Getting started | Prometheus\" rel=\"nofollow\" href=\"https://prometheus.io/docs/prometheus/latest/getting_started/\"\u003eGetting started | Prometheus\u003c/a\u003e \u0026mdash; This guide is a \"Hello World\"-style tutorial which shows how to install, configure, and use Prometheus in a simple example setup. \u003c/li\u003e\u003cli\u003e\u003ca title=\"prometheus/node_exporter\" rel=\"nofollow\" href=\"https://github.com/prometheus/node_exporter\"\u003eprometheus/node_exporter\u003c/a\u003e \u0026mdash; Prometheus exporter for hardware and OS metrics exposed by *NIX kernels, written in Go with pluggable metric collectors.\r\n\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"Using netdata with Prometheus\" rel=\"nofollow\" href=\"https://docs.netdata.cloud/backends/prometheus/\"\u003eUsing netdata with Prometheus\u003c/a\u003e \u0026mdash; Prometheus is a distributed monitoring system which offers a very simple setup along with a robust data model. Recently netdata added support for Prometheus.\u003c/li\u003e\u003cli\u003e\u003ca title=\"prometheus/nagios_plugins\" rel=\"nofollow\" href=\"https://github.com/prometheus/nagios_plugins\"\u003eprometheus/nagios_plugins\u003c/a\u003e \u0026mdash; Nagios plugin for alerting on prometheus query results.\u003c/li\u003e\u003cli\u003e\u003ca title=\"RobustPerception/nrpe_exporter\" rel=\"nofollow\" href=\"https://github.com/RobustPerception/nrpe_exporter\"\u003eRobustPerception/nrpe_exporter\u003c/a\u003e \u0026mdash; The NRPE exporter exposes metrics on commands sent to a running NRPE daemon.\r\n\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"m-lab/prometheus-nagios-exporter\" rel=\"nofollow\" href=\"https://github.com/m-lab/prometheus-nagios-exporter\"\u003em-lab/prometheus-nagios-exporter\u003c/a\u003e \u0026mdash; The Prometheus Nagios exporter reads status and performance data from nagios plugins via the MK Livestatus Nagios plugin and publishes this in a form that can be scrapped by Prometheus.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Comparison to alternatives | Prometheus\" rel=\"nofollow\" href=\"https://prometheus.io/docs/introduction/comparison/\"\u003eComparison to alternatives | Prometheus\u003c/a\u003e \u0026mdash; Prometheus is a full monitoring and trending system that includes built-in and active scraping, storing, querying, graphing, and alerting based on time series data.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Quality server monitoring solution using NetData/Prometheus/Grafana\" rel=\"nofollow\" href=\"https://nemanja.io/quality-server-monitoring-solution-using-netdata-prometheus-grafana/\"\u003eQuality server monitoring solution using NetData/Prometheus/Grafana\u003c/a\u003e \u0026mdash; I’m going to quickly show you how to install both netdata and Prometheus on the client and server. We can then use grafana pointed at Prometheus to obtain long-term metrics netdata offers.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Monitoring stack by using Grafana + Prometheus + Netdata\" rel=\"nofollow\" href=\"https://medium.com/@jomzsg/monitoring-stack-by-using-grafana-prometheus-netdata-f9940d6804c8\"\u003eMonitoring stack by using Grafana + Prometheus + Netdata\u003c/a\u003e \u0026mdash; This monitoring stack you can monitoring in real-time by Netdata and see the history by using Grafana.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Monitoring Agent · NCPA\" rel=\"nofollow\" href=\"https://www.nagios.org/ncpa/\"\u003eMonitoring Agent · NCPA\u003c/a\u003e \u0026mdash; New to NCPA? See some of the awesome features present in the Web GUI and API, available on any operating system.\r\n\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"Nagios 101: Understanding the Fundamentals - Nagios\" rel=\"nofollow\" href=\"https://www.nagios.com/nagios-101-understanding-fundamentals/\"\u003eNagios 101: Understanding the Fundamentals - Nagios\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Nagios Documentation \" rel=\"nofollow\" href=\"https://www.nagios.org/documentation/\"\u003eNagios Documentation \u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Jim shares his Nagios tips and Wes chimes in with some modern monitoring tools as we chat monitoring in the wake of some high-profile outages.","date_published":"2019-07-10T22:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/a442674d-ddd6-471a-ac89-448f1d9a3284.mp3","mime_type":"audio/mp3","size_in_bytes":30618354,"duration_in_seconds":2551}]},{"id":"310be811-6d1b-4463-96f3-8fc9579a5d66","title":"406: SACK Attack","url":"https://techsnap.systems/406","content_text":"A new vulnerability may be the next 'Ping of Death'; we explore the details of SACK Panic and break down what you need to know.\n\nPlus Firefox zero days targeting Coinbase, the latest update on Rowhammer, and a few more reasons it's a great time to be a ZFS user.Links:SACK Panic Security Bulletin — Netflix has identified several TCP networking vulnerabilities in FreeBSD and Linux kernels. The vulnerabilities specifically relate to the Maximum Segment Size (MSS) and TCP Selective Acknowledgement (SACK) capabilities. The most serious, dubbed “SACK Panic,” allows a remotely-triggered kernel panic on recent Linux kernels.Ubuntu SACK Panic Guidance — You should update your kernel to the versions specified below in the Updates section and reboot. Alternatively, Canonical Livepatch updates will be available to mitigate these two issues without the need to reboot.\r\nRed Hat SACK Panic Advisory — Red Hat customers running affected versions of these Red Hat products are strongly recommended to update them as soon as errata are available. Customers are urged to apply the available updates immediately and enable the mitigations as they feel appropriate.   \r\n\r\nRFC 2018 - TCP Selective Acknowledgment Options — TCP may experience poor performance when multiple packets are lost from one window of data. With the limited information available from cumulative acknowledgments, a TCP sender can only learn about a single lost packet per round trip time.  An aggressive sender could choose to retransmit packets early, but such retransmitted segments may have already been successfully received. A Selective Acknowledgment (SACK) mechanism, combined with a selective repeat retransmission policy, can help to overcome these limitations.Ping of Death — In a nutshell, it is possible to crash, reboot or otherwise kill a large number of systems by sending a ping of a certain size from a remote machine.Firefox zero-day was used in attack against Coinbase employees, not its users | ZDNet — A recent Firefox zero-day that has made headlines across the tech news world this week was actually used in attacks against Coinbase employees, and not the company's users.Mozilla fixes second Firefox zero-day exploited in the wild | ZDNet — Mozilla has released a second security update this week to patch a second zero-day that was being exploited in the wild to attack Coinbase employees and other cryptocurrency organizations.\r\n\r\nRAMBleed — RAMBleed is a side-channel attack that enables an attacker to read out physical memory belonging to other processes. The implications of violating arbitrary privilege boundaries are numerous, and vary in severity based on the other software running on the target machine. As an example, in our paper we demonstrate an attack against OpenSSH in which we use RAMBleed to leak a 2048 bit RSA key. Digging into the new features in OpenZFS post-Linux migration | Ars Technica — One of the most important new features in 0.8 is Native ZFS Encryption. Until now, ZFS users have relied on OS-provided encrypted filesystem layers either above or below ZFS. While this approach does work, it presented difficulties.Allan Jude on Twitter — Once the FreeBSDs are upstreamed, everything is changing to 'OpenZFS', including the github organization currently know as 'zfsonlinux'.ZFS on Linux ReleasesLinux Academy is hiring! Mozilla teases $5-per-month ad-free news subscription — Mozilla has started teasing an ad-free news subscription service, which, for $5 per month, would offer ad-free browsing, audio readouts, and cross-platform syncing of news articles from a number of websites.","content_html":"\u003cp\u003eA new vulnerability may be the next \u0026#39;Ping of Death\u0026#39;; we explore the details of SACK Panic and break down what you need to know.\u003c/p\u003e\n\n\u003cp\u003ePlus Firefox zero days targeting Coinbase, the latest update on Rowhammer, and a few more reasons it\u0026#39;s a great time to be a ZFS user.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"SACK Panic Security Bulletin\" rel=\"nofollow\" href=\"https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-001.md\"\u003eSACK Panic Security Bulletin\u003c/a\u003e \u0026mdash; Netflix has identified several TCP networking vulnerabilities in FreeBSD and Linux kernels. The vulnerabilities specifically relate to the Maximum Segment Size (MSS) and TCP Selective Acknowledgement (SACK) capabilities. The most serious, dubbed “SACK Panic,” allows a remotely-triggered kernel panic on recent Linux kernels.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Ubuntu SACK Panic Guidance\" rel=\"nofollow\" href=\"https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SACKPanic\"\u003eUbuntu SACK Panic Guidance\u003c/a\u003e \u0026mdash; You should update your kernel to the versions specified below in the Updates section and reboot. Alternatively, Canonical Livepatch updates will be available to mitigate these two issues without the need to reboot.\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"Red Hat SACK Panic Advisory\" rel=\"nofollow\" href=\"https://access.redhat.com/security/vulnerabilities/tcpsack\"\u003eRed Hat SACK Panic Advisory\u003c/a\u003e \u0026mdash; Red Hat customers running affected versions of these Red Hat products are strongly recommended to update them as soon as errata are available. Customers are urged to apply the available updates immediately and enable the mitigations as they feel appropriate.   \r\n\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"RFC 2018 - TCP Selective Acknowledgment Options\" rel=\"nofollow\" href=\"https://tools.ietf.org/html/rfc2018\"\u003eRFC 2018 - TCP Selective Acknowledgment Options\u003c/a\u003e \u0026mdash; TCP may experience poor performance when multiple packets are lost from one window of data. With the limited information available from cumulative acknowledgments, a TCP sender can only learn about a single lost packet per round trip time.  An aggressive sender could choose to retransmit packets early, but such retransmitted segments may have already been successfully received. A Selective Acknowledgment (SACK) mechanism, combined with a selective repeat retransmission policy, can help to overcome these limitations.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Ping of Death\" rel=\"nofollow\" href=\"https://insecure.org/sploits/ping-o-death.html\"\u003ePing of Death\u003c/a\u003e \u0026mdash; In a nutshell, it is possible to crash, reboot or otherwise kill a large number of systems by sending a ping of a certain size from a remote machine.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Firefox zero-day was used in attack against Coinbase employees, not its users | ZDNet\" rel=\"nofollow\" href=\"https://www.zdnet.com/article/firefox-zero-day-was-used-in-attack-against-coinbase-employees-not-its-users/\"\u003eFirefox zero-day was used in attack against Coinbase employees, not its users | ZDNet\u003c/a\u003e \u0026mdash; A recent Firefox zero-day that has made headlines across the tech news world this week was actually used in attacks against Coinbase employees, and not the company's users.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Mozilla fixes second Firefox zero-day exploited in the wild | ZDNet\" rel=\"nofollow\" href=\"https://www.zdnet.com/article/mozilla-fixes-second-firefox-zero-day-exploited-in-the-wild/\"\u003eMozilla fixes second Firefox zero-day exploited in the wild | ZDNet\u003c/a\u003e \u0026mdash; Mozilla has released a second security update this week to patch a second zero-day that was being exploited in the wild to attack Coinbase employees and other cryptocurrency organizations.\r\n\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"RAMBleed\" rel=\"nofollow\" href=\"https://rambleed.com/\"\u003eRAMBleed\u003c/a\u003e \u0026mdash; RAMBleed is a side-channel attack that enables an attacker to read out physical memory belonging to other processes. The implications of violating arbitrary privilege boundaries are numerous, and vary in severity based on the other software running on the target machine. As an example, in our paper we demonstrate an attack against OpenSSH in which we use RAMBleed to leak a 2048 bit RSA key. \u003c/li\u003e\u003cli\u003e\u003ca title=\"Digging into the new features in OpenZFS post-Linux migration | Ars Technica\" rel=\"nofollow\" href=\"https://arstechnica.com/gadgets/2019/06/zfs-features-bugfixes-0-8-1/\"\u003eDigging into the new features in OpenZFS post-Linux migration | Ars Technica\u003c/a\u003e \u0026mdash; One of the most important new features in 0.8 is Native ZFS Encryption. Until now, ZFS users have relied on OS-provided encrypted filesystem layers either above or below ZFS. While this approach does work, it presented difficulties.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Allan Jude on Twitter\" rel=\"nofollow\" href=\"https://twitter.com/allanjude/status/1138651704558346245\"\u003eAllan Jude on Twitter\u003c/a\u003e \u0026mdash; Once the FreeBSDs are upstreamed, everything is changing to 'OpenZFS', including the github organization currently know as 'zfsonlinux'.\u003c/li\u003e\u003cli\u003e\u003ca title=\"ZFS on Linux Releases\" rel=\"nofollow\" href=\"https://github.com/zfsonlinux/zfs/releases\"\u003eZFS on Linux Releases\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Linux Academy is hiring! \" rel=\"nofollow\" href=\"https://jobs.lever.co/linuxacademy/\"\u003eLinux Academy is hiring! \u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Mozilla teases $5-per-month ad-free news subscription\" rel=\"nofollow\" href=\"https://www.theverge.com/2019/7/5/20683059/mozilla-news-subscription-service-ad-free-scroll-price\"\u003eMozilla teases $5-per-month ad-free news subscription\u003c/a\u003e \u0026mdash; Mozilla has started teasing an ad-free news subscription service, which, for $5 per month, would offer ad-free browsing, audio readouts, and cross-platform syncing of news articles from a number of websites.\u003c/li\u003e\u003c/ul\u003e","summary":"A new vulnerability may be the next 'Ping of Death'; we explore the details of SACK Panic and break down what you need to know.","date_published":"2019-06-23T18:15:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/310be811-6d1b-4463-96f3-8fc9579a5d66.mp3","mime_type":"audio/mp3","size_in_bytes":31361276,"duration_in_seconds":2613}]},{"id":"8a576c94-20cc-497c-9de7-8402cd0a1135","title":"405: Update Uncertainty","url":"https://techsnap.systems/405","content_text":"We explore the risky world of exposed RDP, from the brute force GoldBrute botnet to the dangerously worm-able BlueKeep vulnerability.\n\nPlus the importance of automatic updates, and Jim's new backup box. Links:Errata Security: Almost One Million Vulnerable to BlueKeep Vuln (CVE-2019-0708) — Microsoft announced a vulnerability in it's \"Remote Desktop\" product that can lead to robust, wormable exploits. I scanned the Internet to assess the danger. I find nearly 1-million devices on the public Internet that are vulnerable to the bug. Even the NSA is urging Windows users to patch BlueKeep (CVE-2019-0708) | ZDNet — \"[The] NSA is concerned that malicious cyber actors will use the vulnerability in ransomware and exploit kits containing other known exploits, increasing capabilities against other unpatched systems.\r\n\r\nPrevent a worm by updating Remote Desktop Services (CVE-2019-0708) – MSRC — This vulnerability is pre-authentication and requires no user interaction. In other words, the vulnerability is ‘wormable’, meaning that any future malware that exploits this vulnerability could propagate from vulnerable computer to vulnerable computer in a similar way as the WannaCry malware spread across the globe in 2017BlueKeep - everyone agrees, you should patch PCs running legacy versions of Windows — I have this horrible feeling that the only way we’re going to wake the world up to the need to patch their ageing versions of Windows against the BlueKeep vulnerability is to wait until a malicious worm begins to spread around the world.\r\n\r\nCVE-2019-0708 | Remote Desktop Services Remote Code Execution Vulnerability — A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction. An attacker who successfully exploited this vulnerability could execute arbitrary code on the target system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\r\n\r\nCustomer guidance for CVE-2019-0708 | Remote Desktop Services Remote Code Execution Vulnerability — Microsoft is aware that some customers are running versions of Windows that no longer receive mainstream support. That means those customers will not have received any security updates to protect their systems from CVE-2019-0708, which is a critical remote code execution vulnerability.\r\n\r\nForget BlueKeep: Beware the GoldBrute | Threatpost — In the past few days, GoldBrute (named after the Java class it uses) has attempted to brute-force Remote Desktop Protocol (RDP) connections for 1.5 million Windows systems and counting, according to Morphus Labs chief research officer Renato Marinho. The botnet is actively scanning the internet for machines with RDP exposed, and trying out weak or reused passwords to see if it can gain access to the systems.The GoldBrute botnet — The latest round of bad news emerged last week when Morphus Labs’ researcher Renato Marinho announced the discovery of an aggressive brute force campaign against 1.5 million RDP servers by a botnet called ‘GoldBrute’.\r\n\r\nUbuntu Automatic Updates — The unattended-upgrades package can be used to automatically install updated packages, and can be configured to update all packages or just install security updates. AutoUpdates - Fedora Project Wiki — You must decide whether to use automatic DNF or YUM updates on each of your machines. It's time to block Windows Automatic Updating | Computerworld — Those of you who feel it’s important to install Windows and Office patches the moment they come out – I salute you. The Windows world needs more cannon fodder.Windows 10's Ugly Updates Just Got Uglier. Here's How To Stay Safe by Disabling Automatic Updates — Stay safe by disabling automatic updates? How is that possible? As a general rule of thumb, I’d never recommend disabling updates because security patches are essential. But the situation with Windows 10 has become intolerable. Microsoft continues to fail and continues to release update after update that they know, or should know, has serious problems.Jim's New Rig — I build, sell, and manage much bigger and meaner systems than this all the time. But this one's MINE! 12 hot swap bays, Ryzen 7 2700 w/ ECC RAM, quiet enough to share an office with, and the trays can take either HDD or SSD with no adapter needed.","content_html":"\u003cp\u003eWe explore the risky world of exposed RDP, from the brute force GoldBrute botnet to the dangerously worm-able BlueKeep vulnerability.\u003c/p\u003e\n\n\u003cp\u003ePlus the importance of automatic updates, and Jim\u0026#39;s new backup box. \u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Errata Security: Almost One Million Vulnerable to BlueKeep Vuln (CVE-2019-0708)\" rel=\"nofollow\" href=\"https://blog.erratasec.com/2019/05/almost-one-million-vulnerable-to.html\"\u003eErrata Security: Almost One Million Vulnerable to BlueKeep Vuln (CVE-2019-0708)\u003c/a\u003e \u0026mdash; Microsoft announced a vulnerability in it's \"Remote Desktop\" product that can lead to robust, wormable exploits. I scanned the Internet to assess the danger. I find nearly 1-million devices on the public Internet that are vulnerable to the bug. \u003c/li\u003e\u003cli\u003e\u003ca title=\"Even the NSA is urging Windows users to patch BlueKeep (CVE-2019-0708) | ZDNet\" rel=\"nofollow\" href=\"https://www.zdnet.com/article/even-the-nsa-is-urging-windows-users-to-patch-bluekeep-cve-2019-0708/\"\u003eEven the NSA is urging Windows users to patch BlueKeep (CVE-2019-0708) | ZDNet\u003c/a\u003e \u0026mdash; \"[The] NSA is concerned that malicious cyber actors will use the vulnerability in ransomware and exploit kits containing other known exploits, increasing capabilities against other unpatched systems.\r\n\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"Prevent a worm by updating Remote Desktop Services (CVE-2019-0708) – MSRC\" rel=\"nofollow\" href=\"https://blogs.technet.microsoft.com/msrc/2019/05/14/prevent-a-worm-by-updating-remote-desktop-services-cve-2019-0708/\"\u003ePrevent a worm by updating Remote Desktop Services (CVE-2019-0708) – MSRC\u003c/a\u003e \u0026mdash; This vulnerability is pre-authentication and requires no user interaction. In other words, the vulnerability is ‘wormable’, meaning that any future malware that exploits this vulnerability could propagate from vulnerable computer to vulnerable computer in a similar way as the WannaCry malware spread across the globe in 2017\u003c/li\u003e\u003cli\u003e\u003ca title=\"BlueKeep - everyone agrees, you should patch PCs running legacy versions of Windows\" rel=\"nofollow\" href=\"https://www.grahamcluley.com/bluekeep-everyone-agrees-you-should-patch-pcs-running-legacy-versions-of-windows/\"\u003eBlueKeep - everyone agrees, you should patch PCs running legacy versions of Windows\u003c/a\u003e \u0026mdash; I have this horrible feeling that the only way we’re going to wake the world up to the need to patch their ageing versions of Windows against the BlueKeep vulnerability is to wait until a malicious worm begins to spread around the world.\r\n\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"CVE-2019-0708 | Remote Desktop Services Remote Code Execution Vulnerability\" rel=\"nofollow\" href=\"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708\"\u003eCVE-2019-0708 | Remote Desktop Services Remote Code Execution Vulnerability\u003c/a\u003e \u0026mdash; A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction. An attacker who successfully exploited this vulnerability could execute arbitrary code on the target system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\r\n\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"Customer guidance for CVE-2019-0708 | Remote Desktop Services Remote Code Execution Vulnerability\" rel=\"nofollow\" href=\"https://support.microsoft.com/en-us/help/4500705/customer-guidance-for-cve-2019-0708\"\u003eCustomer guidance for CVE-2019-0708 | Remote Desktop Services Remote Code Execution Vulnerability\u003c/a\u003e \u0026mdash; Microsoft is aware that some customers are running versions of Windows that no longer receive mainstream support. That means those customers will not have received any security updates to protect their systems from CVE-2019-0708, which is a critical remote code execution vulnerability.\r\n\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"Forget BlueKeep: Beware the GoldBrute | Threatpost\" rel=\"nofollow\" href=\"https://threatpost.com/forget-bluekeep-beware-goldbrute/145482/\"\u003eForget BlueKeep: Beware the GoldBrute | Threatpost\u003c/a\u003e \u0026mdash; In the past few days, GoldBrute (named after the Java class it uses) has attempted to brute-force Remote Desktop Protocol (RDP) connections for 1.5 million Windows systems and counting, according to Morphus Labs chief research officer Renato Marinho. The botnet is actively scanning the internet for machines with RDP exposed, and trying out weak or reused passwords to see if it can gain access to the systems.\u003c/li\u003e\u003cli\u003e\u003ca title=\"The GoldBrute botnet\" rel=\"nofollow\" href=\"https://nakedsecurity.sophos.com/2019/06/10/the-goldbrute-botnet-is-trying-to-crack-open-1-5-million-rdp-servers/\"\u003eThe GoldBrute botnet\u003c/a\u003e \u0026mdash; The latest round of bad news emerged last week when Morphus Labs’ researcher Renato Marinho announced the discovery of an aggressive brute force campaign against 1.5 million RDP servers by a botnet called ‘GoldBrute’.\r\n\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"Ubuntu Automatic Updates\" rel=\"nofollow\" href=\"https://help.ubuntu.com/lts/serverguide/automatic-updates.html.en\"\u003eUbuntu Automatic Updates\u003c/a\u003e \u0026mdash; The unattended-upgrades package can be used to automatically install updated packages, and can be configured to update all packages or just install security updates. \u003c/li\u003e\u003cli\u003e\u003ca title=\"AutoUpdates - Fedora Project Wiki\" rel=\"nofollow\" href=\"https://fedoraproject.org/wiki/AutoUpdates\"\u003eAutoUpdates - Fedora Project Wiki\u003c/a\u003e \u0026mdash; You must decide whether to use automatic DNF or YUM updates on each of your machines. \u003c/li\u003e\u003cli\u003e\u003ca title=\"It\u0026#39;s time to block Windows Automatic Updating | Computerworld\" rel=\"nofollow\" href=\"https://www.computerworld.com/article/3339563/its-time-to-block-windows-automatic-updating.html\"\u003eIt\u0026#39;s time to block Windows Automatic Updating | Computerworld\u003c/a\u003e \u0026mdash; Those of you who feel it’s important to install Windows and Office patches the moment they come out – I salute you. The Windows world needs more cannon fodder.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Windows 10\u0026#39;s Ugly Updates Just Got Uglier. Here\u0026#39;s How To Stay Safe by Disabling Automatic Updates\" rel=\"nofollow\" href=\"https://www.forbes.com/sites/kevinmurnane/2019/04/25/windows-10s-ugly-updates-just-got-uglier-heres-how-to-stay-safe-by-disabling-automatic-updates/#591e6ac67ff0\"\u003eWindows 10\u0026#39;s Ugly Updates Just Got Uglier. Here\u0026#39;s How To Stay Safe by Disabling Automatic Updates\u003c/a\u003e \u0026mdash; Stay safe by disabling automatic updates? How is that possible? As a general rule of thumb, I’d never recommend disabling updates because security patches are essential. But the situation with Windows 10 has become intolerable. Microsoft continues to fail and continues to release update after update that they know, or should know, has serious problems.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Jim\u0026#39;s New Rig\" rel=\"nofollow\" href=\"https://twitter.com/jrssnet/status/1136721049641455617\"\u003eJim\u0026#39;s New Rig\u003c/a\u003e \u0026mdash; I build, sell, and manage much bigger and meaner systems than this all the time. But this one's MINE! 12 hot swap bays, Ryzen 7 2700 w/ ECC RAM, quiet enough to share an office with, and the trays can take either HDD or SSD with no adapter needed.\u003c/li\u003e\u003c/ul\u003e","summary":"We explore the risky world of exposed RDP, from the brute force GoldBrute botnet to the dangerously worm-able BlueKeep vulnerability.","date_published":"2019-06-11T20:15:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/8a576c94-20cc-497c-9de7-8402cd0a1135.mp3","mime_type":"audio/mp3","size_in_bytes":22166906,"duration_in_seconds":1847}]},{"id":"e2a5afa9-3180-4551-91a0-e84e65eb61e1","title":"404: Prefork Pitfalls","url":"https://techsnap.systems/404","content_text":"We turn our eye to web server best practices, from the basics of CDNs to the importance of choosing the right multi-processing module.\n\nPlus the right way to setup PHP, the trouble with benchmarking, and when to choose NGiNX. Links:Jim's Blog: Installing WordPress on Apache the modern way — It’s been bugging me for a while that there are no correct guides to be found about using modern Apache 2.4 or above with the Event or Worker MPMs. We’re going to go ahead and correct that lapse today, by walking through a brand-new WordPress install on a new Ubuntu 18.04 VM.\r\nApache Performance Tuning — Apache 2.x is a general-purpose webserver, designed to provide a balance of flexibility, portability, and performance. Although it has not been designed specifically to set benchmark records, Apache 2.x is capable of high performance in many real-world situations.Tuning Your Apache Serverworker - Apache HTTP Server Version 2.4 — This Multi-Processing Module (MPM) implements a hybrid multi-process multi-threaded server. By using threads to serve requests, it is able to serve a large number of requests with fewer system resources than a process-based server.event - Apache HTTP Server Version 2.4 — The event Multi-Processing Module (MPM) is designed to allow more requests to be served simultaneously by passing off some processing work to the listeners threads, freeing up the worker threads to serve new requests.\r\n\r\nPHP-FPM — PHP-FPM (FastCGI Process Manager) is an alternative PHP FastCGI implementation with some additional features useful for sites of any size, especially busier sites.\r\nFastCGI overview — FastCGI is a way to have CGI scripts execute time-consuming code (like opening a database) only once, rather than every time the script is loaded. In technical terms, FastCGI is a language independent, scalable, open extension to CGI that provides high performance without the limitations of server specific APIs.\r\n\r\nAlexa Top 500 Global SitesWhat Is a CDN? How Does a CDN work? — A content delivery network (CDN) refers to a geographically distributed group of servers which work together to provide fast delivery of Internet content. W3 Total Cache – WordPress plugin — W3 Total Cache improves the SEO and user experience of your site by increasing website performance, reducing load times via features like content delivery network (CDN) integration and the latest best practices.\r\n\r\nkrakjoe/apcu: APCu - APC User Cache — APCu is an in-memory key-value store for PHP. Keys are of type string and values can be any PHP variables.\r\n\r\nPHP: APCu - ManualIntroduction to Varnish — Varnish HTTP Cache — Varnish Cache is a web application accelerator also known as a caching HTTP reverse proxy. You install it in front of any server that speaks HTTP and configure it to cache the contents. Varnish Cache is really, really fast. It typically speeds up delivery with a factor of 300 - 1000x, depending on your architecturab - Apache HTTP server benchmarking tool — ab is a tool for benchmarking your Apache Hypertext Transfer Protocol (HTTP) server. It is designed to give you an impression of how your current Apache installation performs. This especially shows you how many requests per second your Apache installation is capable of serving.HTTP(S) Benchmark Tools \r\njimsalterjrs/network-testing — This is a small collection of GPLv3-licensed tools to assist an intrepid researcher in testing the performance of networks, wired or wireless.","content_html":"\u003cp\u003eWe turn our eye to web server best practices, from the basics of CDNs to the importance of choosing the right multi-processing module.\u003c/p\u003e\n\n\u003cp\u003ePlus the right way to setup PHP, the trouble with benchmarking, and when to choose NGiNX. \u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Jim\u0026#39;s Blog: Installing WordPress on Apache the modern way\" rel=\"nofollow\" href=\"https://jrs-s.net/2019/05/25/installing-wordpress-on-apache-the-modern-way/\"\u003eJim\u0026#39;s Blog: Installing WordPress on Apache the modern way\u003c/a\u003e \u0026mdash; It’s been bugging me for a while that there are no correct guides to be found about using modern Apache 2.4 or above with the Event or Worker MPMs. We’re going to go ahead and correct that lapse today, by walking through a brand-new WordPress install on a new Ubuntu 18.04 VM.\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"Apache Performance Tuning\" rel=\"nofollow\" href=\"https://httpd.apache.org/docs/2.4/misc/perf-tuning.html\"\u003eApache Performance Tuning\u003c/a\u003e \u0026mdash; Apache 2.x is a general-purpose webserver, designed to provide a balance of flexibility, portability, and performance. Although it has not been designed specifically to set benchmark records, Apache 2.x is capable of high performance in many real-world situations.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Tuning Your Apache Server\" rel=\"nofollow\" href=\"https://www.linode.com/docs/web-servers/apache-tips-and-tricks/tuning-your-apache-server/\"\u003eTuning Your Apache Server\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"worker - Apache HTTP Server Version 2.4\" rel=\"nofollow\" href=\"https://httpd.apache.org/docs/2.4/mod/worker.html\"\u003eworker - Apache HTTP Server Version 2.4\u003c/a\u003e \u0026mdash; This Multi-Processing Module (MPM) implements a hybrid multi-process multi-threaded server. By using threads to serve requests, it is able to serve a large number of requests with fewer system resources than a process-based server.\u003c/li\u003e\u003cli\u003e\u003ca title=\"event - Apache HTTP Server Version 2.4\" rel=\"nofollow\" href=\"https://httpd.apache.org/docs/2.4/mod/event.html\"\u003eevent - Apache HTTP Server Version 2.4\u003c/a\u003e \u0026mdash; The event Multi-Processing Module (MPM) is designed to allow more requests to be served simultaneously by passing off some processing work to the listeners threads, freeing up the worker threads to serve new requests.\r\n\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"PHP-FPM\" rel=\"nofollow\" href=\"https://php-fpm.org/\"\u003ePHP-FPM\u003c/a\u003e \u0026mdash; PHP-FPM (FastCGI Process Manager) is an alternative PHP FastCGI implementation with some additional features useful for sites of any size, especially busier sites.\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"FastCGI overview\" rel=\"nofollow\" href=\"https://help.dreamhost.com/hc/en-us/articles/217298967-FastCGI-overview\"\u003eFastCGI overview\u003c/a\u003e \u0026mdash; FastCGI is a way to have CGI scripts execute time-consuming code (like opening a database) only once, rather than every time the script is loaded. In technical terms, FastCGI is a language independent, scalable, open extension to CGI that provides high performance without the limitations of server specific APIs.\r\n\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"Alexa Top 500 Global Sites\" rel=\"nofollow\" href=\"https://www.alexa.com/topsites\"\u003eAlexa Top 500 Global Sites\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"What Is a CDN? How Does a CDN work?\" rel=\"nofollow\" href=\"https://www.cloudflare.com/learning/cdn/what-is-a-cdn/\"\u003eWhat Is a CDN? How Does a CDN work?\u003c/a\u003e \u0026mdash; A content delivery network (CDN) refers to a geographically distributed group of servers which work together to provide fast delivery of Internet content. \u003c/li\u003e\u003cli\u003e\u003ca title=\"W3 Total Cache – WordPress plugin\" rel=\"nofollow\" href=\"https://wordpress.org/plugins/w3-total-cache/\"\u003eW3 Total Cache – WordPress plugin\u003c/a\u003e \u0026mdash; W3 Total Cache improves the SEO and user experience of your site by increasing website performance, reducing load times via features like content delivery network (CDN) integration and the latest best practices.\r\n\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"krakjoe/apcu: APCu - APC User Cache\" rel=\"nofollow\" href=\"https://github.com/krakjoe/apcu\"\u003ekrakjoe/apcu: APCu - APC User Cache\u003c/a\u003e \u0026mdash; APCu is an in-memory key-value store for PHP. Keys are of type string and values can be any PHP variables.\r\n\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"PHP: APCu - Manual\" rel=\"nofollow\" href=\"https://www.php.net/manual/en/book.apcu.php\"\u003ePHP: APCu - Manual\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Introduction to Varnish — Varnish HTTP Cache\" rel=\"nofollow\" href=\"https://varnish-cache.org/intro/\"\u003eIntroduction to Varnish — Varnish HTTP Cache\u003c/a\u003e \u0026mdash; Varnish Cache is a web application accelerator also known as a caching HTTP reverse proxy. You install it in front of any server that speaks HTTP and configure it to cache the contents. Varnish Cache is really, really fast. It typically speeds up delivery with a factor of 300 - 1000x, depending on your architectur\u003c/li\u003e\u003cli\u003e\u003ca title=\"ab - Apache HTTP server benchmarking tool\" rel=\"nofollow\" href=\"https://httpd.apache.org/docs/2.4/programs/ab.html\"\u003eab - Apache HTTP server benchmarking tool\u003c/a\u003e \u0026mdash; ab is a tool for benchmarking your Apache Hypertext Transfer Protocol (HTTP) server. It is designed to give you an impression of how your current Apache installation performs. This especially shows you how many requests per second your Apache installation is capable of serving.\u003c/li\u003e\u003cli\u003e\u003ca title=\"HTTP(S) Benchmark Tools \" rel=\"nofollow\" href=\"https://gist.github.com/denji/8333630\"\u003eHTTP(S) Benchmark Tools \u003c/a\u003e\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"jimsalterjrs/network-testing\" rel=\"nofollow\" href=\"https://github.com/jimsalterjrs/network-testing\"\u003ejimsalterjrs/network-testing\u003c/a\u003e \u0026mdash; This is a small collection of GPLv3-licensed tools to assist an intrepid researcher in testing the performance of networks, wired or wireless.\u003c/li\u003e\u003c/ul\u003e","summary":"We turn our eye to web server best practices, from the basics of CDNs to the importance of choosing the right multi-processing module.","date_published":"2019-05-25T18:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/e2a5afa9-3180-4551-91a0-e84e65eb61e1.mp3","mime_type":"audio/mp3","size_in_bytes":24351787,"duration_in_seconds":2029}]},{"id":"e26c9e2a-3e0f-40b9-9875-d72821ee1792","title":"403: Keeping Systems Simple","url":"https://techsnap.systems/403","content_text":"We’re back from LinuxFest Northwest with an update on all things WireGuard, some VLAN myth busting, and the trade-offs of highly available systems.Links:TechSNAP Episode 390: What’s Up with WireGuardWireGuard Sent Out Again For Review — WireGuard lead developer Jason Donenfeld has sent out the ninth version of the WireGuard secure network tunnel patches for review. If this review goes well and lands in net-next in the weeks ahead, this long-awaited VPN improvement could make it into the mainline Linux 5.2 kernel. \r\nCloudFlare announces Warp VPN — Using Cloudflare’s existing network of servers, Internet users all over the world will be able to connect to Warp VPN through the 1.1.1.1 app. In the same vein, Warp VPN will not significantly increase battery usage by using an efficient protocol called WireGuard.CloudFlare Launches \"BoringTun\" As Rust-Written WireGuard User-Space Implementation - Phoronix — CloudFlare took to creating BoringTun as they wanted a user-space solution as not to have to deal with kernel modules or satisfying certain kernel versions. They also wanted cross platform support and for their chosen implementation to be very fast, these choices which led them to writing a Rust-based solution. cloudflare/boringtun — BoringTun is an implementation of the WireGuard® protocol designed for portability and speed.\r\n\r\nVPN protocol WireGuard now has an official macOS app — You can already download the WireGuard app on Android and iOS, but today’s release is all about macOS.WireGuard Windows Pre-Alpha — I've been mostly absent these last weeks, due to being completely absorbed in Windows programming. I think we're finally getting to the state where we might really benefit from testing of the \"pre-alpha\".Wintun – Layer 3 TUN Driver for Windows — Wintun is a very simple and minimal TUN driver for the Windows kernel, which provides userspace programs with a simple network adapter for reading and writing packets. It is akin to Linux's /dev/net/tun and BSD's /dev/tun. WireGuard for Kubernetes: Introducing Gravitational Wormhole — Wormhole is a Kubernetes network plugin that combines the simplicity of flannel with encrypted networking from WireGuard.gravitational/wormhole: Wireguard based overlay network CNI plugin for kubernetesNetworkManager 1.16 — NetworkManager 1.16 is a big feature release bringing support for WireGuard VPN tunnelsPortal Cloud - Subspace — Subspace is an open source WireGuard® VPN server that supports connecting all of your devices to help secure your internet access.\r\n\r\nsubspacecloud/subspace — A simple WireGuard VPN server GUIjimsalterjrs/wg-admin — Simple CLI utilities to manage a WireGuard server5 big misconceptions about virtual LANs — In the real world, VLANs are anything but simple.\r\nHigh Availability vs. Fault Tolerance vs. Disaster Recovery — You need IT infrastructure that you can count on even when you run into the rare network outage, equipment failure, or power issue. When your systems run into trouble, that’s where one or more of the three primary availability strategies will come into play: high availability, fault tolerance, and/or disaster recovery.High Availability: Concepts and Theory — Running server operations using clusters of either physical or virtual computers is all about improving both reliability and performance over and above what you could expect from a single, high-powered server. RPO and RTO: Understanding the Differences — Recovery time objective refers to how much time an application can be down without causing significant damage to the business. Recovery point objectives refer to your company’s loss tolerance: the amount of data that can be lost before significant harm to the business occurs.JupiterBroadcasting/Talks — Public repository of crew talks, slides, and additional resources.Command Line Threat Hunting — That viruses and malware are Windows problems is a misnomer that is often propagated through the Linux community and it's an easy one to believe until you start noticing strange behavior on your system. What do you do next? Join Ell Marquez and Tony Lambert in discussing a common sense approach to threat detection using only command line tools.Fear the Man in the Middle? This company wants to sell quantum key distribution — For now, Quantum XChange has only said about a dozen companies are part of the pilot. But with the appetite for quantum solutions in the US increasing—the National Quantum Initiative was just signed into law at the end of 2018 to advance the tech—this could be an opportune time to enter the market, so long as the service lives up to its billing.","content_html":"\u003cp\u003eWe’re back from LinuxFest Northwest with an update on all things WireGuard, some VLAN myth busting, and the trade-offs of highly available systems.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"TechSNAP Episode 390: What’s Up with WireGuard\" rel=\"nofollow\" href=\"https://techsnap.systems/390\"\u003eTechSNAP Episode 390: What’s Up with WireGuard\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"WireGuard Sent Out Again For Review\" rel=\"nofollow\" href=\"https://www.phoronix.com/scan.php?page=news_item\u0026amp;px=WireGuard-V9-Maybe-Linux-5.2\"\u003eWireGuard Sent Out Again For Review\u003c/a\u003e \u0026mdash; WireGuard lead developer Jason Donenfeld has sent out the ninth version of the WireGuard secure network tunnel patches for review. If this review goes well and lands in net-next in the weeks ahead, this long-awaited VPN improvement could make it into the mainline Linux 5.2 kernel. \r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"CloudFlare announces Warp VPN\" rel=\"nofollow\" href=\"https://securitybaron.com/news/cloudflare-warp-vpn/\"\u003eCloudFlare announces Warp VPN\u003c/a\u003e \u0026mdash; Using Cloudflare’s existing network of servers, Internet users all over the world will be able to connect to Warp VPN through the 1.1.1.1 app. In the same vein, Warp VPN will not significantly increase battery usage by using an efficient protocol called WireGuard.\u003c/li\u003e\u003cli\u003e\u003ca title=\"CloudFlare Launches \u0026quot;BoringTun\u0026quot; As Rust-Written WireGuard User-Space Implementation - Phoronix\" rel=\"nofollow\" href=\"https://www.phoronix.com/scan.php?page=news_item\u0026amp;px=CloudFlare-BoringTun-WireGuard\"\u003eCloudFlare Launches \u0026quot;BoringTun\u0026quot; As Rust-Written WireGuard User-Space Implementation - Phoronix\u003c/a\u003e \u0026mdash; CloudFlare took to creating BoringTun as they wanted a user-space solution as not to have to deal with kernel modules or satisfying certain kernel versions. They also wanted cross platform support and for their chosen implementation to be very fast, these choices which led them to writing a Rust-based solution. \u003c/li\u003e\u003cli\u003e\u003ca title=\"cloudflare/boringtun\" rel=\"nofollow\" href=\"https://github.com/cloudflare/boringtun\"\u003ecloudflare/boringtun\u003c/a\u003e \u0026mdash; BoringTun is an implementation of the WireGuard® protocol designed for portability and speed.\r\n\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"VPN protocol WireGuard now has an official macOS app\" rel=\"nofollow\" href=\"https://techcrunch.com/2019/02/18/vpn-protocol-wireguard-now-has-an-official-macos-app/\"\u003eVPN protocol WireGuard now has an official macOS app\u003c/a\u003e \u0026mdash; You can already download the WireGuard app on Android and iOS, but today’s release is all about macOS.\u003c/li\u003e\u003cli\u003e\u003ca title=\"WireGuard Windows Pre-Alpha\" rel=\"nofollow\" href=\"https://lists.zx2c4.com/pipermail/wireguard/2019-May/004126.html\"\u003eWireGuard Windows Pre-Alpha\u003c/a\u003e \u0026mdash; I've been mostly absent these last weeks, due to being completely absorbed in Windows programming. I think we're finally getting to the state where we might really benefit from testing of the \"pre-alpha\".\u003c/li\u003e\u003cli\u003e\u003ca title=\"Wintun – Layer 3 TUN Driver for Windows\" rel=\"nofollow\" href=\"https://www.wintun.net/\"\u003eWintun – Layer 3 TUN Driver for Windows\u003c/a\u003e \u0026mdash; Wintun is a very simple and minimal TUN driver for the Windows kernel, which provides userspace programs with a simple network adapter for reading and writing packets. It is akin to Linux's /dev/net/tun and BSD's /dev/tun. \u003c/li\u003e\u003cli\u003e\u003ca title=\"WireGuard for Kubernetes: Introducing Gravitational Wormhole\" rel=\"nofollow\" href=\"https://gravitational.com/blog/announcing_wormhole/\"\u003eWireGuard for Kubernetes: Introducing Gravitational Wormhole\u003c/a\u003e \u0026mdash; Wormhole is a Kubernetes network plugin that combines the simplicity of flannel with encrypted networking from WireGuard.\u003c/li\u003e\u003cli\u003e\u003ca title=\"gravitational/wormhole: Wireguard based overlay network CNI plugin for kubernetes\" rel=\"nofollow\" href=\"https://github.com/gravitational/wormhole#getting-started\"\u003egravitational/wormhole: Wireguard based overlay network CNI plugin for kubernetes\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"NetworkManager 1.16\" rel=\"nofollow\" href=\"https://www.phoronix.com/scan.php?page=news_item\u0026amp;px=NetworkManager-1.16-Released\"\u003eNetworkManager 1.16\u003c/a\u003e \u0026mdash; NetworkManager 1.16 is a big feature release bringing support for WireGuard VPN tunnels\u003c/li\u003e\u003cli\u003e\u003ca title=\"Portal Cloud - Subspace\" rel=\"nofollow\" href=\"https://portal.cloud/app/subspace\"\u003ePortal Cloud - Subspace\u003c/a\u003e \u0026mdash; Subspace is an open source WireGuard® VPN server that supports connecting all of your devices to help secure your internet access.\r\n\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"subspacecloud/subspace\" rel=\"nofollow\" href=\"https://github.com/subspacecloud/subspace\"\u003esubspacecloud/subspace\u003c/a\u003e \u0026mdash; A simple WireGuard VPN server GUI\u003c/li\u003e\u003cli\u003e\u003ca title=\"jimsalterjrs/wg-admin\" rel=\"nofollow\" href=\"https://github.com/jimsalterjrs/wg-admin\"\u003ejimsalterjrs/wg-admin\u003c/a\u003e \u0026mdash; Simple CLI utilities to manage a WireGuard server\u003c/li\u003e\u003cli\u003e\u003ca title=\"5 big misconceptions about virtual LANs\" rel=\"nofollow\" href=\"https://www.pluralsight.com/blog/it-ops/5-big-misconceptions-about-virtual-lans-\"\u003e5 big misconceptions about virtual LANs\u003c/a\u003e \u0026mdash; In the real world, VLANs are anything but simple.\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"High Availability vs. Fault Tolerance vs. Disaster Recovery\" rel=\"nofollow\" href=\"https://www.greenhousedata.com/blog/high-availability-vs-fault-tolerance-vs-disaster-recovery\"\u003eHigh Availability vs. Fault Tolerance vs. Disaster Recovery\u003c/a\u003e \u0026mdash; You need IT infrastructure that you can count on even when you run into the rare network outage, equipment failure, or power issue. When your systems run into trouble, that’s where one or more of the three primary availability strategies will come into play: high availability, fault tolerance, and/or disaster recovery.\u003c/li\u003e\u003cli\u003e\u003ca title=\"High Availability: Concepts and Theory\" rel=\"nofollow\" href=\"https://hackernoon.com/high-availability-concepts-and-theory-980c58cbf87b\"\u003eHigh Availability: Concepts and Theory\u003c/a\u003e \u0026mdash; Running server operations using clusters of either physical or virtual computers is all about improving both reliability and performance over and above what you could expect from a single, high-powered server. \u003c/li\u003e\u003cli\u003e\u003ca title=\"RPO and RTO: Understanding the Differences\" rel=\"nofollow\" href=\"https://www.enterprisestorageforum.com/storage-management/rpo-and-rto-understanding-the-differences.html\"\u003eRPO and RTO: Understanding the Differences\u003c/a\u003e \u0026mdash; Recovery time objective refers to how much time an application can be down without causing significant damage to the business. Recovery point objectives refer to your company’s loss tolerance: the amount of data that can be lost before significant harm to the business occurs.\u003c/li\u003e\u003cli\u003e\u003ca title=\"JupiterBroadcasting/Talks\" rel=\"nofollow\" href=\"https://github.com/JupiterBroadcasting/Talks\"\u003eJupiterBroadcasting/Talks\u003c/a\u003e \u0026mdash; Public repository of crew talks, slides, and additional resources.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Command Line Threat Hunting\" rel=\"nofollow\" href=\"https://www.meetup.com/jupiterbroadcasting/events/260707829/\"\u003eCommand Line Threat Hunting\u003c/a\u003e \u0026mdash; That viruses and malware are Windows problems is a misnomer that is often propagated through the Linux community and it's an easy one to believe until you start noticing strange behavior on your system. What do you do next? Join Ell Marquez and Tony Lambert in discussing a common sense approach to threat detection using only command line tools.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Fear the Man in the Middle? This company wants to sell quantum key distribution\" rel=\"nofollow\" href=\"https://arstechnica.com/gadgets/2019/04/fear-the-man-in-the-middle-this-company-wants-to-sell-quantum-key-distribution/\"\u003eFear the Man in the Middle? This company wants to sell quantum key distribution\u003c/a\u003e \u0026mdash; For now, Quantum XChange has only said about a dozen companies are part of the pilot. But with the appetite for quantum solutions in the US increasing—the National Quantum Initiative was just signed into law at the end of 2018 to advance the tech—this could be an opportune time to enter the market, so long as the service lives up to its billing.\u003c/li\u003e\u003c/ul\u003e","summary":"We’re back from LinuxFest Northwest with an update on all things WireGuard, some VLAN myth busting, and the trade-offs of highly available systems.","date_published":"2019-05-10T21:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/e26c9e2a-3e0f-40b9-9875-d72821ee1792.mp3","mime_type":"audio/mp3","size_in_bytes":33509482,"duration_in_seconds":2792}]},{"id":"fbd74a16-dc81-4558-b87a-ff25a23a3669","title":"402: Snapshot Sanity","url":"https://techsnap.systems/402","content_text":"We continue our take on ZFS as Jim and Wes dive in to snapshots, replication, and the magic on copy on write.\n\nPlus some handy tools to manage your snapshots, rsync war stories, and more!Links:sanoid: Policy-driven snapshot management and replication tools. — Sanoid is a policy-driven snapshot management tool for ZFS filesystems. When combined with the Linux KVM hypervisor, you can use it to make your systems functionally immortal.\r\n\r\nSyncoid — Sanoid also includes a replication tool, syncoid, which facilitates the asynchronous incremental replication of ZFS filesystems. Copy-on-write - WikipediaZFS PaperThe Magic Behind APFS: Copy-On-Write — The brand-new Apple File System (APFS) that landed with macOS High Sierra brings a handful of important new features that rely on a technique called copy-on-write (CoW).Chapter 19. The Z File System (ZFS)","content_html":"\u003cp\u003eWe continue our take on ZFS as Jim and Wes dive in to snapshots, replication, and the magic on copy on write.\u003c/p\u003e\n\n\u003cp\u003ePlus some handy tools to manage your snapshots, rsync war stories, and more!\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"sanoid: Policy-driven snapshot management and replication tools.\" rel=\"nofollow\" href=\"https://github.com/jimsalterjrs/sanoid\"\u003esanoid: Policy-driven snapshot management and replication tools.\u003c/a\u003e \u0026mdash; Sanoid is a policy-driven snapshot management tool for ZFS filesystems. When combined with the Linux KVM hypervisor, you can use it to make your systems functionally immortal.\r\n\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"Syncoid\" rel=\"nofollow\" href=\"https://github.com/jimsalterjrs/sanoid#syncoid\"\u003eSyncoid\u003c/a\u003e \u0026mdash; Sanoid also includes a replication tool, syncoid, which facilitates the asynchronous incremental replication of ZFS filesystems. \u003c/li\u003e\u003cli\u003e\u003ca title=\"Copy-on-write - Wikipedia\" rel=\"nofollow\" href=\"https://en.wikipedia.org/wiki/Copy-on-write\"\u003eCopy-on-write - Wikipedia\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"ZFS Paper\" rel=\"nofollow\" href=\"https://www.cpp.edu/~gkuri/classes/ece426/ZFS.pdf\"\u003eZFS Paper\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"The Magic Behind APFS: Copy-On-Write\" rel=\"nofollow\" href=\"https://mac-optimization.bestreviews.net/the-magic-behind-apfs-copy-on-write/\"\u003eThe Magic Behind APFS: Copy-On-Write\u003c/a\u003e \u0026mdash; The brand-new Apple File System (APFS) that landed with macOS High Sierra brings a handful of important new features that rely on a technique called copy-on-write (CoW).\u003c/li\u003e\u003cli\u003e\u003ca title=\"Chapter 19. The Z File System (ZFS)\" rel=\"nofollow\" href=\"https://www.freebsd.org/doc/handbook/zfs.html\"\u003eChapter 19. The Z File System (ZFS)\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"We continue our take on ZFS as Jim and Wes dive in to snapshots, replication, and the magic on copy on write.","date_published":"2019-04-25T16:45:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/fbd74a16-dc81-4558-b87a-ff25a23a3669.mp3","mime_type":"audio/mp3","size_in_bytes":22728016,"duration_in_seconds":1893}]},{"id":"ea1f89db-e748-47fd-b288-833a330704ce","title":"401: Everyday ZFS","url":"https://techsnap.systems/401","content_text":"Jim and Wes sit down to bust some ZFS myths and share their tips and tricks for getting the most out of the ultimate filesystem.\n\nPlus when not to use ZFS, the surprising way your disks are lying to you, and more!Links:ZFS - Ubuntu Wiki — ZFS is a combined file system and logical volume manager designed and implemented by a team at Sun Microsystems led by Jeff Bonwick and Matthew Ahrens.Performance tuning - OpenZFS — Make sure that you create your pools such that the vdevs have the correct alignment shift for your storage device's size. if dealing with flash media, this is going to be either 12 (4K sectors) or 13 (8K sectors).","content_html":"\u003cp\u003eJim and Wes sit down to bust some ZFS myths and share their tips and tricks for getting the most out of the ultimate filesystem.\u003c/p\u003e\n\n\u003cp\u003ePlus when not to use ZFS, the surprising way your disks are lying to you, and more!\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"ZFS - Ubuntu Wiki\" rel=\"nofollow\" href=\"https://wiki.ubuntu.com/ZFS\"\u003eZFS - Ubuntu Wiki\u003c/a\u003e \u0026mdash; ZFS is a combined file system and logical volume manager designed and implemented by a team at Sun Microsystems led by Jeff Bonwick and Matthew Ahrens.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Performance tuning - OpenZFS\" rel=\"nofollow\" href=\"http://open-zfs.org/wiki/Performance_tuning#Alignment_shift\"\u003ePerformance tuning - OpenZFS\u003c/a\u003e \u0026mdash; Make sure that you create your pools such that the vdevs have the correct alignment shift for your storage device's size. if dealing with flash media, this is going to be either 12 (4K sectors) or 13 (8K sectors).\u003c/li\u003e\u003c/ul\u003e","summary":"Jim and Wes sit down to bust some ZFS myths and share their tips and tricks for getting the most out of the ultimate filesystem.","date_published":"2019-04-11T22:15:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/ea1f89db-e748-47fd-b288-833a330704ce.mp3","mime_type":"audio/mp3","size_in_bytes":34263376,"duration_in_seconds":2855}]},{"id":"c46ae690-b668-4708-a781-8e923bc4baf4","title":"400: Supply Chain Attacks","url":"https://techsnap.systems/400","content_text":"We break down the ASUS Live Update backdoor and explore why these kinds of supply chain attacks are on the rise.\n\nPlus an update from the linux vendor firmware service, your feedback, and more!Links:Joren Verspeurt on Twitter — The explanation you gave for unsupervised wasn't correct, that was just using a net that was trained in a supervised way. Unsupervised learning doesn't involve labels at all. A good example: clustering. You say \"there are x clusters\" and it learns a way of grouping similar items.Hackers Hijacked ASUS Software Updates to Install Backdoors on Thousands of Computers — The researchers estimate half a million Windows machines received the malicious backdoor through the ASUS update server, although the attackers appear to have been targeting only about 600 of those systems.Malicious updates for ASUS laptops — A threat actor modified the ASUS Live Update Utility, which delivers BIOS, UEFI, and software updates to ASUS laptops and desktops, added a back door to the utility, and then distributed it to users through official channels.Asus Live Update Patch Now Availabile — Asus has emitted a non-spyware-riddled version of Live Update for people to install on its notebooks, which includes extra security features to hopefully detect any future tampering.ASUS response to the recent media reports regarding ASUS Live Update tool attack by Advanced Persistent Threat (APT) groups — ASUS has also implemented a fix in the latest version (ver. 3.6.8) of the Live Update software, introduced multiple security verification mechanisms to prevent any malicious manipulation in the form of software updates or other means, and implemented an enhanced end-to-end encryption mechanism. At the same time, we have also updated and strengthened our server-to-end-user software architecture to prevent similar attacks from happening in the future.The Messy Truth About Infiltrating Computer Supply Chains — The Defense Intelligence Agency believed that China’s capability at exploiting the BIOS “reflects a qualitative leap forward in exploitation that is difficult to detect”Inside the Unnerving CCleaner Supply Chain Attack — Security researchers at Cisco Talos and Morphisec made a worst nightmare-type disclosure: the ubiquitous computer cleanup tool CCleaner had been compromised by hackers for more than a month. The software updates users were downloading from CCleaner owner Avast—a security company itself—had been tainted with a malware backdoor. The incident exposed millions of computers and reinforced the threat of so-called digital supply chain attacks, situations where trusted, widely distributed software is actually infected by malicious code.ShadowPad: How Attackers hide Backdoor in Software used by Hundreds of Large Companies around the World — ShadowPad is an example of how dangerous and wide-scale a successful supply-chain attack can be. Given the opportunities for reach and data collection it gives to the attackers, most likely it will be reproduced again and again with some other widely used software component. Gaming industry still in the scope of attackers in Asia — Yet again, new supply-chain attacks recently caught the attention of ESET Researchers. This time, two games and one gaming platform application were compromised to include a backdoor.Microsoft Security Intelligence Report Volume 24 is now available — Software supply chain attacks are another trend that Microsoft has been tracking for several years. One supply chain tactic used by attackers is to incorporate a compromised component into a legitimate application or update package, which then is distributed to the users via the software. These attacks can be very difficult to detect because they take advantage of the trust that users have in their software vendors. The report includes several examples, including the Dofoil campaign, which illustrates how wide-reaching these types of attacks are and what we are doing to prevent and respond to them.Microsoft Security Intelligence Report Volume 24Supply Chain Attacks Spiked 78 Percent in 2018Supply Chain Security: A Talk by Bunnie Huang — I recently gave an invited talk about supply chain security at BlueHat IL 2019. I was a bit surprised at the level of interest it received, so I thought I’d share it here for people who might have missed it.Attack inception: Compromised supply chain within a supply chain poses new risk — The plot twist: The app vendor’s systems were unaffected. The compromise was traceable instead to a second software vendor that hosted additional packages used by the app during installation. This turned out be an interesting and unique case of an attack involving “the supply chain of the supply chain”.Supply Chain Attacks and Secure Software Updates — In general, a supply chain attack involves first hacking a trusted third party who provides a product or service to your target, and then using your newly acquired, privileged position to compromise your intended target.Bad USB, Very Bad USB — The best defense for this type of attack is to only use devices that do not have reprogrammable firmware. Outside of this, it is important to only use USB drives that you trust completely, because after plugging in an untrusted device, you will never know if there is an invisible threat running on your computer.Reflections on Trusting Trust by Ken ThompsonLVFS Project Announcement - The Linux Foundation — The Linux Foundation welcomes the Linux Vendor Firmware Service (LVFS) as a new project. LVFS is a secure website that allows hardware vendors to upload firmware updates. It’s used by all major Linux distributions to provide metadata for clients, such as fwupdmgr, GNOME Software and KDE Discover.LVFS: Vendor StatusTwo new supply-chain attacks come to light in less than a week — Called “Colourama,” the package looked similar to Colorama, which is one of the top-20 most-downloaded legitimate modules in the Python repository. The doppelgänger Colourama package contained most of the legitimate functions of the legitimate module, with one significant difference: Colourama added code that, when run on Windows servers, installed a Visual Basic script.Malicious code found in npm package event-stream downloaded 8 million times in the past 2.5 months","content_html":"\u003cp\u003eWe break down the ASUS Live Update backdoor and explore why these kinds of supply chain attacks are on the rise.\u003c/p\u003e\n\n\u003cp\u003ePlus an update from the linux vendor firmware service, your feedback, and more!\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Joren Verspeurt on Twitter\" rel=\"nofollow\" href=\"https://twitter.com/JorenYuuji/status/1109040022341275648\"\u003eJoren Verspeurt on Twitter\u003c/a\u003e \u0026mdash; The explanation you gave for unsupervised wasn't correct, that was just using a net that was trained in a supervised way. Unsupervised learning doesn't involve labels at all. A good example: clustering. You say \"there are x clusters\" and it learns a way of grouping similar items.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Hackers Hijacked ASUS Software Updates to Install Backdoors on Thousands of Computers\" rel=\"nofollow\" href=\"https://motherboard.vice.com/en_us/article/pan9wn/hackers-hijacked-asus-software-updates-to-install-backdoors-on-thousands-of-computers\"\u003eHackers Hijacked ASUS Software Updates to Install Backdoors on Thousands of Computers\u003c/a\u003e \u0026mdash; The researchers estimate half a million Windows machines received the malicious backdoor through the ASUS update server, although the attackers appear to have been targeting only about 600 of those systems.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Malicious updates for ASUS laptops\" rel=\"nofollow\" href=\"https://www.kaspersky.com/blog/shadow-hammer-teaser/26149/\"\u003eMalicious updates for ASUS laptops\u003c/a\u003e \u0026mdash; A threat actor modified the ASUS Live Update Utility, which delivers BIOS, UEFI, and software updates to ASUS laptops and desktops, added a back door to the utility, and then distributed it to users through official channels.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Asus Live Update Patch Now Availabile\" rel=\"nofollow\" href=\"https://www.theregister.co.uk/2019/03/26/asus_live_update_patch/\"\u003eAsus Live Update Patch Now Availabile\u003c/a\u003e \u0026mdash; Asus has emitted a non-spyware-riddled version of Live Update for people to install on its notebooks, which includes extra security features to hopefully detect any future tampering.\u003c/li\u003e\u003cli\u003e\u003ca title=\"ASUS response to the recent media reports regarding ASUS Live Update tool attack by Advanced Persistent Threat (APT) groups\" rel=\"nofollow\" href=\"https://www.asus.com/News/hqfgVUyZ6uyAyJe1\"\u003eASUS response to the recent media reports regarding ASUS Live Update tool attack by Advanced Persistent Threat (APT) groups\u003c/a\u003e \u0026mdash; ASUS has also implemented a fix in the latest version (ver. 3.6.8) of the Live Update software, introduced multiple security verification mechanisms to prevent any malicious manipulation in the form of software updates or other means, and implemented an enhanced end-to-end encryption mechanism. At the same time, we have also updated and strengthened our server-to-end-user software architecture to prevent similar attacks from happening in the future.\u003c/li\u003e\u003cli\u003e\u003ca title=\"The Messy Truth About Infiltrating Computer Supply Chains\" rel=\"nofollow\" href=\"https://theintercept.com/2019/01/24/computer-supply-chain-attacks/\"\u003eThe Messy Truth About Infiltrating Computer Supply Chains\u003c/a\u003e \u0026mdash; The Defense Intelligence Agency believed that China’s capability at exploiting the BIOS “reflects a qualitative leap forward in exploitation that is difficult to detect”\u003c/li\u003e\u003cli\u003e\u003ca title=\"Inside the Unnerving CCleaner Supply Chain Attack\" rel=\"nofollow\" href=\"https://www.wired.com/story/inside-the-unnerving-supply-chain-attack-that-corrupted-ccleaner/\"\u003eInside the Unnerving CCleaner Supply Chain Attack\u003c/a\u003e \u0026mdash; Security researchers at Cisco Talos and Morphisec made a worst nightmare-type disclosure: the ubiquitous computer cleanup tool CCleaner had been compromised by hackers for more than a month. The software updates users were downloading from CCleaner owner Avast—a security company itself—had been tainted with a malware backdoor. The incident exposed millions of computers and reinforced the threat of so-called digital supply chain attacks, situations where trusted, widely distributed software is actually infected by malicious code.\u003c/li\u003e\u003cli\u003e\u003ca title=\"ShadowPad: How Attackers hide Backdoor in Software used by Hundreds of Large Companies around the World\" rel=\"nofollow\" href=\"https://www.kaspersky.com/about/press-releases/2017_shadowpad-how-attackers-hide-backdoor-in-software-used-by-hundreds-of-large-companies-around-the-world\"\u003eShadowPad: How Attackers hide Backdoor in Software used by Hundreds of Large Companies around the World\u003c/a\u003e \u0026mdash; ShadowPad is an example of how dangerous and wide-scale a successful supply-chain attack can be. Given the opportunities for reach and data collection it gives to the attackers, most likely it will be reproduced again and again with some other widely used software component. \u003c/li\u003e\u003cli\u003e\u003ca title=\"Gaming industry still in the scope of attackers in Asia\" rel=\"nofollow\" href=\"https://www.welivesecurity.com/2019/03/11/gaming-industry-scope-attackers-asia/\"\u003eGaming industry still in the scope of attackers in Asia\u003c/a\u003e \u0026mdash; Yet again, new supply-chain attacks recently caught the attention of ESET Researchers. This time, two games and one gaming platform application were compromised to include a backdoor.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Microsoft Security Intelligence Report Volume 24 is now available\" rel=\"nofollow\" href=\"https://www.microsoft.com/security/blog/2019/02/28/microsoft-security-intelligence-report-volume-24-is-now-available/\"\u003eMicrosoft Security Intelligence Report Volume 24 is now available\u003c/a\u003e \u0026mdash; Software supply chain attacks are another trend that Microsoft has been tracking for several years. One supply chain tactic used by attackers is to incorporate a compromised component into a legitimate application or update package, which then is distributed to the users via the software. These attacks can be very difficult to detect because they take advantage of the trust that users have in their software vendors. The report includes several examples, including the Dofoil campaign, which illustrates how wide-reaching these types of attacks are and what we are doing to prevent and respond to them.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Microsoft Security Intelligence Report Volume 24\" rel=\"nofollow\" href=\"https://clouddamcdnprodep.azureedge.net/gdc/gdcVAOQd7/original\"\u003eMicrosoft Security Intelligence Report Volume 24\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Supply Chain Attacks Spiked 78 Percent in 2018\" rel=\"nofollow\" href=\"https://www.nextgov.com/cybersecurity/2019/02/supply-chain-attacks-spiked-78-percent-2018-cyber-researchers-found/154996/\"\u003eSupply Chain Attacks Spiked 78 Percent in 2018\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Supply Chain Security: A Talk by Bunnie Huang\" rel=\"nofollow\" href=\"https://www.bunniestudios.com/blog/?p=5519\"\u003eSupply Chain Security: A Talk by Bunnie Huang\u003c/a\u003e \u0026mdash; I recently gave an invited talk about supply chain security at BlueHat IL 2019. I was a bit surprised at the level of interest it received, so I thought I’d share it here for people who might have missed it.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Attack inception: Compromised supply chain within a supply chain poses new risk\" rel=\"nofollow\" href=\"https://www.microsoft.com/security/blog/2018/07/26/attack-inception-compromised-supply-chain-within-a-supply-chain-poses-new-risks/\"\u003eAttack inception: Compromised supply chain within a supply chain poses new risk\u003c/a\u003e \u0026mdash; The plot twist: The app vendor’s systems were unaffected. The compromise was traceable instead to a second software vendor that hosted additional packages used by the app during installation. This turned out be an interesting and unique case of an attack involving “the supply chain of the supply chain”.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Supply Chain Attacks and Secure Software Updates\" rel=\"nofollow\" href=\"https://paragonie.com/blog/2017/09/supply-chain-attacks-and-secure-software-updates\"\u003eSupply Chain Attacks and Secure Software Updates\u003c/a\u003e \u0026mdash; In general, a supply chain attack involves first hacking a trusted third party who provides a product or service to your target, and then using your newly acquired, privileged position to compromise your intended target.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Bad USB, Very Bad USB\" rel=\"nofollow\" href=\"https://lmgsecurity.com/bad-usb-very-bad-usb/\"\u003eBad USB, Very Bad USB\u003c/a\u003e \u0026mdash; The best defense for this type of attack is to only use devices that do not have reprogrammable firmware. Outside of this, it is important to only use USB drives that you trust completely, because after plugging in an untrusted device, you will never know if there is an invisible threat running on your computer.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Reflections on Trusting Trust by Ken Thompson\" rel=\"nofollow\" href=\"https://dl.acm.org/citation.cfm?id=358210\"\u003eReflections on Trusting Trust by Ken Thompson\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"LVFS Project Announcement - The Linux Foundation\" rel=\"nofollow\" href=\"https://www.linuxfoundation.org/blog/2019/03/lvfs-project-announcement/\"\u003eLVFS Project Announcement - The Linux Foundation\u003c/a\u003e \u0026mdash; The Linux Foundation welcomes the Linux Vendor Firmware Service (LVFS) as a new project. LVFS is a secure website that allows hardware vendors to upload firmware updates. It’s used by all major Linux distributions to provide metadata for clients, such as fwupdmgr, GNOME Software and KDE Discover.\u003c/li\u003e\u003cli\u003e\u003ca title=\"LVFS: Vendor Status\" rel=\"nofollow\" href=\"https://fwupd.org/vendorlist\"\u003eLVFS: Vendor Status\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Two new supply-chain attacks come to light in less than a week\" rel=\"nofollow\" href=\"https://arstechnica.com/information-technology/2018/10/two-new-supply-chain-attacks-come-to-light-in-less-than-a-week/\"\u003eTwo new supply-chain attacks come to light in less than a week\u003c/a\u003e \u0026mdash; Called “Colourama,” the package looked similar to Colorama, which is one of the top-20 most-downloaded legitimate modules in the Python repository. The doppelgänger Colourama package contained most of the legitimate functions of the legitimate module, with one significant difference: Colourama added code that, when run on Windows servers, installed a Visual Basic script.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Malicious code found in npm package event-stream downloaded 8 million times in the past 2.5 months\" rel=\"nofollow\" href=\"https://snyk.io/blog/malicious-code-found-in-npm-package-event-stream/\"\u003eMalicious code found in npm package event-stream downloaded 8 million times in the past 2.5 months\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"We break down the ASUS Live Update backdoor and explore why these kinds of supply chain attacks are on the rise.","date_published":"2019-03-28T20:15:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/c46ae690-b668-4708-a781-8e923bc4baf4.mp3","mime_type":"audio/mp3","size_in_bytes":23436770,"duration_in_seconds":1953}]},{"id":"6a9e036e-abe5-4b0c-b727-2d3dab34ce1d","title":"399: Ethics in AI","url":"https://techsnap.systems/399","content_text":"Machine learning promises to change many industries, but with these changes come dangerous new risks. Join Jim and Wes as they explore some of the surprising ways bias can creep in and the serious consequences of ignoring these problems.Links:Microsoft’s neo-Nazi sexbot was a great lesson for makers of AI assistants — What started out as an entertaining social experiment—get regular people to talk to a chatbot so it could learn while they, hopefully, had fun—became a nightmare for Tay’s creators. Users soon figured out how to make Tay say awful things. Microsoft took the chatbot offline after less than a day.Microsoft's Zo chatbot is a politically correct version of her sister Tay—except she’s much, much worse — A few months after Tay’s disastrous debut, Microsoft quietly released Zo, a second English-language chatbot available on Messenger, Kik, Skype, Twitter, and Groupme.How to make a racist AI without really trying | ConceptNet blog — Some people expect that fighting algorithmic racism is going to come with some sort of trade-off. There’s no trade-off here. You can have data that’s better and less racist. You can have data that’s better because it’s less racist. There was never anything “accurate” about the overt racism that word2vec and GloVe learned.Microsoft warned investors that biased or flawed AI could hurt the company’s image — Notably, this addition comes after a research paper by MIT Media Lab graduate researcher Joy Buolamwini showed in February 2018 that Microsoft’s facial recognition algorithm’s was less accurate for women and people of color. In response, Microsoft updated its facial recognition models, and wrote a blog post about how it was addressing bias in its software.AI bias: It is the responsibility of humans to ensure fairness — Amazon recently pulled the plug on its experimental AI-powered recruitment engine when it was discovered that the machine learning technology behind it was exhibiting bias against female applicants.California Police Using AI Program That Tells Them Where to Patrol, Critics Say It May Just Reinforce Racial Bias — “The potential for bias to creep into the deployment of the tools is enormous. Simply put, the devil is in the data,” Vincent Southerland, executive director of the Center on Race, Inequality, and the Law at NYU School of Law, wrote for the American Civil Liberties Union last year.\r\n\r\nA.I. Could Worsen Health Disparities — A recent study found that some facial recognition programs incorrectly classify less than 1 percent of light-skinned men but more than one-third of dark-skinned women. What happens when we rely on such algorithms to diagnose melanoma on light versus dark skin?Responsible AI Practices — These questions are far from solved, and in fact are active areas of research and development. Google is committed to making progress in the responsible development of AI and to sharing knowledge, research, tools, datasets, and other resources with the larger community. Below we share some of our current work and recommended practices.The Ars Technica System Guide, Winter 2019: The one about the servers — The Winter 2019 Ars System Guide has returned to its roots: showing readers three real-world system builds we like at this precise moment in time. Instead of general performance desktops, this time around we're going to focus specifically on building some servers.Introduction to Python Development at Linux Academy — This course is designed to teach you how to program using Python. We'll cover the building blocks of the language, programming design fundamentals, how to use the standard library, third-party packages, and how to create Python projects. In the end, you should have a grasp of how to program.","content_html":"\u003cp\u003eMachine learning promises to change many industries, but with these changes come dangerous new risks. Join Jim and Wes as they explore some of the surprising ways bias can creep in and the serious consequences of ignoring these problems.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Microsoft’s neo-Nazi sexbot was a great lesson for makers of AI assistants\" rel=\"nofollow\" href=\"https://www.technologyreview.com/s/610634/microsofts-neo-nazi-sexbot-was-a-great-lesson-for-makers-of-ai-assistants/\"\u003eMicrosoft’s neo-Nazi sexbot was a great lesson for makers of AI assistants\u003c/a\u003e \u0026mdash; What started out as an entertaining social experiment—get regular people to talk to a chatbot so it could learn while they, hopefully, had fun—became a nightmare for Tay’s creators. Users soon figured out how to make Tay say awful things. Microsoft took the chatbot offline after less than a day.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Microsoft\u0026#39;s Zo chatbot is a politically correct version of her sister Tay—except she’s much, much worse\" rel=\"nofollow\" href=\"https://qz.com/1340990/microsofts-politically-correct-chat-bot-is-even-worse-than-its-racist-one/\"\u003eMicrosoft\u0026#39;s Zo chatbot is a politically correct version of her sister Tay—except she’s much, much worse\u003c/a\u003e \u0026mdash; A few months after Tay’s disastrous debut, Microsoft quietly released Zo, a second English-language chatbot available on Messenger, Kik, Skype, Twitter, and Groupme.\u003c/li\u003e\u003cli\u003e\u003ca title=\"How to make a racist AI without really trying | ConceptNet blog\" rel=\"nofollow\" href=\"http://blog.conceptnet.io/posts/2017/how-to-make-a-racist-ai-without-really-trying/\"\u003eHow to make a racist AI without really trying | ConceptNet blog\u003c/a\u003e \u0026mdash; Some people expect that fighting algorithmic racism is going to come with some sort of trade-off. There’s no trade-off here. You can have data that’s better and less racist. You can have data that’s better because it’s less racist. There was never anything “accurate” about the overt racism that word2vec and GloVe learned.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Microsoft warned investors that biased or flawed AI could hurt the company’s image\" rel=\"nofollow\" href=\"https://qz.com/1542377/microsoft-warned-investors-that-biased-or-flawed-ai-could-hurt-the-companys-image/\"\u003eMicrosoft warned investors that biased or flawed AI could hurt the company’s image\u003c/a\u003e \u0026mdash; Notably, this addition comes after a research paper by MIT Media Lab graduate researcher Joy Buolamwini showed in February 2018 that Microsoft’s facial recognition algorithm’s was less accurate for women and people of color. In response, Microsoft updated its facial recognition models, and wrote a blog post about how it was addressing bias in its software.\u003c/li\u003e\u003cli\u003e\u003ca title=\"AI bias: It is the responsibility of humans to ensure fairness\" rel=\"nofollow\" href=\"https://www.information-age.com/ai-bias-123479217/\"\u003eAI bias: It is the responsibility of humans to ensure fairness\u003c/a\u003e \u0026mdash; Amazon recently pulled the plug on its experimental AI-powered recruitment engine when it was discovered that the machine learning technology behind it was exhibiting bias against female applicants.\u003c/li\u003e\u003cli\u003e\u003ca title=\"California Police Using AI Program That Tells Them Where to Patrol, Critics Say It May Just Reinforce Racial Bias\" rel=\"nofollow\" href=\"https://www.newsweek.com/california-police-artificial-intelligence-predictive-policing-predpol-santa-1358508\"\u003eCalifornia Police Using AI Program That Tells Them Where to Patrol, Critics Say It May Just Reinforce Racial Bias\u003c/a\u003e \u0026mdash; “The potential for bias to creep into the deployment of the tools is enormous. Simply put, the devil is in the data,” Vincent Southerland, executive director of the Center on Race, Inequality, and the Law at NYU School of Law, wrote for the American Civil Liberties Union last year.\r\n\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"A.I. Could Worsen Health Disparities\" rel=\"nofollow\" href=\"https://www.nytimes.com/2019/01/31/opinion/ai-bias-healthcare.html\"\u003eA.I. Could Worsen Health Disparities\u003c/a\u003e \u0026mdash; A recent study found that some facial recognition programs incorrectly classify less than 1 percent of light-skinned men but more than one-third of dark-skinned women. What happens when we rely on such algorithms to diagnose melanoma on light versus dark skin?\u003c/li\u003e\u003cli\u003e\u003ca title=\"Responsible AI Practices\" rel=\"nofollow\" href=\"https://ai.google/education/responsible-ai-practices\"\u003eResponsible AI Practices\u003c/a\u003e \u0026mdash; These questions are far from solved, and in fact are active areas of research and development. Google is committed to making progress in the responsible development of AI and to sharing knowledge, research, tools, datasets, and other resources with the larger community. Below we share some of our current work and recommended practices.\u003c/li\u003e\u003cli\u003e\u003ca title=\"The Ars Technica System Guide, Winter 2019: The one about the servers\" rel=\"nofollow\" href=\"https://arstechnica.com/gadgets/2019/03/the-ars-technica-system-guide-winter-2019-the-one-about-the-servers/\"\u003eThe Ars Technica System Guide, Winter 2019: The one about the servers\u003c/a\u003e \u0026mdash; The Winter 2019 Ars System Guide has returned to its roots: showing readers three real-world system builds we like at this precise moment in time. Instead of general performance desktops, this time around we're going to focus specifically on building some servers.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Introduction to Python Development at Linux Academy\" rel=\"nofollow\" href=\"https://linuxacademy.com/devops/training/course/name/intro-to-python-development?utm_source=social\u0026amp;utm_medium=twitter\u0026amp;utm_campaign=2019_aprilcourselaunch\"\u003eIntroduction to Python Development at Linux Academy\u003c/a\u003e \u0026mdash; This course is designed to teach you how to program using Python. We'll cover the building blocks of the language, programming design fundamentals, how to use the standard library, third-party packages, and how to create Python projects. In the end, you should have a grasp of how to program.\u003c/li\u003e\u003c/ul\u003e","summary":"Machine learning promises to change many industries, but with these changes come dangerous new risks. Join Jim and Wes as they explore some of the surprising ways bias can creep in and the serious consequences of ignoring these problems.","date_published":"2019-03-15T19:30:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/6a9e036e-abe5-4b0c-b727-2d3dab34ce1d.mp3","mime_type":"audio/mp3","size_in_bytes":27942893,"duration_in_seconds":2328}]},{"id":"9c4e48b3-6aef-470f-82d5-d954c5bca39a","title":"398: Proper Password Procedures","url":"https://techsnap.systems/398","content_text":"We reveal the shady password practices that are all too common at many utility providers, and hash out why salts are essential to proper password storage.\n\nPlus the benefits of passphrases, and what you can do to keep your local providers on the up and up.Links:Plain wrong: Millions of utility customers’ passwords stored in plain text | Ars Technica — In September of 2018, an anonymous independent security researcher (who we'll call X) noticed that their power company's website was offering to email—not reset!—lost account passwords to forgetful users. Startled, X fed the online form the utility account number and the last four phone number digits it was asking for. Sure enough, a few minutes later the account password, in plain text, was sitting in X's inbox.The LinkedIn Hack: Understanding Why It Was So Easy to Crack the Passwords | — LinkedIn stated that after the initial 2012 breach, they added enhanced protection, most likely adding the “salt” functionality to their passwords. However, if you have not changed your password since 2012, you do not have the added protection of a salted password hash. You may be asking yourself–what on earth are hashing and salting and how does this all work?How Developers got Password Security so Wrong — As time has gone on; developers have continued to store passwords insecurely, and users have continued to set them weakly. Despite this, no viable alternative has been created for password security.Adding Salt to Hashing: A Better Way to Store Passwords — A salt is added to the hashing process to force their uniqueness, increase their complexity without increasing user requirements, and to mitigate password attacks like rainbow tables.\r\n\r\nWhy Do Developers Get Password Storage Wrong? A Qualitative Usability Study — We were interested in exploring two particular aspects: Firstly, do developers get things wrong because they do not think about security and thus do not include security features (but could if they wanted to)? Or do they write insecure code because the complexity of the task is too great for them? Secondly, a common suggestion to increase security is to offer secure defaults.OWASP Password Storage Cheatsheet — This article provides guidance on properly storing passwords, secret question responses, and similar credential information.Secure Salted Password Hashing - How to do it Properly — If you're a web developer, you've probably had to make a user account system. The most important aspect of a user account system is how user passwords are protected. User account databases are hacked frequently, so you absolutely must do something to protect your users' passwords if your website is ever breached. The best way to protect passwords is to employ salted password hashing. This page will explain why it's done the way it is.Plain Text Offenders — We’re tired of websites abusing our trust and storing our passwords in plain text, exposing us to danger. Here we put websites we believe to be practicing this to shame.Cybersecurity 101: Why you need to use a password manager | TechCrunch — Think of a password manager like a book of your passwords, locked by a master key that only you know.On the Security of Password Managers - Schneier on Security — There's new research on the security of password managers, specifically 1Password, Dashlane, KeePass, and Lastpass. This work specifically looks at password leakage on the host computer. That is, does the password manager accidentally leave plaintext copies of the password lying around memory?LinuxFest Northwest 2019 — It's the 20th anniversary of LinuxFest Northwest! Come join your favorite Jupiter Broadcasting hosts at the Pacific Northwest's premier Linux event.SCALE 17x — The 17th annual Southern California Linux Expo – will take place on March. 7-10, 2019, at the Pasadena Convention Center. SCaLE 17x expects to host 150 exhibitors this year, along with nearly 130 sessions, tutorials and special events.Jupiter Broadcasting Meetups — The best place to find out when Jupiter Broadcasting has a meetup near you! Also stay tuned for upcoming virtual study groups.","content_html":"\u003cp\u003eWe reveal the shady password practices that are all too common at many utility providers, and hash out why salts are essential to proper password storage.\u003c/p\u003e\n\n\u003cp\u003ePlus the benefits of passphrases, and what you can do to keep your local providers on the up and up.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Plain wrong: Millions of utility customers’ passwords stored in plain text | Ars Technica\" rel=\"nofollow\" href=\"https://arstechnica.com/tech-policy/2019/02/plain-wrong-millions-of-utility-customers-passwords-stored-in-plain-text/\"\u003ePlain wrong: Millions of utility customers’ passwords stored in plain text | Ars Technica\u003c/a\u003e \u0026mdash; In September of 2018, an anonymous independent security researcher (who we'll call X) noticed that their power company's website was offering to email—not reset!—lost account passwords to forgetful users. Startled, X fed the online form the utility account number and the last four phone number digits it was asking for. Sure enough, a few minutes later the account password, in plain text, was sitting in X's inbox.\u003c/li\u003e\u003cli\u003e\u003ca title=\"The LinkedIn Hack: Understanding Why It Was So Easy to Crack the Passwords |\" rel=\"nofollow\" href=\"https://inspiredelearning.com/blog/the-linkedin-hack-understanding-why-it-was-so-easy-to-crack-the-passwords-2/\"\u003eThe LinkedIn Hack: Understanding Why It Was So Easy to Crack the Passwords |\u003c/a\u003e \u0026mdash; LinkedIn stated that after the initial 2012 breach, they added enhanced protection, most likely adding the “salt” functionality to their passwords. However, if you have not changed your password since 2012, you do not have the added protection of a salted password hash. You may be asking yourself–what on earth are hashing and salting and how does this all work?\u003c/li\u003e\u003cli\u003e\u003ca title=\"How Developers got Password Security so Wrong\" rel=\"nofollow\" href=\"https://blog.cloudflare.com/how-developers-got-password-security-so-wrong/\"\u003eHow Developers got Password Security so Wrong\u003c/a\u003e \u0026mdash; As time has gone on; developers have continued to store passwords insecurely, and users have continued to set them weakly. Despite this, no viable alternative has been created for password security.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Adding Salt to Hashing: A Better Way to Store Passwords\" rel=\"nofollow\" href=\"https://auth0.com/blog/adding-salt-to-hashing-a-better-way-to-store-passwords/\"\u003eAdding Salt to Hashing: A Better Way to Store Passwords\u003c/a\u003e \u0026mdash; A salt is added to the hashing process to force their uniqueness, increase their complexity without increasing user requirements, and to mitigate password attacks like rainbow tables.\r\n\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"Why Do Developers Get Password Storage Wrong? A Qualitative Usability Study\" rel=\"nofollow\" href=\"https://arxiv.org/abs/1708.08759\"\u003eWhy Do Developers Get Password Storage Wrong? A Qualitative Usability Study\u003c/a\u003e \u0026mdash; We were interested in exploring two particular aspects: Firstly, do developers get things wrong because they do not think about security and thus do not include security features (but could if they wanted to)? Or do they write insecure code because the complexity of the task is too great for them? Secondly, a common suggestion to increase security is to offer secure defaults.\u003c/li\u003e\u003cli\u003e\u003ca title=\"OWASP Password Storage Cheatsheet\" rel=\"nofollow\" href=\"https://github.com/OWASP/CheatSheetSeries/blob/master/cheatsheets/Password_Storage_Cheat_Sheet.md\"\u003eOWASP Password Storage Cheatsheet\u003c/a\u003e \u0026mdash; This article provides guidance on properly storing passwords, secret question responses, and similar credential information.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Secure Salted Password Hashing - How to do it Properly\" rel=\"nofollow\" href=\"https://crackstation.net/hashing-security.htm\"\u003eSecure Salted Password Hashing - How to do it Properly\u003c/a\u003e \u0026mdash; If you're a web developer, you've probably had to make a user account system. The most important aspect of a user account system is how user passwords are protected. User account databases are hacked frequently, so you absolutely must do something to protect your users' passwords if your website is ever breached. The best way to protect passwords is to employ salted password hashing. This page will explain why it's done the way it is.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Plain Text Offenders\" rel=\"nofollow\" href=\"http://plaintextoffenders.com/\"\u003ePlain Text Offenders\u003c/a\u003e \u0026mdash; We’re tired of websites abusing our trust and storing our passwords in plain text, exposing us to danger. Here we put websites we believe to be practicing this to shame.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Cybersecurity 101: Why you need to use a password manager | TechCrunch\" rel=\"nofollow\" href=\"https://techcrunch.com/2018/12/25/cybersecurity-101-guide-password-manager/\"\u003eCybersecurity 101: Why you need to use a password manager | TechCrunch\u003c/a\u003e \u0026mdash; Think of a password manager like a book of your passwords, locked by a master key that only you know.\u003c/li\u003e\u003cli\u003e\u003ca title=\"On the Security of Password Managers - Schneier on Security\" rel=\"nofollow\" href=\"https://www.schneier.com/blog/archives/2019/02/on_the_security_1.html\"\u003eOn the Security of Password Managers - Schneier on Security\u003c/a\u003e \u0026mdash; There's new research on the security of password managers, specifically 1Password, Dashlane, KeePass, and Lastpass. This work specifically looks at password leakage on the host computer. That is, does the password manager accidentally leave plaintext copies of the password lying around memory?\u003c/li\u003e\u003cli\u003e\u003ca title=\"LinuxFest Northwest 2019\" rel=\"nofollow\" href=\"https://linuxfestnorthwest.org/conferences/2019\"\u003eLinuxFest Northwest 2019\u003c/a\u003e \u0026mdash; It's the 20th anniversary of LinuxFest Northwest! Come join your favorite Jupiter Broadcasting hosts at the Pacific Northwest's premier Linux event.\u003c/li\u003e\u003cli\u003e\u003ca title=\"SCALE 17x\" rel=\"nofollow\" href=\"https://www.socallinuxexpo.org/scale/17x\"\u003eSCALE 17x\u003c/a\u003e \u0026mdash; The 17th annual Southern California Linux Expo – will take place on March. 7-10, 2019, at the Pasadena Convention Center. SCaLE 17x expects to host 150 exhibitors this year, along with nearly 130 sessions, tutorials and special events.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Jupiter Broadcasting Meetups\" rel=\"nofollow\" href=\"https://www.meetup.com/jupiterbroadcasting/\"\u003eJupiter Broadcasting Meetups\u003c/a\u003e \u0026mdash; The best place to find out when Jupiter Broadcasting has a meetup near you! Also stay tuned for upcoming virtual study groups.\u003c/li\u003e\u003c/ul\u003e","summary":"We reveal the shady password practices that are all too common at many utility providers, and hash out why salts are essential to proper password storage.","date_published":"2019-02-28T18:00:00.000-08:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/9c4e48b3-6aef-470f-82d5-d954c5bca39a.mp3","mime_type":"audio/mp3","size_in_bytes":22603569,"duration_in_seconds":1883}]},{"id":"a6b87767-ad4e-429f-b82a-703023411eb6","title":"397: Quality Tools","url":"https://techsnap.systems/397","content_text":"Join Jim and Wes as they battle bufferbloat, latency spikes, and network hogs with some of their favorite tools for traffic shaping, firewalling, and QoS. \n\nPlus the importance of sane defaults and why netdata belongs on every system.Links:Why you want QoS - Netdata Documentation — One of the features the Linux kernel has, but it is rarely used, is its ability to apply QoS on traffic. Even most interesting is that it can apply QoS to both inbound and outbound traffic.FireQOS Wiki — FireQOS is a helper to assist you configure traffic shaping on Linux.\r\n\r\nFireHOL - Linux firewalling and traffic shaping for humans — FireHOL is a language (and a program to run it) which builds secure, stateful firewalls from easy to understand, human-readable configurations. The configurations stay readable even for very complex setups.tc(8) man page — Traffic Control consists of the following:\r\n\r\nSHAPING\r\nWhen traffic is shaped, its rate of transmission is under control. Shaping may be more than lowering the available bandwidth - it is also used to smooth out bursts in traffic for better network behaviour. Shaping occurs on egress.\r\nSCHEDULING\r\nBy scheduling the transmission of packets it is possible to improve interactivity for traffic that needs it while still guaranteeing bandwidth to bulk transfers. Reordering is also called prioritizing, and happens only on egress.\r\nPOLICING\r\nWhere shaping deals with transmission of traffic, policing pertains to traffic arriving. Policing thus occurs on ingress.\r\nDROPPING\r\nTraffic exceeding a set bandwidth may also be dropped forthwith, both on ingress and on egress.Overview of Traffic Control Concepts — Traffic control is the name given to the sets of queuing systems and mechanisms by which packets are received and transmitted on a router. This includes deciding which (and whether) packets to accept at what rate on the input of an interface and determining which packets to transmit in what order at what rate on the output of an interface.Advanced traffic control - ArchWikiJourney to the Center of the Linux Kernel: Traffic Control, Shaping and QoS — This document describes the Traffic Control subsystem of the Linux Kernel in depth, algorithm by algorithm, and shows how it can be used to manage the outgoing traffic of a Linux system.Netdata Real-time performance monitoring, done right! — Netdata is distributed, real-time, performance and health monitoring for systems and applications. It is a highly optimized monitoring agent you install on all your systems and containers.Add more charts to netdata — To collect non-system metrics, netdata supports a plugin architecture. ","content_html":"\u003cp\u003eJoin Jim and Wes as they battle bufferbloat, latency spikes, and network hogs with some of their favorite tools for traffic shaping, firewalling, and QoS. \u003c/p\u003e\n\n\u003cp\u003ePlus the importance of sane defaults and why netdata belongs on every system.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Why you want QoS - Netdata Documentation\" rel=\"nofollow\" href=\"https://docs.netdata.cloud/collectors/tc.plugin/#why-you-want-qos\"\u003eWhy you want QoS - Netdata Documentation\u003c/a\u003e \u0026mdash; One of the features the Linux kernel has, but it is rarely used, is its ability to apply QoS on traffic. Even most interesting is that it can apply QoS to both inbound and outbound traffic.\u003c/li\u003e\u003cli\u003e\u003ca title=\"FireQOS Wiki\" rel=\"nofollow\" href=\"https://github.com/firehol/firehol/wiki/FireQOS\"\u003eFireQOS Wiki\u003c/a\u003e \u0026mdash; FireQOS is a helper to assist you configure traffic shaping on Linux.\r\n\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"FireHOL - Linux firewalling and traffic shaping for humans\" rel=\"nofollow\" href=\"https://firehol.org/\"\u003eFireHOL - Linux firewalling and traffic shaping for humans\u003c/a\u003e \u0026mdash; FireHOL is a language (and a program to run it) which builds secure, stateful firewalls from easy to understand, human-readable configurations. The configurations stay readable even for very complex setups.\u003c/li\u003e\u003cli\u003e\u003ca title=\"tc(8) man page\" rel=\"nofollow\" href=\"https://linux.die.net/man/8/tc\"\u003etc(8) man page\u003c/a\u003e \u0026mdash; Traffic Control consists of the following:\r\n\r\nSHAPING\r\nWhen traffic is shaped, its rate of transmission is under control. Shaping may be more than lowering the available bandwidth - it is also used to smooth out bursts in traffic for better network behaviour. Shaping occurs on egress.\r\nSCHEDULING\r\nBy scheduling the transmission of packets it is possible to improve interactivity for traffic that needs it while still guaranteeing bandwidth to bulk transfers. Reordering is also called prioritizing, and happens only on egress.\r\nPOLICING\r\nWhere shaping deals with transmission of traffic, policing pertains to traffic arriving. Policing thus occurs on ingress.\r\nDROPPING\r\nTraffic exceeding a set bandwidth may also be dropped forthwith, both on ingress and on egress.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Overview of Traffic Control Concepts\" rel=\"nofollow\" href=\"http://tldp.org/HOWTO/Traffic-Control-HOWTO/overview.html\"\u003eOverview of Traffic Control Concepts\u003c/a\u003e \u0026mdash; Traffic control is the name given to the sets of queuing systems and mechanisms by which packets are received and transmitted on a router. This includes deciding which (and whether) packets to accept at what rate on the input of an interface and determining which packets to transmit in what order at what rate on the output of an interface.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Advanced traffic control - ArchWiki\" rel=\"nofollow\" href=\"https://wiki.archlinux.org/index.php/advanced_traffic_control\"\u003eAdvanced traffic control - ArchWiki\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Journey to the Center of the Linux Kernel: Traffic Control, Shaping and QoS\" rel=\"nofollow\" href=\"http://wiki.linuxwall.info/doku.php/en:ressources:dossiers:networking:traffic_control\"\u003eJourney to the Center of the Linux Kernel: Traffic Control, Shaping and QoS\u003c/a\u003e \u0026mdash; This document describes the Traffic Control subsystem of the Linux Kernel in depth, algorithm by algorithm, and shows how it can be used to manage the outgoing traffic of a Linux system.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Netdata Real-time performance monitoring, done right!\" rel=\"nofollow\" href=\"https://github.com/netdata/netdata\"\u003eNetdata Real-time performance monitoring, done right!\u003c/a\u003e \u0026mdash; Netdata is distributed, real-time, performance and health monitoring for systems and applications. It is a highly optimized monitoring agent you install on all your systems and containers.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Add more charts to netdata\" rel=\"nofollow\" href=\"https://github.com/netdata/netdata/blob/master/docs/Add-more-charts-to-netdata.md#add-more-charts-to-netdata\"\u003eAdd more charts to netdata\u003c/a\u003e \u0026mdash; To collect non-system metrics, netdata supports a plugin architecture. \u003c/li\u003e\u003c/ul\u003e","summary":"Join Jim and Wes as they battle bufferbloat, latency spikes, and network hogs with some of their favorite tools for traffic shaping, firewalling, and QoS.","date_published":"2019-02-14T21:00:00.000-08:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/a6b87767-ad4e-429f-b82a-703023411eb6.mp3","mime_type":"audio/mp3","size_in_bytes":29268241,"duration_in_seconds":2439}]},{"id":"bc968a3f-c804-4203-ae2b-dc43ef919218","title":"396: Floating Point Problems","url":"https://techsnap.systems/396","content_text":"Jim and Wes are joined by OpenZFS developer Richard Yao to explain why the recent drama over Linux kernel 5.0 is no big deal, and how his fix for the underlying issue might actually make things faster.\n\nPlus the nitty-gritty details of vectorized optimizations and kernel preemption, and our thoughts on the future of the relationship between ZFS and Linux.Special Guest: Richard Yao.Links:LinuxFest Northwest 2019 — Join a bunch of JB hosts and community celebrating the 20th anniversary! Choose Linux — The show that captures the excitement of discovering Linux.Linux 5.0: _kernel_fpu{begin,end} no longer exported — The latest kernels removed the old compatibility headers.ZFS On Linux Landing Workaround For Linux 5.0 Kernel Support — So while these symbols are important for SIMD vectorized checksums for ZFS in the name of performance, with Linux 5.0+ they are not going to be exported for use by non-GPL modules. ZFS On Linux developer Tony Hutter has now staged a change that would disable vector instructions on Linux 5.0+ kernels.Re: x86/fpu: Don't export __kernel_fpu_{begin,end}() — My tolerance for ZFS is pretty non-existant.  Sun explicitly did not want their code to work on Linux, so why would we do extra work to get their code to work properly?The future of ZFS in FreeBSD — This state of affairs has led to a general agreement among the stakeholders that I have spoken to that it makes sense to rebase FreeBSD's ZFS on ZoL. Brian Behlendorf has graciously encouraged me to add FreeBSD support directly so that we might all have a singleshared code base.Dephix: Kickoff to The Future — OpenZFS has grown over the last decade, and delivering our application on Linux provides great OpenZFS support while enabling higher velocity adoption of new environments.The future of ZFS on Linux [zfs-discuss]  — \r\nDo you realize that we don’t actually need the symbols that the kernel removed. It All they do is save/restore of register state while turning off/on preemption. Nothing stops us from doing that ourselves. It is possible to implement our own substitutes using code from either Illumos or FreeBSD or even write our own. \r\n\r\nHonestly, I am beginning to think that my attempt to compromise with mainline gave the wrong impression. I am simply tired of this behavior by them and felt like reaching out to put an end to it. In a few weeks, we will likely be running on Linux 5.0 as if those symbols had never been removed because we will almost certainly have our own substitutes for them. Having to bloat our code because mainline won’t give us access to trivial functionality is annoying, but it is not the end of the world.LINUX Unplugged Episode 284: Free as in Get OutBSD Now 279: Future of ZFSBSD Now 157: ZFS, The “Universal” File-system","content_html":"\u003cp\u003eJim and Wes are joined by OpenZFS developer Richard Yao to explain why the recent drama over Linux kernel 5.0 is no big deal, and how his fix for the underlying issue might actually make things faster.\u003c/p\u003e\n\n\u003cp\u003ePlus the nitty-gritty details of vectorized optimizations and kernel preemption, and our thoughts on the future of the relationship between ZFS and Linux.\u003c/p\u003e\u003cp\u003eSpecial Guest: Richard Yao.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"LinuxFest Northwest 2019\" rel=\"nofollow\" href=\"https://linuxfestnorthwest.org/conferences/2019\"\u003eLinuxFest Northwest 2019\u003c/a\u003e \u0026mdash; Join a bunch of JB hosts and community celebrating the 20th anniversary! \u003c/li\u003e\u003cli\u003e\u003ca title=\"Choose Linux\" rel=\"nofollow\" href=\"https://chooselinux.show/\"\u003eChoose Linux\u003c/a\u003e \u0026mdash; The show that captures the excitement of discovering Linux.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Linux 5.0: _kernel_fpu{begin,end} no longer exported\" rel=\"nofollow\" href=\"https://github.com/zfsonlinux/zfs/issues/8259\"\u003eLinux 5.0: _kernel_fpu{begin,end} no longer exported\u003c/a\u003e \u0026mdash; The latest kernels removed the old compatibility headers.\u003c/li\u003e\u003cli\u003e\u003ca title=\"ZFS On Linux Landing Workaround For Linux 5.0 Kernel Support\" rel=\"nofollow\" href=\"https://www.phoronix.com/scan.php?page=news_item\u0026amp;px=ZFS-On-Linux-5.0-Workaround\"\u003eZFS On Linux Landing Workaround For Linux 5.0 Kernel Support\u003c/a\u003e \u0026mdash; So while these symbols are important for SIMD vectorized checksums for ZFS in the name of performance, with Linux 5.0+ they are not going to be exported for use by non-GPL modules. ZFS On Linux developer Tony Hutter has now staged a change that would disable vector instructions on Linux 5.0+ kernels.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Re: x86/fpu: Don\u0026#39;t export __kernel_fpu_{begin,end}()\" rel=\"nofollow\" href=\"https://marc.info/?l=linux-kernel\u0026amp;m=154714516832389\"\u003eRe: x86/fpu: Don\u0026#39;t export __kernel_fpu_{begin,end}()\u003c/a\u003e \u0026mdash; My tolerance for ZFS is pretty non-existant.  Sun explicitly did not want their code to work on Linux, so why would we do extra work to get their code to work properly?\u003c/li\u003e\u003cli\u003e\u003ca title=\"The future of ZFS in FreeBSD\" rel=\"nofollow\" href=\"https://lists.freebsd.org/pipermail/freebsd-current/2018-December/072422.html\"\u003eThe future of ZFS in FreeBSD\u003c/a\u003e \u0026mdash; This state of affairs has led to a general agreement among the stakeholders that I have spoken to that it makes sense to rebase FreeBSD's ZFS on ZoL. Brian Behlendorf has graciously encouraged me to add FreeBSD support directly so that we might all have a singleshared code base.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Dephix: Kickoff to The Future\" rel=\"nofollow\" href=\"https://www.delphix.com/blog/kickoff-future-eko-2018\"\u003eDephix: Kickoff to The Future\u003c/a\u003e \u0026mdash; OpenZFS has grown over the last decade, and delivering our application on Linux provides great OpenZFS support while enabling higher velocity adoption of new environments.\u003c/li\u003e\u003cli\u003e\u003ca title=\"The future of ZFS on Linux [zfs-discuss] \" rel=\"nofollow\" href=\"http://list.zfsonlinux.org/pipermail/zfs-discuss/2019-January/033300.html\"\u003eThe future of ZFS on Linux [zfs-discuss] \u003c/a\u003e \u0026mdash; \r\nDo you realize that we don’t actually need the symbols that the kernel removed. It All they do is save/restore of register state while turning off/on preemption. Nothing stops us from doing that ourselves. It is possible to implement our own substitutes using code from either Illumos or FreeBSD or even write our own. \r\n\r\nHonestly, I am beginning to think that my attempt to compromise with mainline gave the wrong impression. I am simply tired of this behavior by them and felt like reaching out to put an end to it. In a few weeks, we will likely be running on Linux 5.0 as if those symbols had never been removed because we will almost certainly have our own substitutes for them. Having to bloat our code because mainline won’t give us access to trivial functionality is annoying, but it is not the end of the world.\u003c/li\u003e\u003cli\u003e\u003ca title=\"LINUX Unplugged Episode 284: Free as in Get Out\" rel=\"nofollow\" href=\"https://linuxunplugged.com/284\"\u003eLINUX Unplugged Episode 284: Free as in Get Out\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"BSD Now 279: Future of ZFS\" rel=\"nofollow\" href=\"https://www.bsdnow.tv/episodes/2019_01_02-future_of_zfs\"\u003eBSD Now 279: Future of ZFS\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"BSD Now 157: ZFS, The “Universal” File-system\" rel=\"nofollow\" href=\"https://www.bsdnow.tv/episodes/2016_08_31-the_universal_filesystem\"\u003eBSD Now 157: ZFS, The “Universal” File-system\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Jim and Wes are joined by OpenZFS developer Richard Yao to explain why the recent drama over Linux kernel 5.0 is no big deal, and how his fix for the underlying issue might actually make things faster.","date_published":"2019-01-31T20:45:00.000-08:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/bc968a3f-c804-4203-ae2b-dc43ef919218.mp3","mime_type":"audio/mp3","size_in_bytes":19582037,"duration_in_seconds":1631}]},{"id":"26a02c39-f731-48d1-9539-2d910465a6f7","title":"395: The ACME Era","url":"https://techsnap.systems/395","content_text":"We welcome Jim to the show, and he and Wes dive deep into all things Let’s Encrypt.\n\nThe history, the clients, and the from-the-field details you'll want to know.Links: Let’s Encrypt and CertBot – JRS SystemsAutomatic Certificate Management Environment (ACME) — The surprisingly readable IETF draft.How It Works - Let's EncryptACME Client ImplementationsCertbot — Certbot is EFF's tool to obtain certs from Let's Encrypt.acme-nginx: python acme client for nginx — A particularly simple client that is useful for understanding the protocol details.Caddy - The HTTP/2 Web Server with Automatic HTTPSmod_md: Let's Encrypt (ACME) support for Apache httpdTraefik - The Cloud Native Edge RouterLooking Forward to 2019 - Let's Encrypt — We’re now serving more than 150 million websites while maintaining a stellar security and compliance track record. Most importantly though, the Web went from 67% encrypted page loads to 77% in 2018, according to statistics from Mozilla. This is an incredible rate of change!Let's Encrypt ACME v2 API Announcements — Now that the draft standard is in last-call and the pace of major changes has slowed, we’re able to release a “v2” API that is much closer to what will become the final ACME RFC.Let's Encrypt disables TLS-SNI-01 validation — The researcher noticed that \"at least two\" large hosting providers host many users on the same IP address and users are able to upload certificates for arbitrary names without proving they have control of a domain.A Technical Deep Dive on Using Certbot to Secure your Mailserver from the EFF — With the most recent release of Certbot v0.29.1, we’ve added some features which make it much easier to use with both Sendmail and Exim.","content_html":"\u003cp\u003eWe welcome Jim to the show, and he and Wes dive deep into all things Let’s Encrypt.\u003c/p\u003e\n\n\u003cp\u003eThe history, the clients, and the from-the-field details you\u0026#39;ll want to know.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\" Let’s Encrypt and CertBot – JRS Systems\" rel=\"nofollow\" href=\"http://jrs-s.net/2018/12/22/reverse-proxy-lets-encrypt-certbot/\"\u003e Let’s Encrypt and CertBot – JRS Systems\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Automatic Certificate Management Environment (ACME)\" rel=\"nofollow\" href=\"https://ietf-wg-acme.github.io/acme/draft-ietf-acme-acme.html#rfc.section.8\"\u003eAutomatic Certificate Management Environment (ACME)\u003c/a\u003e \u0026mdash; The surprisingly readable IETF draft.\u003c/li\u003e\u003cli\u003e\u003ca title=\"How It Works - Let\u0026#39;s Encrypt\" rel=\"nofollow\" href=\"https://letsencrypt.org/how-it-works/\"\u003eHow It Works - Let\u0026#39;s Encrypt\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"ACME Client Implementations\" rel=\"nofollow\" href=\"https://letsencrypt.org/docs/client-options/\"\u003eACME Client Implementations\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Certbot\" rel=\"nofollow\" href=\"https://github.com/certbot/certbot\"\u003eCertbot\u003c/a\u003e \u0026mdash; Certbot is EFF's tool to obtain certs from Let's Encrypt.\u003c/li\u003e\u003cli\u003e\u003ca title=\"acme-nginx: python acme client for nginx\" rel=\"nofollow\" href=\"https://github.com/kshcherban/acme-nginx\"\u003eacme-nginx: python acme client for nginx\u003c/a\u003e \u0026mdash; A particularly simple client that is useful for understanding the protocol details.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Caddy - The HTTP/2 Web Server with Automatic HTTPS\" rel=\"nofollow\" href=\"https://caddyserver.com/\"\u003eCaddy - The HTTP/2 Web Server with Automatic HTTPS\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"mod_md: Let\u0026#39;s Encrypt (ACME) support for Apache httpd\" rel=\"nofollow\" href=\"https://github.com/icing/mod_md\"\u003emod_md: Let\u0026#39;s Encrypt (ACME) support for Apache httpd\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Traefik - The Cloud Native Edge Router\" rel=\"nofollow\" href=\"https://traefik.io/\"\u003eTraefik - The Cloud Native Edge Router\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Looking Forward to 2019 - Let\u0026#39;s Encrypt\" rel=\"nofollow\" href=\"https://letsencrypt.org/2018/12/31/looking-forward-to-2019.html\"\u003eLooking Forward to 2019 - Let\u0026#39;s Encrypt\u003c/a\u003e \u0026mdash; We’re now serving more than 150 million websites while maintaining a stellar security and compliance track record. Most importantly though, the Web went from 67% encrypted page loads to 77% in 2018, according to statistics from Mozilla. This is an incredible rate of change!\u003c/li\u003e\u003cli\u003e\u003ca title=\"Let\u0026#39;s Encrypt ACME v2 API Announcements\" rel=\"nofollow\" href=\"https://community.letsencrypt.org/t/staging-endpoint-for-acme-v2/49605\"\u003eLet\u0026#39;s Encrypt ACME v2 API Announcements\u003c/a\u003e \u0026mdash; Now that the draft standard is in last-call and the pace of major changes has slowed, we’re able to release a “v2” API that is much closer to what will become the final ACME RFC.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Let\u0026#39;s Encrypt disables TLS-SNI-01 validation\" rel=\"nofollow\" href=\"https://www.zdnet.com/article/lets-encrypt-disables-tls-sni-01-validation/\"\u003eLet\u0026#39;s Encrypt disables TLS-SNI-01 validation\u003c/a\u003e \u0026mdash; The researcher noticed that \"at least two\" large hosting providers host many users on the same IP address and users are able to upload certificates for arbitrary names without proving they have control of a domain.\u003c/li\u003e\u003cli\u003e\u003ca title=\"A Technical Deep Dive on Using Certbot to Secure your Mailserver from the EFF\" rel=\"nofollow\" href=\"https://www.eff.org/deeplinks/2019/01/encrypting-web-encrypting-net-primer-using-certbot-secure-your-mailserver\"\u003eA Technical Deep Dive on Using Certbot to Secure your Mailserver from the EFF\u003c/a\u003e \u0026mdash; With the most recent release of Certbot v0.29.1, we’ve added some features which make it much easier to use with both Sendmail and Exim.\u003c/li\u003e\u003c/ul\u003e","summary":"We welcome Jim to the show, and he and Wes dive deep into all things Let’s Encrypt.","date_published":"2019-01-20T20:45:00.000-08:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/26a02c39-f731-48d1-9539-2d910465a6f7.mp3","mime_type":"audio/mpeg","size_in_bytes":28300543,"duration_in_seconds":2001}]},{"id":"2e588701-e7a1-4462-99fa-e7ea2275b375","title":"394: All About Azure","url":"https://techsnap.systems/394","content_text":"Wes is joined by a special guest to take a look back on the growth and development of Azure in 2018 and discuss some of its unique strengths.Special Guest: Chad M. Crowell.Links:Under the sea, Microsoft tests a datacenter that’s quick to deploy, could provide internet connectivity for yearsAn Azure Infrastructure Year in ReviewAzure File Sync now generally availableMicrosoft's Newest OS is Based on LinuxAzure SphereWhat is Azure Stack?Azure Outage Proves the Hard Way Availability Zones are a Good Idea Microsoft Azure Infrastructure and Deployment on Linux Academy — In this course, we will cover an introduction to the Azure portal, followed by how to build infrastructure and deploy that infrastructure in real world scenarios.Chad Crowell on Twitter","content_html":"\u003cp\u003eWes is joined by a special guest to take a look back on the growth and development of Azure in 2018 and discuss some of its unique strengths.\u003c/p\u003e\u003cp\u003eSpecial Guest: Chad M. Crowell.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Under the sea, Microsoft tests a datacenter that’s quick to deploy, could provide internet connectivity for years\" rel=\"nofollow\" href=\"https://news.microsoft.com/features/under-the-sea-microsoft-tests-a-datacenter-thats-quick-to-deploy-could-provide-internet-connectivity-for-years/\"\u003eUnder the sea, Microsoft tests a datacenter that’s quick to deploy, could provide internet connectivity for years\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"An Azure Infrastructure Year in Review\" rel=\"nofollow\" href=\"https://www.petri.com/an-azure-infrastructure-year-in-review-2018\"\u003eAn Azure Infrastructure Year in Review\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Azure File Sync now generally available\" rel=\"nofollow\" href=\"https://azure.microsoft.com/en-us/blog/score-one-for-the-it-pro-azure-file-sync-is-now-generally-available/\"\u003eAzure File Sync now generally available\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Microsoft\u0026#39;s Newest OS is Based on Linux\" rel=\"nofollow\" href=\"https://www.omgubuntu.co.uk/2018/04/microsoft-linux-custom-kernel-azure-sphere\"\u003eMicrosoft\u0026#39;s Newest OS is Based on Linux\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Azure Sphere\" rel=\"nofollow\" href=\"https://azure.microsoft.com/en-us/services/azure-sphere/\"\u003eAzure Sphere\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"What is Azure Stack?\" rel=\"nofollow\" href=\"https://azure.microsoft.com/en-us/overview/azure-stack/\"\u003eWhat is Azure Stack?\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Azure Outage Proves the Hard Way Availability Zones are a Good Idea\" rel=\"nofollow\" href=\"https://www.datacenterknowledge.com/microsoft/azure-outage-proves-hard-way-availability-zones-are-good-idea\"\u003eAzure Outage Proves the Hard Way Availability Zones are a Good Idea\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\" Microsoft Azure Infrastructure and Deployment on Linux Academy\" rel=\"nofollow\" href=\"https://linuxacademy.com/azure/training/course/name/microsoft-azure-infrastructure-and-deployment-exam-az-100\"\u003e Microsoft Azure Infrastructure and Deployment on Linux Academy\u003c/a\u003e \u0026mdash; In this course, we will cover an introduction to the Azure portal, followed by how to build infrastructure and deploy that infrastructure in real world scenarios.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Chad Crowell on Twitter\" rel=\"nofollow\" href=\"https://twitter.com/chadmcrowell?lang=en\"\u003eChad Crowell on Twitter\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Wes is joined by a special guest to take a look back on the growth and development of Azure in 2018 and discuss some of its unique strengths.","date_published":"2019-01-10T04:00:00.000-08:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/2e588701-e7a1-4462-99fa-e7ea2275b375.mp3","mime_type":"audio/mpeg","size_in_bytes":22259879,"duration_in_seconds":1569}]},{"id":"1126dc11-7156-4c4d-84f1-a9aa9bf4ebcf","title":"393: Back to our /roots","url":"https://techsnap.systems/393","content_text":"In a special new year’s episode we take a moment to reflect on the show’s past, its future, and say goodbye to an old friend.Links:Jim Salter — Jim Salter (@jrssnet) is an author, public speaker, small business owner, mercenary sysadmin, and father of three—not necessarily in that order. He got his first real taste of open source by running Apache on his very own dedicated FreeBSD 3.1 server back in 1999, and he's been a fierce advocate of FOSS ever since.Jim Salter on TwitterDropbox Flaws | TechSNAP | 1PSN Breech Details | TechSNAP 32089 Days Uptime | TechSNAP 300","content_html":"\u003cp\u003eIn a special new year’s episode we take a moment to reflect on the show’s past, its future, and say goodbye to an old friend.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Jim Salter\" rel=\"nofollow\" href=\"https://arstechnica.com/author/jimsalter/\"\u003eJim Salter\u003c/a\u003e \u0026mdash; Jim Salter (@jrssnet) is an author, public speaker, small business owner, mercenary sysadmin, and father of three—not necessarily in that order. He got his first real taste of open source by running Apache on his very own dedicated FreeBSD 3.1 server back in 1999, and he's been a fierce advocate of FOSS ever since.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Jim Salter on Twitter\" rel=\"nofollow\" href=\"https://twitter.com/jrssnet?lang=en\"\u003eJim Salter on Twitter\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Dropbox Flaws | TechSNAP | 1\" rel=\"nofollow\" href=\"https://www.youtube.com/watch?v=n7La9Z-XrCE\u0026amp;t=972s\"\u003eDropbox Flaws | TechSNAP | 1\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"PSN Breech Details | TechSNAP 3\" rel=\"nofollow\" href=\"https://www.youtube.com/watch?v=d5FCF9lpVYE\"\u003ePSN Breech Details | TechSNAP 3\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"2089 Days Uptime | TechSNAP 300\" rel=\"nofollow\" href=\"https://www.jupiterbroadcasting.com/106026/2089-days-uptime-techsnap-300/\"\u003e2089 Days Uptime | TechSNAP 300\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"In a special new year’s episode we take a moment to reflect on the show’s past, its future, and say goodbye to an old friend.","date_published":"2019-01-03T04:00:00.000-08:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/1126dc11-7156-4c4d-84f1-a9aa9bf4ebcf.mp3","mime_type":"audio/mpeg","size_in_bytes":19076619,"duration_in_seconds":1342}]},{"id":"45523a8f-70a8-4800-a757-964c8f91f645","title":"392: Keeping up with Kubernetes","url":"https://techsnap.systems/392","content_text":"A security vulnerability in Kubernetes causes a big stir, but we’ll break it all down and explain what went wrong. \n\nPlus the biggest stories out of Kubecon, and serverless gets serious.Links:Everything that was announced at KubeConCNCF to Host etcd — The Cloud Native Computing Foundation Technical Oversight Committee voted to accept etcd as an incubation-level hosted project.Introduction to Knative — Knative is a framework from the folks at Google and Pivotal focused on “serverless” style event driven functions.IBM Embraces Knative to Drive Serverless Standardization — Knative is not the first open-source functions-as-a-service effort that IBM has backed. Back in 2016, IBM announced the OpenWhisk effort, which is now run as an open-source project at the Apache Software Found.How Google Is Improving Kubernetes Container Security — \"We go beyond what's in open source and put additional restrictions in place to secure users\"Demystifying Kubernetes CVE-2018-1002105 — With a specially crafted request, users that are authorized to establish a connection through the Kubernetes API server to a backend server can then send arbitrary requests over the same connection directly to that backend, authenticated with the Kubernetes API server’s TLS credentials used to establish the backend connection.The silent CVE in the heart of Kubernetes apiserverCrossplane: An Open Source Multicloud Control Planesecurity.christmas — This year we will prepare you for the Christmas celebration, by giving you small presents of knowledge every day, which will teach you about the world of security.Introducing the Helm Hub — This hub provides a means for you to find charts hosted in many distributed repositories hosted by numerous people and organizations.","content_html":"\u003cp\u003eA security vulnerability in Kubernetes causes a big stir, but we’ll break it all down and explain what went wrong. \u003c/p\u003e\n\n\u003cp\u003ePlus the biggest stories out of Kubecon, and serverless gets serious.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Everything that was announced at KubeCon\" rel=\"nofollow\" href=\"https://venturebeat.com/2018/12/11/everything-that-was-announced-at-kubecon-cloudnativecon/\"\u003eEverything that was announced at KubeCon\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"CNCF to Host etcd\" rel=\"nofollow\" href=\"https://www.cncf.io/blog/2018/12/11/cncf-to-host-etcd/\"\u003eCNCF to Host etcd\u003c/a\u003e \u0026mdash; The Cloud Native Computing Foundation Technical Oversight Committee voted to accept etcd as an incubation-level hosted project.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Introduction to Knative\" rel=\"nofollow\" href=\"https://medium.com/@pczarkowski/introduction-to-knative-b93a0b9aeeef\"\u003eIntroduction to Knative\u003c/a\u003e \u0026mdash; Knative is a framework from the folks at Google and Pivotal focused on “serverless” style event driven functions.\u003c/li\u003e\u003cli\u003e\u003ca title=\"IBM Embraces Knative to Drive Serverless Standardization\" rel=\"nofollow\" href=\"https://www.eweek.com/cloud/ibm-embraces-knative-to-drive-serverless-standardization\"\u003eIBM Embraces Knative to Drive Serverless Standardization\u003c/a\u003e \u0026mdash; Knative is not the first open-source functions-as-a-service effort that IBM has backed. Back in 2016, IBM announced the OpenWhisk effort, which is now run as an open-source project at the Apache Software Found.\u003c/li\u003e\u003cli\u003e\u003ca title=\"How Google Is Improving Kubernetes Container Security\" rel=\"nofollow\" href=\"http://www.eweek.com/security/how-google-is-improving-kubernetes-container-security\"\u003eHow Google Is Improving Kubernetes Container Security\u003c/a\u003e \u0026mdash; \"We go beyond what's in open source and put additional restrictions in place to secure users\"\u003c/li\u003e\u003cli\u003e\u003ca title=\"Demystifying Kubernetes CVE-2018-1002105\" rel=\"nofollow\" href=\"https://www.twistlock.com/labs-blog/demystifying-kubernetes-cve-2018-1002105-dead-simple-exploit/\"\u003eDemystifying Kubernetes CVE-2018-1002105\u003c/a\u003e \u0026mdash; With a specially crafted request, users that are authorized to establish a connection through the Kubernetes API server to a backend server can then send arbitrary requests over the same connection directly to that backend, authenticated with the Kubernetes API server’s TLS credentials used to establish the backend connection.\u003c/li\u003e\u003cli\u003e\u003ca title=\"The silent CVE in the heart of Kubernetes apiserver\" rel=\"nofollow\" href=\"https://gravitational.com/blog/kubernetes-websocket-upgrade-security-vulnerability/\"\u003eThe silent CVE in the heart of Kubernetes apiserver\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Crossplane: An Open Source Multicloud Control Plane\" rel=\"nofollow\" href=\"https://github.com/crossplaneio/crossplane\"\u003eCrossplane: An Open Source Multicloud Control Plane\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"security.christmas\" rel=\"nofollow\" href=\"https://security.christmas/\"\u003esecurity.christmas\u003c/a\u003e \u0026mdash; This year we will prepare you for the Christmas celebration, by giving you small presents of knowledge every day, which will teach you about the world of security.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Introducing the Helm Hub\" rel=\"nofollow\" href=\"https://www.helm.sh/blog/intro-helm-hub/index.html\"\u003eIntroducing the Helm Hub\u003c/a\u003e \u0026mdash; This hub provides a means for you to find charts hosted in many distributed repositories hosted by numerous people and organizations.\u003c/li\u003e\u003c/ul\u003e","summary":"A security vulnerability in Kubernetes causes a big stir, but we’ll break it all down and explain what went wrong. \r\n","date_published":"2018-12-12T19:00:00.000-08:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/45523a8f-70a8-4800-a757-964c8f91f645.mp3","mime_type":"audio/mpeg","size_in_bytes":23364271,"duration_in_seconds":1648}]},{"id":"85bdbb45-28a2-4d50-bed1-ade6768e3fa3","title":"Episode 391: Firecracker Fundamentals","url":"https://techsnap.systems/391","content_text":"We break down Firecracker Amazon’s new open source kvm powered, virtual machine monitor, and explore what makes it different from the options on the market now.\n\nPlus some good news for OpenBGP and the wider internet community, and a handy tool for inspecting docker images.Links:Firecracker – Lightweight Virtualization for Serverless Computing — Firecracker is an open source virtualization technology that is purpose-built for creating and managing secure, multi-tenant containers and functions-based services.Firecracker — Firecracker is an open source virtualization technology that is purpose-built for creating and managing secure, multi-tenant containers and functions-based services.Firecracker Design DocsFirecracker RoadmapQEMU — QEMU is a generic and open source machine emulator and virtualizer.Qemu : Security vulnerabilitiesVENOM Vulnerability — VENOM, CVE-2015-3456, is a security vulnerability in the virtual floppy drive code used by many computer virtualization platforms. This vulnerability may allow an attacker to escape from the confines of an affected virtual machine (VM) guest and potentially obtain code-execution access to the host.s2n — s2n is a C99 implementation of the TLS/SSL protocols that is designed to be simple, small, fast, and with security as a priority.OpenBGPD - Adding Diversity to the Route Server Landscape — Thanks to the RIPE NCC Community Project Fund we were able to revive the OpenBGPD daemon and bring more diversity to the Route Server landscape.OpenBGPD — OpenBGPD is a FREE implementation of the Border Gateway Protocol, Version 4. It allows ordinary machines to be used as routers exchanging routes with other systems speaking the BGP protocol.LSI Questions from AntonServeTheHomeSennheiser Headset Software Could Allow Man-in-the-Middle SSL Attacks — When users have been installing Sennheiser's HeadSetup software, little did they know that the software was also installing a root certificate into the Trusted Root CA Certificate store.  To make matters worse, the software was also installing an encrypted version of the certificate's private key that was not as secure as the developers may have thought.\r\n\r\nevilginx2: Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authenticationdive: A tool for exploring each layer in a docker image","content_html":"\u003cp\u003eWe break down Firecracker Amazon’s new open source kvm powered, virtual machine monitor, and explore what makes it different from the options on the market now.\u003c/p\u003e\n\n\u003cp\u003ePlus some good news for OpenBGP and the wider internet community, and a handy tool for inspecting docker images.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Firecracker – Lightweight Virtualization for Serverless Computing\" rel=\"nofollow\" href=\"https://aws.amazon.com/blogs/aws/firecracker-lightweight-virtualization-for-serverless-computing/\"\u003eFirecracker – Lightweight Virtualization for Serverless Computing\u003c/a\u003e \u0026mdash; Firecracker is an open source virtualization technology that is purpose-built for creating and managing secure, multi-tenant containers and functions-based services.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Firecracker\" rel=\"nofollow\" href=\"https://firecracker-microvm.github.io/\"\u003eFirecracker\u003c/a\u003e \u0026mdash; Firecracker is an open source virtualization technology that is purpose-built for creating and managing secure, multi-tenant containers and functions-based services.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Firecracker Design Docs\" rel=\"nofollow\" href=\"https://github.com/firecracker-microvm/firecracker/blob/master/docs/design.md\"\u003eFirecracker Design Docs\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Firecracker Roadmap\" rel=\"nofollow\" href=\"https://github.com/firecracker-microvm/firecracker/labels/Roadmap\"\u003eFirecracker Roadmap\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"QEMU\" rel=\"nofollow\" href=\"https://www.qemu.org/\"\u003eQEMU\u003c/a\u003e \u0026mdash; QEMU is a generic and open source machine emulator and virtualizer.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Qemu : Security vulnerabilities\" rel=\"nofollow\" href=\"https://www.cvedetails.com/vulnerability-list/vendor_id-7506/Qemu.html\"\u003eQemu : Security vulnerabilities\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"VENOM Vulnerability\" rel=\"nofollow\" href=\"https://venom.crowdstrike.com/\"\u003eVENOM Vulnerability\u003c/a\u003e \u0026mdash; VENOM, CVE-2015-3456, is a security vulnerability in the virtual floppy drive code used by many computer virtualization platforms. This vulnerability may allow an attacker to escape from the confines of an affected virtual machine (VM) guest and potentially obtain code-execution access to the host.\u003c/li\u003e\u003cli\u003e\u003ca title=\"s2n\" rel=\"nofollow\" href=\"https://github.com/awslabs/s2n\"\u003es2n\u003c/a\u003e \u0026mdash; s2n is a C99 implementation of the TLS/SSL protocols that is designed to be simple, small, fast, and with security as a priority.\u003c/li\u003e\u003cli\u003e\u003ca title=\"OpenBGPD - Adding Diversity to the Route Server Landscape\" rel=\"nofollow\" href=\"https://labs.ripe.net/Members/claudio_jeker/openbgpd-adding-diversity-to-route-server-landscape\"\u003eOpenBGPD - Adding Diversity to the Route Server Landscape\u003c/a\u003e \u0026mdash; Thanks to the RIPE NCC Community Project Fund we were able to revive the OpenBGPD daemon and bring more diversity to the Route Server landscape.\u003c/li\u003e\u003cli\u003e\u003ca title=\"OpenBGPD\" rel=\"nofollow\" href=\"http://www.openbgpd.org/\"\u003eOpenBGPD\u003c/a\u003e \u0026mdash; OpenBGPD is a FREE implementation of the Border Gateway Protocol, Version 4. It allows ordinary machines to be used as routers exchanging routes with other systems speaking the BGP protocol.\u003c/li\u003e\u003cli\u003e\u003ca title=\"LSI Questions from Anton\" rel=\"nofollow\" href=\"https://pastebin.com/rJxLBFBQ\"\u003eLSI Questions from Anton\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"ServeTheHome\" rel=\"nofollow\" href=\"https://www.servethehome.com/\"\u003eServeTheHome\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Sennheiser Headset Software Could Allow Man-in-the-Middle SSL Attacks\" rel=\"nofollow\" href=\"https://www.bleepingcomputer.com/news/security/sennheiser-headset-software-could-allow-man-in-the-middle-ssl-attacks/\"\u003eSennheiser Headset Software Could Allow Man-in-the-Middle SSL Attacks\u003c/a\u003e \u0026mdash; When users have been installing Sennheiser's HeadSetup software, little did they know that the software was also installing a root certificate into the Trusted Root CA Certificate store.  To make matters worse, the software was also installing an encrypted version of the certificate's private key that was not as secure as the developers may have thought.\r\n\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"evilginx2: Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication\" rel=\"nofollow\" href=\"https://github.com/kgretzky/evilginx2\"\u003eevilginx2: Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"dive: A tool for exploring each layer in a docker image\" rel=\"nofollow\" href=\"https://github.com/wagoodman/dive\"\u003edive: A tool for exploring each layer in a docker image\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"We break down Firecracker Amazon’s new open source kvm powered, virtual machine monitor, and explore what makes it different than the options on the market now.","date_published":"2018-11-29T14:00:00.000-08:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/85bdbb45-28a2-4d50-bed1-ade6768e3fa3.mp3","mime_type":"audio/mpeg","size_in_bytes":18175107,"duration_in_seconds":1277}]},{"id":"6cd3cd3c-79c7-4978-8102-042f935a1344","title":"Episode 390: What’s Up with WireGuard","url":"https://techsnap.systems/390","content_text":"WireGuard has a lot of buzz around it and for many good reasons. We’ll explain what WireGuard is specifically, what it can do, and maybe more importantly, what it can’t.Special Guest: Jim Salter.Links:How to easily configure WireGuard — At its core, all WireGuard does is create an interface from one computer to another.Jessie Frazelle's Blog: Installing and Using Wireguard, obviously with containers — What is cool about Wireguard is it integrates into the Linux networking stack.WireGuard Didn't Make it To The Mainline Linux Kernel This Cycle — The code continues to be improved upon but looks like it came up just short of making it into this current development cycle. WireGuard VPN review: A new type of VPN offers serious advantages — Fewer lines of code, simpler setup, and better algorithms make a strong case.\r\nThe Current Status of WireGuard VPNs - Are We There Yet?Using a free VPN? Why not skip the middleman and just send your data to President Xi?Feedback from CodyNRE Labs — NRE Labs is a no-strings-attached, community-centered initiative to bring the skills of automation within reach for everyoneIntroduction to Antidote — Antidote is an open-source project aimed at making automated network operations more accessible with fast, easy and fun learning.StackStorm — From simple if/then rules to complicated workflows, StackStorm lets you automate DevOps your way.wireguard-private-networking: Build your own multi server private network using wireguard and ansibleAlgo: Set up a personal IPSEC or WireGuard VPN in the cloud","content_html":"\u003cp\u003eWireGuard has a lot of buzz around it and for many good reasons. We’ll explain what WireGuard is specifically, what it can do, and maybe more importantly, what it can’t.\u003c/p\u003e\u003cp\u003eSpecial Guest: Jim Salter.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"How to easily configure WireGuard\" rel=\"nofollow\" href=\"https://www.stavros.io/posts/how-to-configure-wireguard/\"\u003eHow to easily configure WireGuard\u003c/a\u003e \u0026mdash; At its core, all WireGuard does is create an interface from one computer to another.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Jessie Frazelle\u0026#39;s Blog: Installing and Using Wireguard, obviously with containers\" rel=\"nofollow\" href=\"https://blog.jessfraz.com/post/installing-and-using-wireguard/\"\u003eJessie Frazelle\u0026#39;s Blog: Installing and Using Wireguard, obviously with containers\u003c/a\u003e \u0026mdash; What is cool about Wireguard is it integrates into the Linux networking stack.\u003c/li\u003e\u003cli\u003e\u003ca title=\"WireGuard Didn\u0026#39;t Make it To The Mainline Linux Kernel This Cycle\" rel=\"nofollow\" href=\"https://www.phoronix.com/scan.php?page=news_item\u0026amp;px=WireGuard-Not-In-4.20\"\u003eWireGuard Didn\u0026#39;t Make it To The Mainline Linux Kernel This Cycle\u003c/a\u003e \u0026mdash; The code continues to be improved upon but looks like it came up just short of making it into this current development cycle. \u003c/li\u003e\u003cli\u003e\u003ca title=\"WireGuard VPN review: A new type of VPN offers serious advantages\" rel=\"nofollow\" href=\"https://arstechnica.com/gadgets/2018/08/wireguard-vpn-review-fast-connections-amaze-but-windows-support-needs-to-happen/\"\u003eWireGuard VPN review: A new type of VPN offers serious advantages\u003c/a\u003e \u0026mdash; Fewer lines of code, simpler setup, and better algorithms make a strong case.\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"The Current Status of WireGuard VPNs - Are We There Yet?\" rel=\"nofollow\" href=\"https://www.privateinternetaccess.com/blog/2018/09/the-current-status-of-wireguard-vpns-are-we-there-yet/\"\u003eThe Current Status of WireGuard VPNs - Are We There Yet?\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Using a free VPN? Why not skip the middleman and just send your data to President Xi?\" rel=\"nofollow\" href=\"https://www.theregister.co.uk/2018/11/19/vpn_app_investigation/\"\u003eUsing a free VPN? Why not skip the middleman and just send your data to President Xi?\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Feedback from Cody\" rel=\"nofollow\" href=\"https://pastebin.com/RNvV6EQF\"\u003eFeedback from Cody\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"NRE Labs\" rel=\"nofollow\" href=\"https://labs.networkreliability.engineering/\"\u003eNRE Labs\u003c/a\u003e \u0026mdash; NRE Labs is a no-strings-attached, community-centered initiative to bring the skills of automation within reach for everyone\u003c/li\u003e\u003cli\u003e\u003ca title=\"Introduction to Antidote\" rel=\"nofollow\" href=\"https://antidoteproject.readthedocs.io/en/latest/\"\u003eIntroduction to Antidote\u003c/a\u003e \u0026mdash; Antidote is an open-source project aimed at making automated network operations more accessible with fast, easy and fun learning.\u003c/li\u003e\u003cli\u003e\u003ca title=\"StackStorm\" rel=\"nofollow\" href=\"https://stackstorm.com/\"\u003eStackStorm\u003c/a\u003e \u0026mdash; From simple if/then rules to complicated workflows, StackStorm lets you automate DevOps your way.\u003c/li\u003e\u003cli\u003e\u003ca title=\"wireguard-private-networking: Build your own multi server private network using wireguard and ansible\" rel=\"nofollow\" href=\"https://github.com/mawalu/wireguard-private-networking\"\u003ewireguard-private-networking: Build your own multi server private network using wireguard and ansible\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Algo: Set up a personal IPSEC or WireGuard VPN in the cloud\" rel=\"nofollow\" href=\"https://github.com/trailofbits/algo\"\u003eAlgo: Set up a personal IPSEC or WireGuard VPN in the cloud\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"WireGuard has a lot of buzz around it and for many good reasons. We’ll explain what WireGuard is specifically, what it can do, and maybe more importantly, what it can’t.","date_published":"2018-11-22T10:30:00.000-08:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/6cd3cd3c-79c7-4978-8102-042f935a1344.mp3","mime_type":"audio/mpeg","size_in_bytes":29616549,"duration_in_seconds":2095}]},{"id":"a3776de2-0fab-45fc-8d29-dcd0f2e6da03","title":"Episode 389: The Future of HTTP","url":"https://techsnap.systems/389","content_text":"Wes is joined by special guest Jim Salter to discuss Google's recent BGP outage and the future of HTTP.\n\nPlus the latest router botnet, why you should never go full UPnP, and the benefits of building your own home router.Special Guest: Jim Salter.Links:Google goes down after major BGP mishap routes traffic through China — Google lost control of several million of its IP addresses for more than an hour on Monday in an event that intermittently made its search and other services unavailable to many users.Internet Vulnerability Takes Down GoogleChina has been 'hijacking the vital internet backbone of western countries'RPKI - The required cryptographic upgrade to BGP routingHTTP/3 — The protocol that's been called HTTP-over-QUIC for quite some time has now changed name and will officially become HTTP/3.HTTP/3: Come for the speed, stay for the securityThe Road to QUICBotnet pwns 100,000 routers using ancient security flaw — Researchers have stumbled on another large botnet that’s been quietly hijacking home routers while nobody was paying attentionBCMPUPnP_Hunter: A 100k Botnet Turns Home Routers to Email SpammersFrom Zero to ZeroDay Journey: Router HackingThe Ars guide to building a Linux router from scratch","content_html":"\u003cp\u003eWes is joined by special guest Jim Salter to discuss Google\u0026#39;s recent BGP outage and the future of HTTP.\u003c/p\u003e\n\n\u003cp\u003ePlus the latest router botnet, why you should never go full UPnP, and the benefits of building your own home router.\u003c/p\u003e\u003cp\u003eSpecial Guest: Jim Salter.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Google goes down after major BGP mishap routes traffic through China\" rel=\"nofollow\" href=\"https://arstechnica.com/information-technology/2018/11/major-bgp-mishap-takes-down-google-as-traffic-improperly-travels-to-china/\"\u003eGoogle goes down after major BGP mishap routes traffic through China\u003c/a\u003e \u0026mdash; Google lost control of several million of its IP addresses for more than an hour on Monday in an event that intermittently made its search and other services unavailable to many users.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Internet Vulnerability Takes Down Google\" rel=\"nofollow\" href=\"https://blog.thousandeyes.com/internet-vulnerability-takes-down-google/\"\u003eInternet Vulnerability Takes Down Google\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"China has been \u0026#39;hijacking the vital internet backbone of western countries\u0026#39;\" rel=\"nofollow\" href=\"https://www.zdnet.com/article/china-has-been-hijacking-the-vital-internet-backbone-of-western-countries/\"\u003eChina has been \u0026#39;hijacking the vital internet backbone of western countries\u0026#39;\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"RPKI - The required cryptographic upgrade to BGP routing\" rel=\"nofollow\" href=\"https://blog.cloudflare.com/rpki/\"\u003eRPKI - The required cryptographic upgrade to BGP routing\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"HTTP/3\" rel=\"nofollow\" href=\"https://daniel.haxx.se/blog/2018/11/11/http-3/\"\u003eHTTP/3\u003c/a\u003e \u0026mdash; The protocol that's been called HTTP-over-QUIC for quite some time has now changed name and will officially become HTTP/3.\u003c/li\u003e\u003cli\u003e\u003ca title=\"HTTP/3: Come for the speed, stay for the security\" rel=\"nofollow\" href=\"https://nakedsecurity.sophos.com/2018/11/14/http-3-come-for-the-speed-stay-for-the-security/\"\u003eHTTP/3: Come for the speed, stay for the security\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"The Road to QUIC\" rel=\"nofollow\" href=\"https://blog.cloudflare.com/the-road-to-quic/\"\u003eThe Road to QUIC\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Botnet pwns 100,000 routers using ancient security flaw\" rel=\"nofollow\" href=\"https://nakedsecurity.sophos.com/2018/11/12/botnet-pwns-100000-routers-using-ancient-security-flaw/\"\u003eBotnet pwns 100,000 routers using ancient security flaw\u003c/a\u003e \u0026mdash; Researchers have stumbled on another large botnet that’s been quietly hijacking home routers while nobody was paying attention\u003c/li\u003e\u003cli\u003e\u003ca title=\"BCMPUPnP_Hunter: A 100k Botnet Turns Home Routers to Email Spammers\" rel=\"nofollow\" href=\"http://www.dcwg.org/bcmpupnp_hunter-a-100k-botnet-turns-home-routers-to-email-spammers/\"\u003eBCMPUPnP_Hunter: A 100k Botnet Turns Home Routers to Email Spammers\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"From Zero to ZeroDay Journey: Router Hacking\" rel=\"nofollow\" href=\"http://defensecode.com/whitepapers/From_Zero_To_ZeroDay_Network_Devices_Exploitation.txt\"\u003eFrom Zero to ZeroDay Journey: Router Hacking\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"The Ars guide to building a Linux router from scratch\" rel=\"nofollow\" href=\"https://arstechnica.com/gadgets/2016/04/the-ars-guide-to-building-a-linux-router-from-scratch/\"\u003eThe Ars guide to building a Linux router from scratch\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Wes is joined by special guest Jim Salter to discuss Google's recent BGP outage and the future of HTTP.","date_published":"2018-11-15T15:00:00.000-08:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/a3776de2-0fab-45fc-8d29-dcd0f2e6da03.mp3","mime_type":"audio/mpeg","size_in_bytes":37053157,"duration_in_seconds":2626}]},{"id":"64a6b392-dd6b-4be1-805a-e88b17e029ec","title":"Episode 388: The One About eBPF","url":"https://techsnap.systems/388","content_text":"We explain what eBPF is, how it works, and its proud BSD production legacy.\n\neBPF is a technology that you’re going to be hearing more and more about. It powers low-overhead custom analysis tools, handles network security in a containerized world, and powers tools you use every day.Links:Chris Goes to MeetBSD​Linus Torvalds talks about coming back to work on Linux | ZDNet — BPF has actually been really useful, and the real power of it is how it allows people to do specialized code that isn't enabled until asked for.The Kernel Report - Jonathan CorbetBPF - the forgotten bytecode — All this changed in 1993 when Steven McCanne and Van Jacobson published the paper introducing a better way of filtering packets in the kernel, they called it \"The BSD Packet Filter\" (BPF)The BSD Packet FiltereBPF: Past, Present, and Future — The Extended Berkeley Packet Filter, or eBPF, has rapidly been adopted into a number of Linux kernel systems since its introduction into the Linux kernel in late 2014. Understanding eBPF, however, can be difficult as many try to explain it via a use of eBPF as opposed to its design. Indeed eBPF's name indicates that it is for packet filtering even though it now has uses which have nothing to do with networking.Using eBPF in Kubernetes — Cilium is a networking project that makes heavy use of eBPF superpowers to route and filter network traffic for container-based systems. By using eBPF, Cilium can dynamically generate and apply rules—even at the device level with XDP—without making changes to the Linux kernel itselfWhy is the kernel community replacing iptables with BPF? — The Linux kernel community recently announced bpfilter, which will replace the long-standing in-kernel implementation of iptables with high-performance network filtering powered by Linux BPF, all while guaranteeing a non-disruptive transition for Linux users.bpftrace (DTrace 2.0) for Linux 2018 — Created by Alastair Robertson, bpftrace is an open source high-level tracing front-end that lets you analyze systems in custom ways. It's shaping up to be a DTrace version 2.0: more capable, and built from the ground up for the modern era of the eBPF virtual machine.The bpftrace One-Liner TutorialBCC - Tools for BPF-based Linux IO analysis, networking, monitoring, and more — BCC is a toolkit for creating efficient kernel tracing and manipulation programs, and includes several useful tools and examples.Linux eBPF Tracing Tools — This page shows examples of performance analysis tools using enhancements to BPF (Berkeley Packet Filter) which were added to the Linux 4.x series kernels, allowing BPF to do much more than just filtering packets. These enhancements allow custom analysis programs to be executed on Linux dynamic tracing, static tracing, and profiling events.eBPF Vulnerability (CVE-2017-16995): When the Doorman Becomes the BackdoorUltimate Plumber — Ultimate Plumber is a tool for writing Linux pipes with instant live preview\r\nBSD Now 073: Pipe Dreams — Interview w/ David Maxwell about Pipecut, text processing, and commandline wizardry.","content_html":"\u003cp\u003eWe explain what eBPF is, how it works, and its proud BSD production legacy.\u003c/p\u003e\n\n\u003cp\u003eeBPF is a technology that you’re going to be hearing more and more about. It powers low-overhead custom analysis tools, handles network security in a containerized world, and powers tools you use every day.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Chris Goes to MeetBSD\" rel=\"nofollow\" href=\"https://linuxunplugged.com/articles/meetbsd2018\"\u003eChris Goes to MeetBSD\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"​Linus Torvalds talks about coming back to work on Linux | ZDNet\" rel=\"nofollow\" href=\"https://www.zdnet.com/article/linus-torvalds-talks-about-coming-back-to-work-on-linux/\"\u003e​Linus Torvalds talks about coming back to work on Linux | ZDNet\u003c/a\u003e \u0026mdash; BPF has actually been really useful, and the real power of it is how it allows people to do specialized code that isn't enabled until asked for.\u003c/li\u003e\u003cli\u003e\u003ca title=\"The Kernel Report - Jonathan Corbet\" rel=\"nofollow\" href=\"https://www.youtube.com/watch?v=XQGUi5Gu0D8\u0026amp;feature=youtu.be\u0026amp;t=840\"\u003eThe Kernel Report - Jonathan Corbet\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"BPF - the forgotten bytecode\" rel=\"nofollow\" href=\"https://blog.cloudflare.com/bpf-the-forgotten-bytecode/\"\u003eBPF - the forgotten bytecode\u003c/a\u003e \u0026mdash; All this changed in 1993 when Steven McCanne and Van Jacobson published the paper introducing a better way of filtering packets in the kernel, they called it \"The BSD Packet Filter\" (BPF)\u003c/li\u003e\u003cli\u003e\u003ca title=\"The BSD Packet Filter\" rel=\"nofollow\" href=\"http://www.tcpdump.org/papers/bpf-usenix93.pdf\"\u003eThe BSD Packet Filter\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"eBPF: Past, Present, and Future\" rel=\"nofollow\" href=\"https://ferrisellis.com/posts/ebpf_past_present_future/\"\u003eeBPF: Past, Present, and Future\u003c/a\u003e \u0026mdash; The Extended Berkeley Packet Filter, or eBPF, has rapidly been adopted into a number of Linux kernel systems since its introduction into the Linux kernel in late 2014. Understanding eBPF, however, can be difficult as many try to explain it via a use of eBPF as opposed to its design. Indeed eBPF's name indicates that it is for packet filtering even though it now has uses which have nothing to do with networking.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Using eBPF in Kubernetes\" rel=\"nofollow\" href=\"https://kubernetes.io/blog/2017/12/using-ebpf-in-kubernetes/\"\u003eUsing eBPF in Kubernetes\u003c/a\u003e \u0026mdash; Cilium is a networking project that makes heavy use of eBPF superpowers to route and filter network traffic for container-based systems. By using eBPF, Cilium can dynamically generate and apply rules—even at the device level with XDP—without making changes to the Linux kernel itself\u003c/li\u003e\u003cli\u003e\u003ca title=\"Why is the kernel community replacing iptables with BPF?\" rel=\"nofollow\" href=\"https://cilium.io/blog/2018/04/17/why-is-the-kernel-community-replacing-iptables/\"\u003eWhy is the kernel community replacing iptables with BPF?\u003c/a\u003e \u0026mdash; The Linux kernel community recently announced bpfilter, which will replace the long-standing in-kernel implementation of iptables with high-performance network filtering powered by Linux BPF, all while guaranteeing a non-disruptive transition for Linux users.\u003c/li\u003e\u003cli\u003e\u003ca title=\"bpftrace (DTrace 2.0) for Linux 2018\" rel=\"nofollow\" href=\"http://www.brendangregg.com/blog/2018-10-08/dtrace-for-linux-2018.html\"\u003ebpftrace (DTrace 2.0) for Linux 2018\u003c/a\u003e \u0026mdash; Created by Alastair Robertson, bpftrace is an open source high-level tracing front-end that lets you analyze systems in custom ways. It's shaping up to be a DTrace version 2.0: more capable, and built from the ground up for the modern era of the eBPF virtual machine.\u003c/li\u003e\u003cli\u003e\u003ca title=\"The bpftrace One-Liner Tutorial\" rel=\"nofollow\" href=\"https://github.com/iovisor/bpftrace/blob/master/docs/tutorial_one_liners.md\"\u003eThe bpftrace One-Liner Tutorial\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"BCC - Tools for BPF-based Linux IO analysis, networking, monitoring, and more\" rel=\"nofollow\" href=\"https://github.com/iovisor/bcc\"\u003eBCC - Tools for BPF-based Linux IO analysis, networking, monitoring, and more\u003c/a\u003e \u0026mdash; BCC is a toolkit for creating efficient kernel tracing and manipulation programs, and includes several useful tools and examples.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Linux eBPF Tracing Tools\" rel=\"nofollow\" href=\"http://www.brendangregg.com/ebpf.html\"\u003eLinux eBPF Tracing Tools\u003c/a\u003e \u0026mdash; This page shows examples of performance analysis tools using enhancements to BPF (Berkeley Packet Filter) which were added to the Linux 4.x series kernels, allowing BPF to do much more than just filtering packets. These enhancements allow custom analysis programs to be executed on Linux dynamic tracing, static tracing, and profiling events.\u003c/li\u003e\u003cli\u003e\u003ca title=\"eBPF Vulnerability (CVE-2017-16995): When the Doorman Becomes the Backdoor\" rel=\"nofollow\" href=\"https://blog.aquasec.com/ebpf-vulnerability-cve-2017-16995-when-the-doorman-becomes-the-backdoor\"\u003eeBPF Vulnerability (CVE-2017-16995): When the Doorman Becomes the Backdoor\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Ultimate Plumber\" rel=\"nofollow\" href=\"https://github.com/akavel/up\"\u003eUltimate Plumber\u003c/a\u003e \u0026mdash; Ultimate Plumber is a tool for writing Linux pipes with instant live preview\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"BSD Now 073: Pipe Dreams\" rel=\"nofollow\" href=\"http://www.bsdnow.tv/episodes/2015_01_21-pipe_dreams\"\u003eBSD Now 073: Pipe Dreams\u003c/a\u003e \u0026mdash; Interview w/ David Maxwell about Pipecut, text processing, and commandline wizardry.\u003c/li\u003e\u003c/ul\u003e","summary":"We explain what eBPF is, how it works, and its proud BSD production legacy.","date_published":"2018-10-25T15:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/64a6b392-dd6b-4be1-805a-e88b17e029ec.mp3","mime_type":"audio/mpeg","size_in_bytes":31325387,"duration_in_seconds":2217}]},{"id":"c6e35c4d-a8a5-4394-8e7f-9acd91aa5aa2","title":"Episode 387: Private Cloud Building Blocks","url":"https://techsnap.systems/387","content_text":"We bring in Amy Marrich to break down the building blocks of OpenStack. There are nearly an overwhelming number of ways to manage your infrastructure, and we learn about one of the original tools.\n\nPlus a few warm up stories, a war story, and more.Special Guest: Amy Marrich.Links:James Stanley - Someone used my IPFS gateway for phishingScaling Engineering Teams via Writing Things Down and Sharing — I have recently been talking at small and mid-size companies, sharing engineering best practices I see us use at Uber, which I would recommend any tech company adopt as they are growing. The one topic that gets both the most raised eyebrows, as well the most \"aha!\" moments is the one on how the planning process for engineering has worked since the early years of Uber.Say hello to Kata Containers — Kata Containers bridges the gap between traditional VM security and the lightweight benefits of traditional Linux containers.Disappearing videos and disappointed grandmothers — Here's another story about broken things with some of the details changed just a little. If it sounds familiar, it's probably because your company also did it at some point.","content_html":"\u003cp\u003eWe bring in Amy Marrich to break down the building blocks of OpenStack. There are nearly an overwhelming number of ways to manage your infrastructure, and we learn about one of the original tools.\u003c/p\u003e\n\n\u003cp\u003ePlus a few warm up stories, a war story, and more.\u003c/p\u003e\u003cp\u003eSpecial Guest: Amy Marrich.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"James Stanley - Someone used my IPFS gateway for phishing\" rel=\"nofollow\" href=\"https://incoherency.co.uk/blog/stories/hardbin-phishing.html\"\u003eJames Stanley - Someone used my IPFS gateway for phishing\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Scaling Engineering Teams via Writing Things Down and Sharing\" rel=\"nofollow\" href=\"https://blog.pragmaticengineer.com/scaling-engineering-teams-via-writing-things-down-rfcs/\"\u003eScaling Engineering Teams via Writing Things Down and Sharing\u003c/a\u003e \u0026mdash; I have recently been talking at small and mid-size companies, sharing engineering best practices I see us use at Uber, which I would recommend any tech company adopt as they are growing. The one topic that gets both the most raised eyebrows, as well the most \"aha!\" moments is the one on how the planning process for engineering has worked since the early years of Uber.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Say hello to Kata Containers\" rel=\"nofollow\" href=\"http://superuser.openstack.org/articles/kata-containers-1-0/\"\u003eSay hello to Kata Containers\u003c/a\u003e \u0026mdash; Kata Containers bridges the gap between traditional VM security and the lightweight benefits of traditional Linux containers.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Disappearing videos and disappointed grandmothers\" rel=\"nofollow\" href=\"https://rachelbythebay.com/w/2018/10/05/recipes/\"\u003eDisappearing videos and disappointed grandmothers\u003c/a\u003e \u0026mdash; Here's another story about broken things with some of the details changed just a little. If it sounds familiar, it's probably because your company also did it at some point.\u003c/li\u003e\u003c/ul\u003e","summary":"We bring in Amy Marrich to break down the building blocks of OpenStack. There are nearly an overwhelming number of ways to manage your infrastructure, and we learn about one of the original tools.","date_published":"2018-10-11T17:45:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/c6e35c4d-a8a5-4394-8e7f-9acd91aa5aa2.mp3","mime_type":"audio/mpeg","size_in_bytes":28532297,"duration_in_seconds":2017}]},{"id":"18d614a8-cc5e-47e9-9cad-3f411f1ae0cd","title":"Episode 386: What Makes Google Cloud Different","url":"https://techsnap.systems/386","content_text":"We bring on our Google Cloud expert and explore the fundamentals, demystify some of the magic, and ask what makes Google Cloud different. \n\nPlus how Google hopes Roughtime will solve one of the web’s biggest problems, some great emails, and more!Special Guest: Matt Ulasien.Links:Cloudflare Embraces Google Roughtime, Giving Internet Security a Boost — The internet infrastructure firm Cloudflare will now support a free timekeeping protocol known as Roughtime, which helps synchronize the internet's clocks and validate timestamps.Roughtime: Securing Time with Digital Signatures — Roughtime lacks the precision of NTP, but aims to be accurate enough for cryptographic applications, and since the responses are authenticated, man-in-the-middle attacks aren’t possibleGoogle Cloud rolls out security feature for container images — All container images built using Cloud Build, Google's fully-managed CI/CD platform, will now be automatically scanned for OS package vulnerabilitiesTweets by Matthew Ulasien (@mulasien)Google Cloud Weekly | 10.03.2018Matthew Ulasien - QuoraGoogle Certified Professional Cloud ArchitectFeedback: Can't Even Google This One!Feedback: The Button Pusher ProblemFeedback: Can I monitor that?PingdomSite24x7prometheus/blackbox_exporter: Blackbox prober exporter Kubernetes the Hard Way - CourseHow do Kubernetes Deployments work? An adversarial perspective. — What is happening when a Deployment rolls out a change to your app? What does it actually do when a Pod crashes or is killed? What happens when a Pod is re-labled so that it's not targeted by the Deployment?Kubernetes: The Surprisingly Affordable Platform for Personal Projects — I think that Kubernetes makes sense for small projects and you can have your own Kubernetes cluster today for as little as $5 a month.Kubernetes for personal projects? No thanks! — I have read multiple times this article about running Kubernetes to run small projects and thought I could share why I think that might not be a great idea.KubeDirector: The easy way to run complex stateful applications on Kubernetes — KubeDirector is an open source project designed to make it easy to run complex stateful scale-out application clusters on Kubernetes.Kubernetes On Bare Metal — This guide will take you from nothing to a 2 node cluster, automatic SSL for deployed apps, a custom PVC/PV storage class using NFS, and a private docker registry.Introducing DigitalOcean Kubernetes in Limited Availability","content_html":"\u003cp\u003eWe bring on our Google Cloud expert and explore the fundamentals, demystify some of the magic, and ask what makes Google Cloud different. \u003c/p\u003e\n\n\u003cp\u003ePlus how Google hopes Roughtime will solve one of the web’s biggest problems, some great emails, and more!\u003c/p\u003e\u003cp\u003eSpecial Guest: Matt Ulasien.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Cloudflare Embraces Google Roughtime, Giving Internet Security a Boost\" rel=\"nofollow\" href=\"https://www.wired.com/story/clouldflare-google-roughtime-sync-clocks-security/\"\u003eCloudflare Embraces Google Roughtime, Giving Internet Security a Boost\u003c/a\u003e \u0026mdash; The internet infrastructure firm Cloudflare will now support a free timekeeping protocol known as Roughtime, which helps synchronize the internet's clocks and validate timestamps.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Roughtime: Securing Time with Digital Signatures\" rel=\"nofollow\" href=\"https://blog.cloudflare.com/roughtime/\"\u003eRoughtime: Securing Time with Digital Signatures\u003c/a\u003e \u0026mdash; Roughtime lacks the precision of NTP, but aims to be accurate enough for cryptographic applications, and since the responses are authenticated, man-in-the-middle attacks aren’t possible\u003c/li\u003e\u003cli\u003e\u003ca title=\"Google Cloud rolls out security feature for container images\" rel=\"nofollow\" href=\"https://www.zdnet.com/article/google-cloud-rolls-out-security-feature-for-container-images/\"\u003eGoogle Cloud rolls out security feature for container images\u003c/a\u003e \u0026mdash; All container images built using Cloud Build, Google's fully-managed CI/CD platform, will now be automatically scanned for OS package vulnerabilities\u003c/li\u003e\u003cli\u003e\u003ca title=\"Tweets by Matthew Ulasien (@mulasien)\" rel=\"nofollow\" href=\"https://twitter.com/mulasien\"\u003eTweets by Matthew Ulasien (@mulasien)\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Google Cloud Weekly | 10.03.2018\" rel=\"nofollow\" href=\"https://www.youtube.com/watch?v=iNcg-2TOFbA\"\u003eGoogle Cloud Weekly | 10.03.2018\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Matthew Ulasien - Quora\" rel=\"nofollow\" href=\"https://www.quora.com/profile/Matthew-Ulasien\"\u003eMatthew Ulasien - Quora\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Google Certified Professional Cloud Architect\" rel=\"nofollow\" href=\"https://linuxacademy.com/linux/training/course/name/google-cloud-platform-architect-essentials\"\u003eGoogle Certified Professional Cloud Architect\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Feedback: Can\u0026#39;t Even Google This One!\" rel=\"nofollow\" href=\"https://pastebin.com/ufe1KdEX\"\u003eFeedback: Can\u0026#39;t Even Google This One!\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Feedback: The Button Pusher Problem\" rel=\"nofollow\" href=\"https://pastebin.com/zcacp8F2\"\u003eFeedback: The Button Pusher Problem\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Feedback: Can I monitor that?\" rel=\"nofollow\" href=\"https://pastebin.com/RYSsLQpj\"\u003eFeedback: Can I monitor that?\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Pingdom\" rel=\"nofollow\" href=\"https://www.pingdom.com/\"\u003ePingdom\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Site24x7\" rel=\"nofollow\" href=\"https://www.site24x7.com/\"\u003eSite24x7\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"prometheus/blackbox_exporter: Blackbox prober exporter\" rel=\"nofollow\" href=\"https://github.com/prometheus/blackbox_exporter\"\u003eprometheus/blackbox_exporter: Blackbox prober exporter\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\" Kubernetes the Hard Way - Course\" rel=\"nofollow\" href=\"https://linuxacademy.com/cp/modules/view/id/221\"\u003e Kubernetes the Hard Way - Course\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"How do Kubernetes Deployments work? An adversarial perspective.\" rel=\"nofollow\" href=\"https://blog.pulumi.com/how-do-kubernetes-deployments-work-an-adversarial-perspective\"\u003eHow do Kubernetes Deployments work? An adversarial perspective.\u003c/a\u003e \u0026mdash; What is happening when a Deployment rolls out a change to your app? What does it actually do when a Pod crashes or is killed? What happens when a Pod is re-labled so that it's not targeted by the Deployment?\u003c/li\u003e\u003cli\u003e\u003ca title=\"Kubernetes: The Surprisingly Affordable Platform for Personal Projects\" rel=\"nofollow\" href=\"https://www.doxsey.net/blog/kubernetes--the-surprisingly-affordable-platform-for-personal-projects\"\u003eKubernetes: The Surprisingly Affordable Platform for Personal Projects\u003c/a\u003e \u0026mdash; I think that Kubernetes makes sense for small projects and you can have your own Kubernetes cluster today for as little as $5 a month.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Kubernetes for personal projects? No thanks!\" rel=\"nofollow\" href=\"https://carlosrdrz.es/kubernetes-for-small-projects/\"\u003eKubernetes for personal projects? No thanks!\u003c/a\u003e \u0026mdash; I have read multiple times this article about running Kubernetes to run small projects and thought I could share why I think that might not be a great idea.\u003c/li\u003e\u003cli\u003e\u003ca title=\"KubeDirector: The easy way to run complex stateful applications on Kubernetes\" rel=\"nofollow\" href=\"https://kubernetes.io/blog/2018/10/03/kubedirector-the-easy-way-to-run-complex-stateful-applications-on-kubernetes/\"\u003eKubeDirector: The easy way to run complex stateful applications on Kubernetes\u003c/a\u003e \u0026mdash; KubeDirector is an open source project designed to make it easy to run complex stateful scale-out application clusters on Kubernetes.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Kubernetes On Bare Metal\" rel=\"nofollow\" href=\"https://joshrendek.com/2018/04/kubernetes-on-bare-metal/\"\u003eKubernetes On Bare Metal\u003c/a\u003e \u0026mdash; This guide will take you from nothing to a 2 node cluster, automatic SSL for deployed apps, a custom PVC/PV storage class using NFS, and a private docker registry.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Introducing DigitalOcean Kubernetes in Limited Availability\" rel=\"nofollow\" href=\"https://twitter.com/digitalocean/status/1046821669610901509\"\u003eIntroducing DigitalOcean Kubernetes in Limited Availability\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"We bring on our Google Cloud expert and explore the fundamentals, demystify some of the magic, and ask what makes Google Cloud different. ","date_published":"2018-10-04T16:45:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/18d614a8-cc5e-47e9-9cad-3f411f1ae0cd.mp3","mime_type":"audio/mpeg","size_in_bytes":29644989,"duration_in_seconds":2097}]},{"id":"f656bfc9-76fe-45b3-b238-3cff6b0acfac","title":"Episode 385: 3 Things to Know About Kubernetes","url":"https://techsnap.systems/385","content_text":"Kubernetes expert Will Boyd joins us to explain the top 3 things to know about Kubernetes, when it’s the right tool for the job, and building highly available production grade clusters.\n\nPlus the privacy improvements that could be coming to HTTPS, and a new SSH auditing tool hits the open source scene. Special Guest: Will Boyd.Links:Open Sourcing HASSH — HASSH is a network fingerprinting standard invented within the Detection Cloud team at Salesforce.ESNI: A Privacy-Protecting Upgrade to HTTPS — Today, Cloudflare is announcing a major step toward closing this privacy hole and enhancing the privacy protections that HTTPS offers. Cloudflare has proposed a technical standard for encrypted SNI, or “ESNI,” which can hide the identities of the sites you visit—particularly when a large number of sites are hosted on a single set of IP addressesWhat's new in Kubernetes 1.12?Kubernetes the Hard Way — Kubernetes The Hard Way guides you through bootstrapping a highly available Kubernetes cluster with end-to-end encryption between components and RBAC authentication.Install MinikubeCreating a single master cluster with kubeadm10 open-source Kubernetes tools for highly effective SRE and Ops TeamsClonezilla — Clonezilla is a partition and disk imaging/cloning program similar to True Image or Norton Ghost.","content_html":"\u003cp\u003eKubernetes expert Will Boyd joins us to explain the top 3 things to know about Kubernetes, when it’s the right tool for the job, and building highly available production grade clusters.\u003c/p\u003e\n\n\u003cp\u003ePlus the privacy improvements that could be coming to HTTPS, and a new SSH auditing tool hits the open source scene. \u003c/p\u003e\u003cp\u003eSpecial Guest: Will Boyd.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Open Sourcing HASSH\" rel=\"nofollow\" href=\"https://engineering.salesforce.com/open-sourcing-hassh-abed3ae5044c\"\u003eOpen Sourcing HASSH\u003c/a\u003e \u0026mdash; HASSH is a network fingerprinting standard invented within the Detection Cloud team at Salesforce.\u003c/li\u003e\u003cli\u003e\u003ca title=\"ESNI: A Privacy-Protecting Upgrade to HTTPS\" rel=\"nofollow\" href=\"https://www.eff.org/deeplinks/2018/09/esni-privacy-protecting-upgrade-https\"\u003eESNI: A Privacy-Protecting Upgrade to HTTPS\u003c/a\u003e \u0026mdash; Today, Cloudflare is announcing a major step toward closing this privacy hole and enhancing the privacy protections that HTTPS offers. Cloudflare has proposed a technical standard for encrypted SNI, or “ESNI,” which can hide the identities of the sites you visit—particularly when a large number of sites are hosted on a single set of IP addresses\u003c/li\u003e\u003cli\u003e\u003ca title=\"What\u0026#39;s new in Kubernetes 1.12?\" rel=\"nofollow\" href=\"https://sysdig.com/blog/whats-new-in-kubernetes-1-12/\"\u003eWhat\u0026#39;s new in Kubernetes 1.12?\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Kubernetes the Hard Way\" rel=\"nofollow\" href=\"https://github.com/kelseyhightower/kubernetes-the-hard-way\"\u003eKubernetes the Hard Way\u003c/a\u003e \u0026mdash; Kubernetes The Hard Way guides you through bootstrapping a highly available Kubernetes cluster with end-to-end encryption between components and RBAC authentication.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Install Minikube\" rel=\"nofollow\" href=\"https://kubernetes.io/docs/tasks/tools/install-minikube/\"\u003eInstall Minikube\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Creating a single master cluster with kubeadm\" rel=\"nofollow\" href=\"https://kubernetes.io/docs/setup/independent/create-cluster-kubeadm/\"\u003eCreating a single master cluster with kubeadm\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"10 open-source Kubernetes tools for highly effective SRE and Ops Teams\" rel=\"nofollow\" href=\"https://abhishek-tiwari.com/10-open-source-tools-for-highly-effective-kubernetes-sre-and-ops-teams/\"\u003e10 open-source Kubernetes tools for highly effective SRE and Ops Teams\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Clonezilla\" rel=\"nofollow\" href=\"https://www.clonezilla.org/\"\u003eClonezilla\u003c/a\u003e \u0026mdash; Clonezilla is a partition and disk imaging/cloning program similar to True Image or Norton Ghost.\u003c/li\u003e\u003c/ul\u003e","summary":"Kubernetes expert Will Boyd joins us to explain the top 3 things to know about Kubernetes, when it’s the right tool for the job, and building highly available production grade clusters.","date_published":"2018-09-27T16:15:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/f656bfc9-76fe-45b3-b238-3cff6b0acfac.mp3","mime_type":"audio/mpeg","size_in_bytes":19733765,"duration_in_seconds":1389}]},{"id":"be1b2668-8b45-4297-8043-0f6108bcfe71","title":"Episode 384: Interplanetary Peers","url":"https://techsnap.systems/384","content_text":"Jon the Nice Guy joins Wes to discuss all things IPFS. We'll explore what it does, how it works, and why it might be the best hope for a decentralized internet.\n\nPlus, Magecart strikes again, Alpine has package problems, and why you shouldn't trust Western Digital's MyCloud. Special Guest: Jon Spriggs.Links:GovPayNow.com Leaks 14M+ Records — Government Payment Service Inc. has leaked more than 14 million customer records dating back at least six years, including names, addresses, phone numbers and the last four digits of the payer’s credit card.Magecart claims another victim in Newegg merchant data theft — Researchers from RiskIQ, together with Volexity, revealed that California-based retailer Newegg is the latest well-known merchant to succumb to the threat actors.RiskIQ: Another Victim of the Magecart Assault EmergesPassword bypass flaw in Western Digital My Cloud drives puts data at risk — A security researcher has published details of a vulnerability in Western Digital’s My Cloud devices, which could allow an attacker to bypass the admin password on the drive, gaining complete control over the user’s data.WD MyCloud Metasploit ExampleCloudflare goes InterPlanetary — Today we’re excited to introduce Cloudflare’s IPFS Gateway, an easy way to access content from the InterPlanetary File System (IPFS) that doesn’t require installing and running any special software on your computer.End-to-End Integrity with IPFS — This post describes how to use Cloudflare's IPFS gateway to set up a website which is end-to-end secure, while maintaining the performance and reliability benefits of being served from Cloudflare’s edge network.How permanent is data stored on IPFS?Lesson: Add Content to IPFS and Retrieve It · Decentralized Web PrimerLeo Tindall: Putting This Blog on IPFSA Beginner’s Guide to IPFS — IPFS consists of several innovations in communication protocols and distributed systems that have been combined to produce a file system like no other.Useful resources for using IPFS and building things on top of itOrbitDB: Peer-to-Peer Databases for the Decentralized WebRebuild Alpine Linux Docker Containers After Package Manager Patch — An attacker could intercept a package request as a Alpine Linux Docker image is being built and add malicious code that target machines would then unpack and run within the Docker container","content_html":"\u003cp\u003eJon the Nice Guy joins Wes to discuss all things IPFS. We\u0026#39;ll explore what it does, how it works, and why it might be the best hope for a decentralized internet.\u003c/p\u003e\n\n\u003cp\u003ePlus, Magecart strikes again, Alpine has package problems, and why you shouldn\u0026#39;t trust Western Digital\u0026#39;s MyCloud. \u003c/p\u003e\u003cp\u003eSpecial Guest: Jon Spriggs.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"GovPayNow.com Leaks 14M+ Records\" rel=\"nofollow\" href=\"https://krebsonsecurity.com/2018/09/govpaynow-com-leaks-14m-records/\"\u003eGovPayNow.com Leaks 14M+ Records\u003c/a\u003e \u0026mdash; Government Payment Service Inc. has leaked more than 14 million customer records dating back at least six years, including names, addresses, phone numbers and the last four digits of the payer’s credit card.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Magecart claims another victim in Newegg merchant data theft\" rel=\"nofollow\" href=\"https://www.zdnet.com/article/magecart-claims-another-victim-in-newegg-merchant-data-theft/\"\u003eMagecart claims another victim in Newegg merchant data theft\u003c/a\u003e \u0026mdash; Researchers from RiskIQ, together with Volexity, revealed that California-based retailer Newegg is the latest well-known merchant to succumb to the threat actors.\u003c/li\u003e\u003cli\u003e\u003ca title=\"RiskIQ: Another Victim of the Magecart Assault Emerges\" rel=\"nofollow\" href=\"https://www.riskiq.com/blog/labs/magecart-newegg/\"\u003eRiskIQ: Another Victim of the Magecart Assault Emerges\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Password bypass flaw in Western Digital My Cloud drives puts data at risk\" rel=\"nofollow\" href=\"https://techcrunch.com/2018/09/19/password-bypass-flaw-western-digital-my-cloud-drives/\"\u003ePassword bypass flaw in Western Digital My Cloud drives puts data at risk\u003c/a\u003e \u0026mdash; A security researcher has published details of a vulnerability in Western Digital’s My Cloud devices, which could allow an attacker to bypass the admin password on the drive, gaining complete control over the user’s data.\u003c/li\u003e\u003cli\u003e\u003ca title=\"WD MyCloud Metasploit Example\" rel=\"nofollow\" href=\"https://pastecry.pt/dUHB3e#PewMuk%3AUt2Ek3Bee4Rej2Syz5Mek\"\u003eWD MyCloud Metasploit Example\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Cloudflare goes InterPlanetary\" rel=\"nofollow\" href=\"https://blog.cloudflare.com/distributed-web-gateway/\"\u003eCloudflare goes InterPlanetary\u003c/a\u003e \u0026mdash; Today we’re excited to introduce Cloudflare’s IPFS Gateway, an easy way to access content from the InterPlanetary File System (IPFS) that doesn’t require installing and running any special software on your computer.\u003c/li\u003e\u003cli\u003e\u003ca title=\"End-to-End Integrity with IPFS\" rel=\"nofollow\" href=\"https://blog.cloudflare.com/e2e-integrity/\"\u003eEnd-to-End Integrity with IPFS\u003c/a\u003e \u0026mdash; This post describes how to use Cloudflare's IPFS gateway to set up a website which is end-to-end secure, while maintaining the performance and reliability benefits of being served from Cloudflare’s edge network.\u003c/li\u003e\u003cli\u003e\u003ca title=\"How permanent is data stored on IPFS?\" rel=\"nofollow\" href=\"https://github.com/ipfs/faq/issues/93\"\u003eHow permanent is data stored on IPFS?\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Lesson: Add Content to IPFS and Retrieve It · Decentralized Web Primer\" rel=\"nofollow\" href=\"https://flyingzumwalt.gitbooks.io/decentralized-web-primer/content/files-on-ipfs/lessons/add-and-retrieve-file-content.html\"\u003eLesson: Add Content to IPFS and Retrieve It · Decentralized Web Primer\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Leo Tindall: Putting This Blog on IPFS\" rel=\"nofollow\" href=\"https://ipfs.io/ipns/Qme48wyZ7LaF9gC5693DZyJBtehgaFhaKycESroemD5fNX/post/putting_this_blog_on_ipfs/\"\u003eLeo Tindall: Putting This Blog on IPFS\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"A Beginner’s Guide to IPFS\" rel=\"nofollow\" href=\"https://hackernoon.com/a-beginners-guide-to-ipfs-20673fedd3f\"\u003eA Beginner’s Guide to IPFS\u003c/a\u003e \u0026mdash; IPFS consists of several innovations in communication protocols and distributed systems that have been combined to produce a file system like no other.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Useful resources for using IPFS and building things on top of it\" rel=\"nofollow\" href=\"https://github.com/ipfs/awesome-ipfs\"\u003eUseful resources for using IPFS and building things on top of it\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"OrbitDB: Peer-to-Peer Databases for the Decentralized Web\" rel=\"nofollow\" href=\"https://github.com/orbitdb/orbit-db\"\u003eOrbitDB: Peer-to-Peer Databases for the Decentralized Web\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Rebuild Alpine Linux Docker Containers After Package Manager Patch\" rel=\"nofollow\" href=\"https://www.itprotoday.com/linux/time-rebuild-alpine-linux-docker-containers-after-package-manager-patch\"\u003eRebuild Alpine Linux Docker Containers After Package Manager Patch\u003c/a\u003e \u0026mdash; An attacker could intercept a package request as a Alpine Linux Docker image is being built and add malicious code that target machines would then unpack and run within the Docker container\u003c/li\u003e\u003c/ul\u003e","summary":"Jon the Nice Guy joins Wes to discuss all things IPFS. We'll explore what it does, how it works, and why it might be the best hope for a decentralized internet.","date_published":"2018-09-21T00:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/be1b2668-8b45-4297-8043-0f6108bcfe71.mp3","mime_type":"audio/mpeg","size_in_bytes":31575819,"duration_in_seconds":2234}]},{"id":"8012b7a1-2660-4bbc-8dda-a09c631b57ab","title":"Episode 383: The Power of Shame","url":"https://techsnap.systems/383","content_text":"TechSNAP progenitor and special guest Allan Jude joins us to talk mobile security, hand out some SSH tips and tricks, and discuss why security shaming works so well.\n\nPlus, how Mozilla is protecting their GitHub repos, a check-in on Equifax, and some great picks.Special Guest: Allan Jude.Links:Protecting Mozilla’s GitHub Repositories from Malicious ModificationBritish Airways: Suspect code that hacked fliers 'found'A year later, Equifax lost your data but faced little falloutSecurity Implications of SSH Forwardingsshd_config manualSSH Chaining (for jumphosts)Troy Hunt posts a blog where he argues in favour of publicly shaming companies for bad securityYour phone is NOT your passwordSelect Star SQL: an interactive book which aims to be the best place to learn SQLSource Of Evil – A Botnet Code Collectionxsv: A fast CSV command line toolkit written in Rust","content_html":"\u003cp\u003eTechSNAP progenitor and special guest Allan Jude joins us to talk mobile security, hand out some SSH tips and tricks, and discuss why security shaming works so well.\u003c/p\u003e\n\n\u003cp\u003ePlus, how Mozilla is protecting their GitHub repos, a check-in on Equifax, and some great picks.\u003c/p\u003e\u003cp\u003eSpecial Guest: Allan Jude.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Protecting Mozilla’s GitHub Repositories from Malicious Modification\" rel=\"nofollow\" href=\"https://blog.mozilla.org/security/2018/09/11/protecting-mozillas-github-repositories-from-malicious-modification/\"\u003eProtecting Mozilla’s GitHub Repositories from Malicious Modification\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"British Airways: Suspect code that hacked fliers \u0026#39;found\u0026#39;\" rel=\"nofollow\" href=\"https://www.bbc.co.uk/news/technology-45481976\"\u003eBritish Airways: Suspect code that hacked fliers \u0026#39;found\u0026#39;\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"A year later, Equifax lost your data but faced little fallout\" rel=\"nofollow\" href=\"https://techcrunch.com/2018/09/08/equifax-one-year-later-unscathed/\"\u003eA year later, Equifax lost your data but faced little fallout\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Security Implications of SSH Forwarding\" rel=\"nofollow\" href=\"https://slexy.org/view/s24sQBImsz\"\u003eSecurity Implications of SSH Forwarding\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"sshd_config manual\" rel=\"nofollow\" href=\"https://man.openbsd.org/sshd_config.5#GatewayPorts\"\u003esshd_config manual\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"SSH Chaining (for jumphosts)\" rel=\"nofollow\" href=\"http://www.bsdnow.tv/tutorials/ssh-chaining\"\u003eSSH Chaining (for jumphosts)\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Troy Hunt posts a blog where he argues in favour of publicly shaming companies for bad security\" rel=\"nofollow\" href=\"https://www.troyhunt.com/the-effectiveness-of-publicly-shaming-bad-security/\"\u003eTroy Hunt posts a blog where he argues in favour of publicly shaming companies for bad security\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Your phone is NOT your password\" rel=\"nofollow\" href=\"https://krebsonsecurity.com/2018/09/u-s-mobile-giants-want-to-be-your-online-identity/\"\u003eYour phone is NOT your password\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Select Star SQL: an interactive book which aims to be the best place to learn SQL\" rel=\"nofollow\" href=\"https://selectstarsql.com/\"\u003eSelect Star SQL: an interactive book which aims to be the best place to learn SQL\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Source Of Evil – A Botnet Code Collection\" rel=\"nofollow\" href=\"https://hackaday.com/2018/09/09/source-of-evil-a-botnet-code-collection/\"\u003eSource Of Evil – A Botnet Code Collection\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"xsv: A fast CSV command line toolkit written in Rust\" rel=\"nofollow\" href=\"https://github.com/BurntSushi/xsv\"\u003exsv: A fast CSV command line toolkit written in Rust\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"TechSNAP progenitor and special guest Allan Jude joins us to talk mobile security, hand out some SSH tips and tricks, and discuss why security shaming works so well.","date_published":"2018-09-13T21:30:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/8012b7a1-2660-4bbc-8dda-a09c631b57ab.mp3","mime_type":"audio/mpeg","size_in_bytes":43811399,"duration_in_seconds":3108}]},{"id":"20c841ff-5ccf-4058-8e2d-f59364827c26","title":"Episode 382: Domestic Disappointments","url":"https://techsnap.systems/382","content_text":"We’re joined by a special guest to discuss the failures of campaign security, the disastrous consequences of a mismanaged firewall, and the suspicious case of Speck.\n\nPlus the latest vulnerabilities in Wireshark and OpenSSH, the new forensic hotness from Netflix, and some great introductions to cryptography. Special Guest: Martin Wimpress.Links:I’m teaching email security to Democratic campaigns. It’s as bad as 2016.Botched CIA Communications System Helped Blow Cover of Chinese AgentsNSA-Designed Speck Algorithm to Be Removed From Linux 4.20Vulnerability Affects All OpenSSH Versions Released in the Past Two DecadesWireshark can be crashed via malicious packet trace filesService provider story about tracking down TCP RSTsThe case of the 500-mile emailDiffy: A cloud-centric triage tool for digital forensics and incident responseAn intensive introduction to CryptographyThe Manga Guide to Cryptography | No Starch Press","content_html":"\u003cp\u003eWe’re joined by a special guest to discuss the failures of campaign security, the disastrous consequences of a mismanaged firewall, and the suspicious case of Speck.\u003c/p\u003e\n\n\u003cp\u003ePlus the latest vulnerabilities in Wireshark and OpenSSH, the new forensic hotness from Netflix, and some great introductions to cryptography. \u003c/p\u003e\u003cp\u003eSpecial Guest: Martin Wimpress.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"I’m teaching email security to Democratic campaigns. It’s as bad as 2016.\" rel=\"nofollow\" href=\"https://www.washingtonpost.com/outlook/2018/09/04/im-teaching-email-security-democratic-campaigns-its-bad/\"\u003eI’m teaching email security to Democratic campaigns. It’s as bad as 2016.\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Botched CIA Communications System Helped Blow Cover of Chinese Agents\" rel=\"nofollow\" href=\"https://foreignpolicy.com/2018/08/15/botched-cia-communications-system-helped-blow-cover-chinese-agents-intelligence/\"\u003eBotched CIA Communications System Helped Blow Cover of Chinese Agents\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"NSA-Designed Speck Algorithm to Be Removed From Linux 4.20\" rel=\"nofollow\" href=\"https://www.tomshardware.com/news/nsa-speck-removed-linux-4-20,37747.html\"\u003eNSA-Designed Speck Algorithm to Be Removed From Linux 4.20\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Vulnerability Affects All OpenSSH Versions Released in the Past Two Decades\" rel=\"nofollow\" href=\"https://www.bleepingcomputer.com/news/security/vulnerability-affects-all-openssh-versions-released-in-the-past-two-decades/\"\u003eVulnerability Affects All OpenSSH Versions Released in the Past Two Decades\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Wireshark can be crashed via malicious packet trace files\" rel=\"nofollow\" href=\"https://www.helpnetsecurity.com/2018/08/31/wireshark-dos-vulnerabilities/\"\u003eWireshark can be crashed via malicious packet trace files\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Service provider story about tracking down TCP RSTs\" rel=\"nofollow\" href=\"https://mailman.nanog.org/pipermail/nanog/2018-September/096871.html\"\u003eService provider story about tracking down TCP RSTs\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"The case of the 500-mile email\" rel=\"nofollow\" href=\"http://www.ibiblio.org/harris/500milemail.html\"\u003eThe case of the 500-mile email\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Diffy: A cloud-centric triage tool for digital forensics and incident response\" rel=\"nofollow\" href=\"https://github.com/Netflix-Skunkworks/diffy\"\u003eDiffy: A cloud-centric triage tool for digital forensics and incident response\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"An intensive introduction to Cryptography\" rel=\"nofollow\" href=\"https://intensecrypto.org/public/\"\u003eAn intensive introduction to Cryptography\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"The Manga Guide to Cryptography | No Starch Press\" rel=\"nofollow\" href=\"https://nostarch.com/mangacrypto\"\u003eThe Manga Guide to Cryptography | No Starch Press\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"We’re joined by a special guest to discuss the failures of campaign security, the disastrous consequences of a mismanaged firewall, and the suspicious case of Speck.","date_published":"2018-09-06T19:15:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/20c841ff-5ccf-4058-8e2d-f59364827c26.mp3","mime_type":"audio/mpeg","size_in_bytes":38035774,"duration_in_seconds":2696}]},{"id":"c8862a6f-bc3a-42f5-b1ff-c9e6282ed771","title":"Episode 381: Here Comes Cloud DNS","url":"https://techsnap.systems/381","content_text":"To make DNS more secure, we must move it to the cloud! At least that’s what Mozilla and Google suggest. We breakdown DNS-over-HTTPS, why it requires a “cloud” component, and the advantages it has over traditional DNS.\n\nPlus new active attacks against Apache Struts, and a Windows 10 zero-day exposed on Twitter.Sponsored By:Digital Ocean: Apply our promo snapocean after you create your account, and get a $10 credit. Promo Code: snapoceanTing: Save $25 off a device, or get $25 in service credits! Promo Code: Visit techsnap.ting.comiXSystems: Get a system purpose built for you. Promo Code: Tell them we sent you!Links:Firefox Nightly Secure DNS Experimental Results DNS-over-HTTPSDNS over HTTPSA cartoon intro to DNS over HTTPSDiscussion of draft-ietf-doh-dns-over-https in the IETF's DOH Working GroupHigh performance DNS over HTTPS client \u0026amp; serverCloudflare Resolver for FirefoxActive Attacks Detected Using Apache Struts Vulnerability CVE-2018-11776Windows 10 Zero-Day Vulnerability Exposed On TwitterNetdata: Get control of your servers. — netdata is a system for distributed real-time performance and health monitoring. It provides unparalleled insights, in real-time, of everything happening on the system it runs (including applications such as web and database servers), using modern interactive web dashboards.\r\n\r\nState of Software Distribution - 2018 — Few enterprises possess the ability to deploy the latest software and security patches at scale, putting their cybersecurity and business performance at risk. In the 2018 State of Software Distribution Report, we explore why IT decision makers say they struggle to keep up with the software distribution needs of the modern enterprise.","content_html":"\u003cp\u003eTo make DNS more secure, we must move it to the cloud! At least that’s what Mozilla and Google suggest. We breakdown DNS-over-HTTPS, why it requires a “cloud” component, and the advantages it has over traditional DNS.\u003c/p\u003e\n\n\u003cp\u003ePlus new active attacks against Apache Struts, and a Windows 10 zero-day exposed on Twitter.\u003c/p\u003e\u003cp\u003eSponsored By:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"https://do.co/snap\"\u003eDigital Ocean\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"https://do.co/snap\"\u003eApply our promo snapocean after you create your account, and get a $10 credit.\u003c/a\u003e Promo Code: snapocean\u003c/li\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"http://techsnap.ting.com\"\u003eTing\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"http://techsnap.ting.com\"\u003eSave $25 off a device, or get $25 in service credits!\u003c/a\u003e Promo Code: Visit techsnap.ting.com\u003c/li\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"http://ixsystems.com/techsnap\"\u003eiXSystems\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"http://ixsystems.com/techsnap\"\u003eGet a system purpose built for you.\u003c/a\u003e Promo Code: Tell them we sent you!\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Firefox Nightly Secure DNS Experimental Results \" rel=\"nofollow\" href=\"https://blog.nightly.mozilla.org/2018/08/28/firefox-nightly-secure-dns-experimental-results/\"\u003eFirefox Nightly Secure DNS Experimental Results \u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"DNS-over-HTTPS\" rel=\"nofollow\" href=\"https://developers.google.com/speed/public-dns/docs/dns-over-https\"\u003eDNS-over-HTTPS\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"DNS over HTTPS\" rel=\"nofollow\" href=\"https://en.wikipedia.org/wiki/DNS_over_HTTPS\"\u003eDNS over HTTPS\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"A cartoon intro to DNS over HTTPS\" rel=\"nofollow\" href=\"https://hacks.mozilla.org/2018/05/a-cartoon-intro-to-dns-over-https/\"\u003eA cartoon intro to DNS over HTTPS\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Discussion of draft-ietf-doh-dns-over-https in the IETF\u0026#39;s DOH Working Group\" rel=\"nofollow\" href=\"https://github.com/dohwg/draft-ietf-doh-dns-over-https\"\u003eDiscussion of draft-ietf-doh-dns-over-https in the IETF\u0026#39;s DOH Working Group\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"High performance DNS over HTTPS client \u0026amp; server\" rel=\"nofollow\" href=\"https://github.com/m13253/dns-over-https\"\u003eHigh performance DNS over HTTPS client \u0026amp; server\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Cloudflare Resolver for Firefox\" rel=\"nofollow\" href=\"https://developers.cloudflare.com/1.1.1.1/commitment-to-privacy/privacy-policy/firefox/\"\u003eCloudflare Resolver for Firefox\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Active Attacks Detected Using Apache Struts Vulnerability CVE-2018-11776\" rel=\"nofollow\" href=\"https://www.bleepingcomputer.com/news/security/active-attacks-detected-using-apache-struts-vulnerability-cve-2018-11776/\"\u003eActive Attacks Detected Using Apache Struts Vulnerability CVE-2018-11776\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Windows 10 Zero-Day Vulnerability Exposed On Twitter\" rel=\"nofollow\" href=\"https://www.tomshardware.com/news/windows-10-zero-day-exposed-twitter,37709.html\"\u003eWindows 10 Zero-Day Vulnerability Exposed On Twitter\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Netdata: Get control of your servers.\" rel=\"nofollow\" href=\"https://github.com/firehol/netdata\"\u003eNetdata: Get control of your servers.\u003c/a\u003e \u0026mdash; netdata is a system for distributed real-time performance and health monitoring. It provides unparalleled insights, in real-time, of everything happening on the system it runs (including applications such as web and database servers), using modern interactive web dashboards.\r\n\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"State of Software Distribution - 2018\" rel=\"nofollow\" href=\"https://go.kollective.com/state-of-software-distribution.html\"\u003eState of Software Distribution - 2018\u003c/a\u003e \u0026mdash; Few enterprises possess the ability to deploy the latest software and security patches at scale, putting their cybersecurity and business performance at risk. In the 2018 State of Software Distribution Report, we explore why IT decision makers say they struggle to keep up with the software distribution needs of the modern enterprise.\u003c/li\u003e\u003c/ul\u003e","summary":"To make DNS more secure, we must move it to the cloud! At least that’s what Mozilla and Google suggest. We breakdown DNS-over-HTTPS, why it requires a “cloud” component, and the advantages it has over traditional DNS.","date_published":"2018-08-29T15:45:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/c8862a6f-bc3a-42f5-b1ff-c9e6282ed771.mp3","mime_type":"audio/mpeg","size_in_bytes":20357803,"duration_in_seconds":1433}]},{"id":"44b08775-8ecf-4c05-a1a7-a0888abfaadc","title":"Episode 380: Terminal Fault","url":"https://techsnap.systems/380","content_text":"Microsoft’s making radical changes to Windows 10, and a new type of speculative execution attack on Intel’s processors is targeting cloud providers.Sponsored By:Digital Ocean: Apply our promo snapocean after you create your account, and get a $10 credit. Promo Code: snapoceaniXSystems: Get a system purpose built for you. Promo Code: Tell them we sent you!Ting: Save $25 off a device, or get $25 in service credits! Promo Code: Visit techsnap.ting.comLinks:Hanging Up on Mobile in the Name of SecurityWindows 10 Enterprise Getting \"InPrivate Desktop\" Sandboxed Execution FeatureIntroducing the Windows Pseudo Console (ConPTY)Understanding L1 Terminal Fault aka ForeshadowMerge L1 Terminal Fault fixes from Thomas GleixnerCabot: Self-hosted, easily-deployable monitoring and alerts servicecabotapp/cabot - Docker Hub","content_html":"\u003cp\u003eMicrosoft’s making radical changes to Windows 10, and a new type of speculative execution attack on Intel’s processors is targeting cloud providers.\u003c/p\u003e\u003cp\u003eSponsored By:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"https://do.co/snap\"\u003eDigital Ocean\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"https://do.co/snap\"\u003eApply our promo snapocean after you create your account, and get a $10 credit.\u003c/a\u003e Promo Code: snapocean\u003c/li\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"http://ixsystems.com/techsnap\"\u003eiXSystems\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"http://ixsystems.com/techsnap\"\u003eGet a system purpose built for you.\u003c/a\u003e Promo Code: Tell them we sent you!\u003c/li\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"http://techsnap.ting.com\"\u003eTing\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"http://techsnap.ting.com\"\u003eSave $25 off a device, or get $25 in service credits!\u003c/a\u003e Promo Code: Visit techsnap.ting.com\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Hanging Up on Mobile in the Name of Security\" rel=\"nofollow\" href=\"https://krebsonsecurity.com/2018/08/hanging-up-on-mobile-in-the-name-of-security/\"\u003eHanging Up on Mobile in the Name of Security\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Windows 10 Enterprise Getting \u0026quot;InPrivate Desktop\u0026quot; Sandboxed Execution Feature\" rel=\"nofollow\" href=\"https://www.bleepingcomputer.com/news/microsoft/windows-10-enterprise-getting-inprivate-desktop-sandboxed-execution-feature/\"\u003eWindows 10 Enterprise Getting \u0026quot;InPrivate Desktop\u0026quot; Sandboxed Execution Feature\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Introducing the Windows Pseudo Console (ConPTY)\" rel=\"nofollow\" href=\"https://blogs.msdn.microsoft.com/commandline/2018/08/02/windows-command-line-introducing-the-windows-pseudo-console-conpty/\"\u003eIntroducing the Windows Pseudo Console (ConPTY)\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Understanding L1 Terminal Fault aka Foreshadow\" rel=\"nofollow\" href=\"https://www.redhat.com/en/blog/understanding-l1-terminal-fault-aka-foreshadow-what-you-need-know\"\u003eUnderstanding L1 Terminal Fault aka Foreshadow\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Merge L1 Terminal Fault fixes from Thomas Gleixner\" rel=\"nofollow\" href=\"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=958f338e96f874a0d29442396d6adf9c1e17aa2d\"\u003eMerge L1 Terminal Fault fixes from Thomas Gleixner\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Cabot: Self-hosted, easily-deployable monitoring and alerts service\" rel=\"nofollow\" href=\"https://github.com/arachnys/cabot\"\u003eCabot: Self-hosted, easily-deployable monitoring and alerts service\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"cabotapp/cabot - Docker Hub\" rel=\"nofollow\" href=\"https://hub.docker.com/r/cabotapp/cabot/\"\u003ecabotapp/cabot - Docker Hub\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Microsoft’s making radical changes to Windows 10, and a new type of speculative execution attack on Intel’s processors is targeting cloud providers.","date_published":"2018-08-16T16:30:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/44b08775-8ecf-4c05-a1a7-a0888abfaadc.mp3","mime_type":"audio/mpeg","size_in_bytes":27607345,"duration_in_seconds":1951}]},{"id":"7165f792-e1bf-4676-9d9e-2a2cc981db5c","title":"Episode 379: SegmentSmack is Whack","url":"https://techsnap.systems/379","content_text":"Take down a Linux or FreeBSD box with just 2kpps of traffic, own Homebrew in 30 minutes, and infiltrate an entire network via the Inkjet printers. \n\nIt’s a busy TechSNAP week.Sponsored By:Digital Ocean: Apply our promo snapocean after you create your account, and get a $10 credit. Promo Code: snapoceaniXSystems: Get a system purpose built for you. Promo Code: Tell them we sent you!Ting: Save $25 off a device, or get $25 in service credits! Promo Code: Visit techsnap.ting.comLinks:HP Inkjet Printers Buffer Overflows in Processing Files Let Remote Users Execute Arbitrary CodeBlack Hat 2018: Update Mechanisms Allow Remote Attacks on UEFI Firmware | The first stop for security newsHow I gained commit access to Homebrew in 30 minutesReconnaissance tool for GitHub organizationsTruffleHog: Searches through git repositories for high entropy strings and secrets, digging deep into commit historyBFG Repo-Cleaner by rtyleyTCP implementations vulnerable to Denial of ServiceSegmentSmack: kernel: tcp segments with random offsets may cause a remote denial of service [CVE-2018-5390]Merge branch 'tcp-robust-ooo' · torvalds/linuxNew Sysadmin dealing with stress.Microsoft’s undersea data center now has a webcam with fish swimming past 27.6 petabytes of data","content_html":"\u003cp\u003eTake down a Linux or FreeBSD box with just 2kpps of traffic, own Homebrew in 30 minutes, and infiltrate an entire network via the Inkjet printers. \u003c/p\u003e\n\n\u003cp\u003eIt’s a busy TechSNAP week.\u003c/p\u003e\u003cp\u003eSponsored By:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"https://do.co/snap\"\u003eDigital Ocean\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"https://do.co/snap\"\u003eApply our promo snapocean after you create your account, and get a $10 credit.\u003c/a\u003e Promo Code: snapocean\u003c/li\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"http://ixsystems.com/techsnap\"\u003eiXSystems\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"http://ixsystems.com/techsnap\"\u003eGet a system purpose built for you.\u003c/a\u003e Promo Code: Tell them we sent you!\u003c/li\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"http://techsnap.ting.com\"\u003eTing\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"http://techsnap.ting.com\"\u003eSave $25 off a device, or get $25 in service credits!\u003c/a\u003e Promo Code: Visit techsnap.ting.com\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"HP Inkjet Printers Buffer Overflows in Processing Files Let Remote Users Execute Arbitrary Code\" rel=\"nofollow\" href=\"https://securitytracker.com/id/1041415\"\u003eHP Inkjet Printers Buffer Overflows in Processing Files Let Remote Users Execute Arbitrary Code\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Black Hat 2018: Update Mechanisms Allow Remote Attacks on UEFI Firmware | The first stop for security news\" rel=\"nofollow\" href=\"https://threatpost.com/update-mechanism-flaws-allow-remote-attacks-on-uefi-firmware/134785/\"\u003eBlack Hat 2018: Update Mechanisms Allow Remote Attacks on UEFI Firmware | The first stop for security news\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"How I gained commit access to Homebrew in 30 minutes\" rel=\"nofollow\" href=\"https://medium.com/@vesirin/how-i-gained-commit-access-to-homebrew-in-30-minutes-2ae314df03ab\"\u003eHow I gained commit access to Homebrew in 30 minutes\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Reconnaissance tool for GitHub organizations\" rel=\"nofollow\" href=\"https://github.com/michenriksen/gitrob\"\u003eReconnaissance tool for GitHub organizations\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"TruffleHog: Searches through git repositories for high entropy strings and secrets, digging deep into commit history\" rel=\"nofollow\" href=\"https://github.com/dxa4481/truffleHog\"\u003eTruffleHog: Searches through git repositories for high entropy strings and secrets, digging deep into commit history\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"BFG Repo-Cleaner by rtyley\" rel=\"nofollow\" href=\"https://rtyley.github.io/bfg-repo-cleaner/\"\u003eBFG Repo-Cleaner by rtyley\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"TCP implementations vulnerable to Denial of Service\" rel=\"nofollow\" href=\"https://www.kb.cert.org/vuls/id/962459\"\u003eTCP implementations vulnerable to Denial of Service\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"SegmentSmack: kernel: tcp segments with random offsets may cause a remote denial of service [CVE-2018-5390]\" rel=\"nofollow\" href=\"https://access.redhat.com/articles/3553061\"\u003eSegmentSmack: kernel: tcp segments with random offsets may cause a remote denial of service [CVE-2018-5390]\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Merge branch \u0026#39;tcp-robust-ooo\u0026#39; · torvalds/linux\" rel=\"nofollow\" href=\"https://github.com/torvalds/linux/commit/1a4f14bab1868b443f0dd3c55b689a478f82e72e\"\u003eMerge branch \u0026#39;tcp-robust-ooo\u0026#39; · torvalds/linux\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"New Sysadmin dealing with stress.\" rel=\"nofollow\" href=\"https://www.reddit.com/r/sysadmin/comments/95od7h/new_sysadmin_dealing_with_stress/\"\u003eNew Sysadmin dealing with stress.\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Microsoft’s undersea data center now has a webcam with fish swimming past 27.6 petabytes of data\" rel=\"nofollow\" href=\"https://www.theverge.com/tldr/2018/8/9/17669936/microsoft-undersea-datacenter-webcam\"\u003eMicrosoft’s undersea data center now has a webcam with fish swimming past 27.6 petabytes of data\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Take down a Linux or FreeBSD box with just 2kpps of traffic, own Homebrew in 30 minutes, and infiltrate an entire network via the Inkjet printers. ","date_published":"2018-08-10T14:30:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/7165f792-e1bf-4676-9d9e-2a2cc981db5c.mp3","mime_type":"audio/mpeg","size_in_bytes":24883696,"duration_in_seconds":1756}]},{"id":"3ec742ee-24f7-4eee-a5a0-c40c5248e31b","title":"Episode 378: Two-Factor Fraud","url":"https://techsnap.systems/378","content_text":"Reddit’s Two Factor procedures fail, while Google’s prevents years of attacks. We’ll look at the different approaches, and discuss the fundamental weakness of Reddit’s approach.\n\nPlus a Spectre attack over the network, BGP issues take out Telegram, and more!Sponsored By:Digital Ocean: Apply our promo snapocean after you create your account, and get a $10 credit. Promo Code: snapoceaniXSystems: Get a system purpose built for you. Promo Code: Tell them we sent you!Ting: Save $25 off a device, or get $25 in service credits! Promo Code: Visit techsnap.ting.comLinks:Hey, don't route the messenger! Telegram redirected through Iran by baffling BGP leakFinding and Diagnosing BGP Route LeaksCloud Leak: How A Verizon Partner Exposed Millions of Customer AccountsNew Spectre attack enables secrets to be leaked over a networkNetSpectre: Read Arbitrary Memory over NetworkPassword breach teaches Reddit that, yes, phone-based 2FA is that badWe had a security incident.Google Employees Use a Physical Token as Their Second Authentication FactorCisco is buying Duo Security for $2.35B in cash","content_html":"\u003cp\u003eReddit’s Two Factor procedures fail, while Google’s prevents years of attacks. We’ll look at the different approaches, and discuss the fundamental weakness of Reddit’s approach.\u003c/p\u003e\n\n\u003cp\u003ePlus a Spectre attack over the network, BGP issues take out Telegram, and more!\u003c/p\u003e\u003cp\u003eSponsored By:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"https://do.co/snap\"\u003eDigital Ocean\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"https://do.co/snap\"\u003eApply our promo snapocean after you create your account, and get a $10 credit.\u003c/a\u003e Promo Code: snapocean\u003c/li\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"http://ixsystems.com/techsnap\"\u003eiXSystems\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"http://ixsystems.com/techsnap\"\u003eGet a system purpose built for you.\u003c/a\u003e Promo Code: Tell them we sent you!\u003c/li\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"http://techsnap.ting.com\"\u003eTing\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"http://techsnap.ting.com\"\u003eSave $25 off a device, or get $25 in service credits!\u003c/a\u003e Promo Code: Visit techsnap.ting.com\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Hey, don\u0026#39;t route the messenger! Telegram redirected through Iran by baffling BGP leak\" rel=\"nofollow\" href=\"https://www.theregister.co.uk/2018/08/01/bgp_route_leak_telegram_iran/\"\u003eHey, don\u0026#39;t route the messenger! Telegram redirected through Iran by baffling BGP leak\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Finding and Diagnosing BGP Route Leaks\" rel=\"nofollow\" href=\"https://blog.thousandeyes.com/finding-and-diagnosing-bgp-route-leaks/\"\u003eFinding and Diagnosing BGP Route Leaks\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Cloud Leak: How A Verizon Partner Exposed Millions of Customer Accounts\" rel=\"nofollow\" href=\"https://www.upguard.com/breaches/verizon-cloud-leak\"\u003eCloud Leak: How A Verizon Partner Exposed Millions of Customer Accounts\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"New Spectre attack enables secrets to be leaked over a network\" rel=\"nofollow\" href=\"https://arstechnica.com/gadgets/2018/07/new-spectre-attack-enables-secrets-to-be-leaked-over-a-network/\"\u003eNew Spectre attack enables secrets to be leaked over a network\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"NetSpectre: Read Arbitrary Memory over Network\" rel=\"nofollow\" href=\"https://arxiv.org/abs/1807.10535\"\u003eNetSpectre: Read Arbitrary Memory over Network\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Password breach teaches Reddit that, yes, phone-based 2FA is that bad\" rel=\"nofollow\" href=\"https://arstechnica.com/information-technology/2018/08/password-breach-teaches-reddit-that-yes-phone-based-2fa-is-that-bad/\"\u003ePassword breach teaches Reddit that, yes, phone-based 2FA is that bad\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"We had a security incident.\" rel=\"nofollow\" href=\"https://www.reddit.com/r/announcements/comments/93qnm5/we_had_a_security_incident_heres_what_you_need_to/?st=JKBEHH8G\u0026amp;sh=562ab497\"\u003eWe had a security incident.\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Google Employees Use a Physical Token as Their Second Authentication Factor\" rel=\"nofollow\" href=\"https://www.schneier.com/blog/archives/2018/07/google_employee.html\"\u003eGoogle Employees Use a Physical Token as Their Second Authentication Factor\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Cisco is buying Duo Security for $2.35B in cash\" rel=\"nofollow\" href=\"https://techcrunch.com/2018/08/02/cisco-is-buying-duo-security-for-2-35b-in-cash/\"\u003eCisco is buying Duo Security for $2.35B in cash\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Reddit’s Two Factor procedures fail, while Google’s prevents years of attacks. We’ll look at the different approaches, and discuss the fundamental weakness of Reddit’s approach.","date_published":"2018-08-02T18:30:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/3ec742ee-24f7-4eee-a5a0-c40c5248e31b.mp3","mime_type":"audio/mpeg","size_in_bytes":27355773,"duration_in_seconds":1916}]},{"id":"01754d0c-6956-4f6e-a545-e7ec9f178bb5","title":"Episode 377: Linux Under Pressure","url":"https://techsnap.systems/377","content_text":"Some new tools will give you better insights into your system under extreme load, and we flash back to the days of AOL and discuss the new way social hackers are spreading malware.\n\nPlus the death of a TLD, the return of SamSam, and more!Sponsored By:Digital Ocean: Apply our promo snapocean after you create your account, and get a $10 credit. Promo Code: snapoceaniXSystems: Get a system purpose built for you. Promo Code: Tell them we sent you!Ting: Save $25 off a device, or get $25 in service credits! Promo Code: Visit techsnap.ting.comLinks:psi: pressure stall information for CPU, memory, and IO v2 — PSI aggregates and reports the overall wallclock time in which the\r\ntasks in a system (or cgroup) wait for contended hardware resources.Chinese “hackers” are sending malware via snail mail — The trick is simple: a package arrives with a Chinese postmark containing a rambling message and a small CD. The CD, in turn, contains a set of Word files that include script-based malware. These scripts run when the victims access them on their computers, presumably resulting in compromised systems.The death of a TLDSamSam: The (almost) $6 million ransomware — Through original analysis, interviews and research, and by collaborating closely with industry partners and a specialist cryptocurrency monitoring organisation, Sophos has uncovered new details about how the secretive and sophisticated SamSam ransomware is used, who’s been targeted, how it works and how it’s evolving.Open sourcing oomd, a new approach to handling OOMs — As our infrastructure has scaled, we’ve found that an increasing fraction of our machines and networks span multiple generations. One side effect of this multigenerational production environment is that a new software release or configuration change might result in a system running healthily on one machine but experiencing an out-of-memory (OOM) issue on another.Tyler's recent job story","content_html":"\u003cp\u003eSome new tools will give you better insights into your system under extreme load, and we flash back to the days of AOL and discuss the new way social hackers are spreading malware.\u003c/p\u003e\n\n\u003cp\u003ePlus the death of a TLD, the return of SamSam, and more!\u003c/p\u003e\u003cp\u003eSponsored By:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"https://do.co/snap\"\u003eDigital Ocean\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"https://do.co/snap\"\u003eApply our promo snapocean after you create your account, and get a $10 credit.\u003c/a\u003e Promo Code: snapocean\u003c/li\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"http://ixsystems.com/techsnap\"\u003eiXSystems\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"http://ixsystems.com/techsnap\"\u003eGet a system purpose built for you.\u003c/a\u003e Promo Code: Tell them we sent you!\u003c/li\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"http://techsnap.ting.com\"\u003eTing\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"http://techsnap.ting.com\"\u003eSave $25 off a device, or get $25 in service credits!\u003c/a\u003e Promo Code: Visit techsnap.ting.com\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"psi: pressure stall information for CPU, memory, and IO v2\" rel=\"nofollow\" href=\"https://lwn.net/Articles/759658/\"\u003epsi: pressure stall information for CPU, memory, and IO v2\u003c/a\u003e \u0026mdash; PSI aggregates and reports the overall wallclock time in which the\r\ntasks in a system (or cgroup) wait for contended hardware resources.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Chinese “hackers” are sending malware via snail mail\" rel=\"nofollow\" href=\"https://techcrunch.com/2018/07/30/chinese-hackers-are-sending-malware-via-snail-mail/\"\u003eChinese “hackers” are sending malware via snail mail\u003c/a\u003e \u0026mdash; The trick is simple: a package arrives with a Chinese postmark containing a rambling message and a small CD. The CD, in turn, contains a set of Word files that include script-based malware. These scripts run when the victims access them on their computers, presumably resulting in compromised systems.\u003c/li\u003e\u003cli\u003e\u003ca title=\"The death of a TLD\" rel=\"nofollow\" href=\"https://blog.benjojo.co.uk/post/the-death-of-a-tld\"\u003eThe death of a TLD\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"SamSam: The (almost) $6 million ransomware\" rel=\"nofollow\" href=\"https://nakedsecurity.sophos.com/2018/07/31/samsam-the-almost-6-million-ransomware/\"\u003eSamSam: The (almost) $6 million ransomware\u003c/a\u003e \u0026mdash; Through original analysis, interviews and research, and by collaborating closely with industry partners and a specialist cryptocurrency monitoring organisation, Sophos has uncovered new details about how the secretive and sophisticated SamSam ransomware is used, who’s been targeted, how it works and how it’s evolving.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Open sourcing oomd, a new approach to handling OOMs\" rel=\"nofollow\" href=\"https://code.fb.com/production-engineering/open-sourcing-oomd-a-new-approach-to-handling-ooms/\"\u003eOpen sourcing oomd, a new approach to handling OOMs\u003c/a\u003e \u0026mdash; As our infrastructure has scaled, we’ve found that an increasing fraction of our machines and networks span multiple generations. One side effect of this multigenerational production environment is that a new software release or configuration change might result in a system running healthily on one machine but experiencing an out-of-memory (OOM) issue on another.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Tyler\u0026#39;s recent job story\" rel=\"nofollow\" href=\"https://pastebin.com/FnfbWygS\"\u003eTyler\u0026#39;s recent job story\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Some new tools will give you better insights into your system under extreme load, and we flash back to the days of AOL and discuss the new way social hackers are spreading malware.","date_published":"2018-08-01T10:30:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/01754d0c-6956-4f6e-a545-e7ec9f178bb5.mp3","mime_type":"audio/mpeg","size_in_bytes":25089856,"duration_in_seconds":1755}]},{"id":"64ab2677-e4ea-4677-99ee-e849027b0532","title":"Episode 376: Google Don’t Front","url":"https://techsnap.systems/376","content_text":"Google and Amazon recently shutdown Domain Fronting. Their abrupt change has created a building backlash. \n\nWe’ll explain what Domain Fronting is, how activists can use it to avoid censorship, and why large organizations are compelled to disable it.\n\nPlus how road navigation systems can be spoofed with $223  in hardware, and another bad Bluetooth bug.Sponsored By:Digital Ocean: Apply our promo snapocean after you create your account, and get a $10 credit. Promo Code: snapoceaniXSystems: Get a system purpose built for you. Promo Code: Tell them we sent you!Ting: Save $25 off a device, or get $25 in service credits! Promo Code: Visit techsnap.ting.comLinks:Road navigation systems can be spoofed using $223 equipmentThe World Economy Runs on GPS. It Needs a Backup PlanBig bad Bluetooth blunder bug battered – check for security fixesVulnerability Note VU#304725 - Bluetooth Diffie-Hellman key exchangeDomain Fronting Domain Fronting Is Critical to the Open WebRussia Blocks Millions of Amazon and Google IPs in Bungled Attempt to Ban TelegramBlocking-resistant communication through domain frontingDuplicati gets some loveDuplicatiDuplicati - Docker HubInstalling Duplicati on Ubunutu LinuxBen's Backup Basics","content_html":"\u003cp\u003eGoogle and Amazon recently shutdown Domain Fronting. Their abrupt change has created a building backlash. \u003c/p\u003e\n\n\u003cp\u003eWe’ll explain what Domain Fronting is, how activists can use it to avoid censorship, and why large organizations are compelled to disable it.\u003c/p\u003e\n\n\u003cp\u003ePlus how road navigation systems can be spoofed with $223  in hardware, and another bad Bluetooth bug.\u003c/p\u003e\u003cp\u003eSponsored By:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"https://do.co/snap\"\u003eDigital Ocean\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"https://do.co/snap\"\u003eApply our promo snapocean after you create your account, and get a $10 credit.\u003c/a\u003e Promo Code: snapocean\u003c/li\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"http://ixsystems.com/techsnap\"\u003eiXSystems\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"http://ixsystems.com/techsnap\"\u003eGet a system purpose built for you.\u003c/a\u003e Promo Code: Tell them we sent you!\u003c/li\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"http://techsnap.ting.com\"\u003eTing\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"http://techsnap.ting.com\"\u003eSave $25 off a device, or get $25 in service credits!\u003c/a\u003e Promo Code: Visit techsnap.ting.com\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Road navigation systems can be spoofed using $223 equipment\" rel=\"nofollow\" href=\"https://www.hackread.com/road-navigation-systems-can-be-spoofed-using-223-equipment/?utm_campaign=Security%2BNewsletter\u0026amp;utm_source=Security_Newsletter_co_86\"\u003eRoad navigation systems can be spoofed using $223 equipment\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"The World Economy Runs on GPS. It Needs a Backup Plan\" rel=\"nofollow\" href=\"https://www.bloomberg.com/news/features/2018-07-25/the-world-economy-runs-on-gps-it-needs-a-backup-plan\"\u003eThe World Economy Runs on GPS. It Needs a Backup Plan\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Big bad Bluetooth blunder bug battered – check for security fixes\" rel=\"nofollow\" href=\"https://www.theregister.co.uk/2018/07/24/bluetooth_cryptography_bug/\"\u003eBig bad Bluetooth blunder bug battered – check for security fixes\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Vulnerability Note VU#304725 - Bluetooth Diffie-Hellman key exchange\" rel=\"nofollow\" href=\"https://www.kb.cert.org/vuls/id/304725\"\u003eVulnerability Note VU#304725 - Bluetooth Diffie-Hellman key exchange\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Domain Fronting \" rel=\"nofollow\" href=\"https://www.hackerfactor.com/blog/index.php?/archives/803-Domain-Fronting.html\"\u003eDomain Fronting \u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Domain Fronting Is Critical to the Open Web\" rel=\"nofollow\" href=\"https://blog.torproject.org/domain-fronting-critical-open-web\"\u003eDomain Fronting Is Critical to the Open Web\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Russia Blocks Millions of Amazon and Google IPs in Bungled Attempt to Ban Telegram\" rel=\"nofollow\" href=\"https://gizmodo.com/russia-blocks-millions-of-amazon-and-google-ips-in-bung-1825319498\"\u003eRussia Blocks Millions of Amazon and Google IPs in Bungled Attempt to Ban Telegram\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Blocking-resistant communication through domain fronting\" rel=\"nofollow\" href=\"https://www.bamsoftware.com/papers/fronting/\"\u003eBlocking-resistant communication through domain fronting\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Duplicati gets some love\" rel=\"nofollow\" href=\"https://pastebin.com/q3ub689P\"\u003eDuplicati gets some love\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Duplicati\" rel=\"nofollow\" href=\"https://www.duplicati.com/\"\u003eDuplicati\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Duplicati - Docker Hub\" rel=\"nofollow\" href=\"https://hub.docker.com/r/linuxserver/duplicati/\"\u003eDuplicati - Docker Hub\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Installing Duplicati on Ubunutu Linux\" rel=\"nofollow\" href=\"https://forum.duplicati.com/t/installing-duplicati-on-ubunutu-linux/743\"\u003eInstalling Duplicati on Ubunutu Linux\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Ben\u0026#39;s Backup Basics\" rel=\"nofollow\" href=\"https://pastebin.com/mb0WpyuQ\"\u003eBen\u0026#39;s Backup Basics\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"We’ll explain what Domain Fronting is, how activists can use it to avoid censorship, and why large organizations are compelled to disable it.","date_published":"2018-07-26T15:15:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/64ab2677-e4ea-4677-99ee-e849027b0532.mp3","mime_type":"audio/mpeg","size_in_bytes":30037985,"duration_in_seconds":2108}]},{"id":"a818e1e6-8b7b-452a-bdb8-8967dd8e3f0c","title":"Episode 375: Surprise Root Access","url":"https://techsnap.systems/375","content_text":"Google's Cloud Platform suffers an outage, and iPhones in India get owned after a very specific attack.\n\nPlus how a malware author built a massive 18,000 strong Botnet in one day, and Cisco finds more \"undocumented\" root passwords.Sponsored By:Digital Ocean: Apply our promo snapocean after you create your account, and get a $10 credit. Promo Code: snapoceaniXSystems: Get a system purpose built for you. Promo Code: Tell them we sent you!Ting: Save $25 off a device, or get $25 in service credits! Promo Code: Visit techsnap.ting.comLinks:Cisco Removes Undocumented Root Password From Bandwidth Monitoring SoftwareGoogle Cloud Platform reports issues; Snapchat and other popular apps affectedGoogle Cloud Status DashboardBogus Mobile Device Management system used to hack iPhones in India • The RegisterA major election software maker allowed remote access on its systems for years - The VergeRouter Crapfest: Malware Author Builds 18,000-Strong Botnet in a DayAnian wants to lean better backupHow To Choose an Effective Backup Strategy for your VPS | DigitalOceanTarsnap - Online backups for the truly paranoidBorg Documentation — Borg - Deduplicating Archiver 1.1.6 documentationborgmaticduplicity: Mainrestic · Backups done right!","content_html":"\u003cp\u003eGoogle\u0026#39;s Cloud Platform suffers an outage, and iPhones in India get owned after a very specific attack.\u003c/p\u003e\n\n\u003cp\u003ePlus how a malware author built a massive 18,000 strong Botnet in one day, and Cisco finds more \u0026quot;undocumented\u0026quot; root passwords.\u003c/p\u003e\u003cp\u003eSponsored By:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"https://do.co/snap\"\u003eDigital Ocean\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"https://do.co/snap\"\u003eApply our promo snapocean after you create your account, and get a $10 credit.\u003c/a\u003e Promo Code: snapocean\u003c/li\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"http://ixsystems.com/techsnap\"\u003eiXSystems\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"http://ixsystems.com/techsnap\"\u003eGet a system purpose built for you.\u003c/a\u003e Promo Code: Tell them we sent you!\u003c/li\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"http://techsnap.ting.com\"\u003eTing\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"http://techsnap.ting.com\"\u003eSave $25 off a device, or get $25 in service credits!\u003c/a\u003e Promo Code: Visit techsnap.ting.com\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Cisco Removes Undocumented Root Password From Bandwidth Monitoring Software\" rel=\"nofollow\" href=\"https://www.bleepingcomputer.com/news/security/cisco-removes-undocumented-root-password-from-bandwidth-monitoring-software/\"\u003eCisco Removes Undocumented Root Password From Bandwidth Monitoring Software\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Google Cloud Platform reports issues; Snapchat and other popular apps affected\" rel=\"nofollow\" href=\"https://www.cnbc.com/2018/07/13/google-cloud-platform-reports-issues-snap-and-other-popular-apps-affe.html\"\u003eGoogle Cloud Platform reports issues; Snapchat and other popular apps affected\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Google Cloud Status Dashboard\" rel=\"nofollow\" href=\"https://status.cloud.google.com/incident/cloud-networking/18012?m=1\"\u003eGoogle Cloud Status Dashboard\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Bogus Mobile Device Management system used to hack iPhones in India • The Register\" rel=\"nofollow\" href=\"https://www.theregister.co.uk/2018/07/13/bogus_mdm_iphone_snooping_india/\"\u003eBogus Mobile Device Management system used to hack iPhones in India • The Register\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"A major election software maker allowed remote access on its systems for years - The Verge\" rel=\"nofollow\" href=\"https://www.theverge.com/2018/7/17/17582818/election-software-maker-remote-access-voting-machine\"\u003eA major election software maker allowed remote access on its systems for years - The Verge\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Router Crapfest: Malware Author Builds 18,000-Strong Botnet in a Day\" rel=\"nofollow\" href=\"https://www.bleepingcomputer.com/news/security/router-crapfest-malware-author-builds-18-000-strong-botnet-in-a-day/\"\u003eRouter Crapfest: Malware Author Builds 18,000-Strong Botnet in a Day\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Anian wants to lean better backup\" rel=\"nofollow\" href=\"https://pastebin.com/JKCVLWwA\"\u003eAnian wants to lean better backup\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"How To Choose an Effective Backup Strategy for your VPS | DigitalOcean\" rel=\"nofollow\" href=\"https://www.digitalocean.com/community/tutorials/how-to-choose-an-effective-backup-strategy-for-your-vps\"\u003eHow To Choose an Effective Backup Strategy for your VPS | DigitalOcean\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Tarsnap - Online backups for the truly paranoid\" rel=\"nofollow\" href=\"http://www.tarsnap.com/\"\u003eTarsnap - Online backups for the truly paranoid\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Borg Documentation — Borg - Deduplicating Archiver 1.1.6 documentation\" rel=\"nofollow\" href=\"https://borgbackup.readthedocs.io/en/stable/\"\u003eBorg Documentation — Borg - Deduplicating Archiver 1.1.6 documentation\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"borgmatic\" rel=\"nofollow\" href=\"https://torsion.org/borgmatic/\"\u003eborgmatic\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"duplicity: Main\" rel=\"nofollow\" href=\"http://duplicity.nongnu.org/\"\u003eduplicity: Main\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"restic · Backups done right!\" rel=\"nofollow\" href=\"https://restic.net/\"\u003erestic · Backups done right!\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Google's Cloud Platform suffers an outage, and iPhones in India get owned after a very specific attack.","date_published":"2018-07-19T20:15:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/a818e1e6-8b7b-452a-bdb8-8967dd8e3f0c.mp3","mime_type":"audio/mpeg","size_in_bytes":30682489,"duration_in_seconds":2154}]},{"id":"7a87af82-bd6a-4e38-8986-767b339b094b","title":"Episode 374: Quantum Resistant Encryption","url":"https://techsnap.systems/374","content_text":"Good progress is being made on post-quantum resilient computing. We’ll explain how they’re achieving it, the risks facing traditional cryptography.\n\nPlus how bad defaults led to the theft of military Drone docs, new attacks against LTE networks, more!Sponsored By:Digital Ocean: Apply our promo snapocean after you create your account, and get a $10 credit. Promo Code: snapoceaniXSystems: Get a system purpose built for you. Promo Code: Tell them we sent you!Ting: Save $25 off a device, or get $25 in service credits! Promo Code: Visit techsnap.ting.comLinks:Hacker Steals Military Docs Because Someone Didn’t Change a Default FTP PasswordYear-Old Critical Vulnerabilities Patched in ISP Broadband Gear | The first stop for security newsTimehop admits that additional personal data was compromised in breachResearchers Uncover New Attacks Against LTE Network ProtocolBreaking LTE on Layer TwoNintendo reportedly rolling out new, more hack-resistant Switch hardwareWire and post-quantum resistanceWhat is quantum computing?Quantum Computing and its Impact on CryptographyWhy Quantum Computers Might Not Break CryptographyRemote Manage Linux Boxes?Learning OpenStack?","content_html":"\u003cp\u003eGood progress is being made on post-quantum resilient computing. We’ll explain how they’re achieving it, the risks facing traditional cryptography.\u003c/p\u003e\n\n\u003cp\u003ePlus how bad defaults led to the theft of military Drone docs, new attacks against LTE networks, more!\u003c/p\u003e\u003cp\u003eSponsored By:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"https://do.co/snap\"\u003eDigital Ocean\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"https://do.co/snap\"\u003eApply our promo snapocean after you create your account, and get a $10 credit.\u003c/a\u003e Promo Code: snapocean\u003c/li\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"http://ixsystems.com/techsnap\"\u003eiXSystems\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"http://ixsystems.com/techsnap\"\u003eGet a system purpose built for you.\u003c/a\u003e Promo Code: Tell them we sent you!\u003c/li\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"http://techsnap.ting.com\"\u003eTing\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"http://techsnap.ting.com\"\u003eSave $25 off a device, or get $25 in service credits!\u003c/a\u003e Promo Code: Visit techsnap.ting.com\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Hacker Steals Military Docs Because Someone Didn’t Change a Default FTP Password\" rel=\"nofollow\" href=\"https://www.bleepingcomputer.com/news/security/hacker-steals-military-docs-because-someone-didn-t-change-a-default-ftp-password/\"\u003eHacker Steals Military Docs Because Someone Didn’t Change a Default FTP Password\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Year-Old Critical Vulnerabilities Patched in ISP Broadband Gear | The first stop for security news\" rel=\"nofollow\" href=\"https://threatpost.com/year-old-critical-vulnerabilities-patched-in-isp-broadband-gear/133702/\"\u003eYear-Old Critical Vulnerabilities Patched in ISP Broadband Gear | The first stop for security news\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Timehop admits that additional personal data was compromised in breach\" rel=\"nofollow\" href=\"https://techcrunch.com/2018/07/11/timehop-data-breach/\"\u003eTimehop admits that additional personal data was compromised in breach\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Researchers Uncover New Attacks Against LTE Network Protocol\" rel=\"nofollow\" href=\"https://thehackernews.com/2018/06/4g-lte-network-hacking.html\"\u003eResearchers Uncover New Attacks Against LTE Network Protocol\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Breaking LTE on Layer Two\" rel=\"nofollow\" href=\"https://www.alter-attack.net/\"\u003eBreaking LTE on Layer Two\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Nintendo reportedly rolling out new, more hack-resistant Switch hardware\" rel=\"nofollow\" href=\"https://arstechnica.com/gaming/2018/07/nintendo-reportedly-rolling-out-new-more-hack-proof-switch-hardware/\"\u003eNintendo reportedly rolling out new, more hack-resistant Switch hardware\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Wire and post-quantum resistance\" rel=\"nofollow\" href=\"https://blog.wire.com/blog/post-quantum-resistance-wire/\"\u003eWire and post-quantum resistance\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"What is quantum computing?\" rel=\"nofollow\" href=\"https://www.research.ibm.com/ibm-q/learn/what-is-quantum-computing/\"\u003eWhat is quantum computing?\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Quantum Computing and its Impact on Cryptography\" rel=\"nofollow\" href=\"https://www.cryptomathic.com/news-events/blog/quantum-computing-and-its-impact-on-cryptography\"\u003eQuantum Computing and its Impact on Cryptography\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Why Quantum Computers Might Not Break Cryptography\" rel=\"nofollow\" href=\"https://www.quantamagazine.org/why-quantum-computers-might-not-break-cryptography-20170515/\"\u003eWhy Quantum Computers Might Not Break Cryptography\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Remote Manage Linux Boxes?\" rel=\"nofollow\" href=\"https://pastebin.com/fb7qDb9q\"\u003eRemote Manage Linux Boxes?\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Learning OpenStack?\" rel=\"nofollow\" href=\"https://pastebin.com/JQspmLM9\"\u003eLearning OpenStack?\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Good progress is being made on post-quantum resilient computing. We’ll explain how they’re achieving it, the risks facing traditional cryptography.","date_published":"2018-07-13T05:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/7a87af82-bd6a-4e38-8986-767b339b094b.mp3","mime_type":"audio/mpeg","size_in_bytes":40621792,"duration_in_seconds":2864}]},{"id":"0888564b-a3e6-446c-9713-e9f8dbad9f5a","title":"Episode 373: FreeBSD Already Does That","url":"https://techsnap.systems/373","content_text":"Allan Jude and Wes sit-down for a special live edition of the TechSNAP program.\n\nJoined by Jed and Jeff they have a wide ranging organic conversation. Special Guest: Allan Jude.Sponsored By:Digital Ocean: Apply our promo snapocean after you create your account, and get a $10 credit. Promo Code: snapoceaniXSystems: Get a system purpose built for you. Promo Code: Tell them we sent you!Ting: Save $25 off a device, or get $25 in service credits! Promo Code: Visit techsnap.ting.com","content_html":"\u003cp\u003eAllan Jude and Wes sit-down for a special live edition of the TechSNAP program.\u003c/p\u003e\n\n\u003cp\u003eJoined by Jed and Jeff they have a wide ranging organic conversation. \u003c/p\u003e\u003cp\u003eSpecial Guest: Allan Jude.\u003c/p\u003e\u003cp\u003eSponsored By:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"https://do.co/snap\"\u003eDigital Ocean\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"https://do.co/snap\"\u003eApply our promo snapocean after you create your account, and get a $10 credit.\u003c/a\u003e Promo Code: snapocean\u003c/li\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"http://ixsystems.com/techsnap\"\u003eiXSystems\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"http://ixsystems.com/techsnap\"\u003eGet a system purpose built for you.\u003c/a\u003e Promo Code: Tell them we sent you!\u003c/li\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"http://techsnap.ting.com\"\u003eTing\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"http://techsnap.ting.com\"\u003eSave $25 off a device, or get $25 in service credits!\u003c/a\u003e Promo Code: Visit techsnap.ting.com\u003c/li\u003e\u003c/ul\u003e","summary":"Allan Jude and Wes sit-down for a special live edition of the TechSNAP program.","date_published":"2018-07-05T07:45:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/0888564b-a3e6-446c-9713-e9f8dbad9f5a.mp3","mime_type":"audio/mpeg","size_in_bytes":69344769,"duration_in_seconds":5735}]},{"id":"202308b7-ed73-4cec-bfff-12b25ddb621d","title":"Episode 372: Logs and Metrics and Traces, Oh My!","url":"https://techsnap.systems/372","content_text":"Netflix has learned the hard way how to utilize all the logs, we cover their lessons in their journey to build a fully observable system.\n\nPlus the Lazy State FPU bug that cropped up this week, backdoored Docker images, your questions, and more!Sponsored By:Digital Ocean: Apply our promo snapocean after you create your account, and get a $10 credit. Promo Code: snapoceaniXSystems: Get a system purpose built for you. Promo Code: Tell them we sent you!Ting: Save $25 off a device, or get $25 in service credits! Promo Code: Visit techsnap.ting.comLinks:INTEL-SA-00145Colin Percival on TwitterNetBSD Documentation: How lazy FPU context switch worksLazy FPU Save/Restore (CVE-2018-3665)17 Backdoored Docker Images Removed From Docker HubLessons from Building Observability Tools at NetflixJobs at Linux Academy","content_html":"\u003cp\u003eNetflix has learned the hard way how to utilize all the logs, we cover their lessons in their journey to build a fully observable system.\u003c/p\u003e\n\n\u003cp\u003ePlus the Lazy State FPU bug that cropped up this week, backdoored Docker images, your questions, and more!\u003c/p\u003e\u003cp\u003eSponsored By:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"https://do.co/snap\"\u003eDigital Ocean\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"https://do.co/snap\"\u003eApply our promo snapocean after you create your account, and get a $10 credit.\u003c/a\u003e Promo Code: snapocean\u003c/li\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"http://ixsystems.com/techsnap\"\u003eiXSystems\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"http://ixsystems.com/techsnap\"\u003eGet a system purpose built for you.\u003c/a\u003e Promo Code: Tell them we sent you!\u003c/li\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"http://techsnap.ting.com\"\u003eTing\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"http://techsnap.ting.com\"\u003eSave $25 off a device, or get $25 in service credits!\u003c/a\u003e Promo Code: Visit techsnap.ting.com\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"INTEL-SA-00145\" rel=\"nofollow\" href=\"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00145.html\"\u003eINTEL-SA-00145\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Colin Percival on Twitter\" rel=\"nofollow\" href=\"https://twitter.com/cperciva/status/1007010583244230656\"\u003eColin Percival on Twitter\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"NetBSD Documentation: How lazy FPU context switch works\" rel=\"nofollow\" href=\"http://www.netbsd.org/docs/kernel/lazyfpu.html\"\u003eNetBSD Documentation: How lazy FPU context switch works\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Lazy FPU Save/Restore (CVE-2018-3665)\" rel=\"nofollow\" href=\"https://access.redhat.com/solutions/3485131\"\u003eLazy FPU Save/Restore (CVE-2018-3665)\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"17 Backdoored Docker Images Removed From Docker Hub\" rel=\"nofollow\" href=\"https://www.bleepingcomputer.com/news/security/17-backdoored-docker-images-removed-from-docker-hub/\"\u003e17 Backdoored Docker Images Removed From Docker Hub\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Lessons from Building Observability Tools at Netflix\" rel=\"nofollow\" href=\"https://medium.com/netflix-techblog/lessons-from-building-observability-tools-at-netflix-7cfafed6ab17\"\u003eLessons from Building Observability Tools at Netflix\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Jobs at Linux Academy\" rel=\"nofollow\" href=\"https://www.linkedin.com/feed/update/urn:li:activity:6413087061917593600\"\u003eJobs at Linux Academy\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Netflix has learned the hard way how to utilize all the logs, we cover their lessons in their journey to build a fully observable system.","date_published":"2018-06-14T16:45:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/202308b7-ed73-4cec-bfff-12b25ddb621d.mp3","mime_type":"audio/mpeg","size_in_bytes":30772128,"duration_in_seconds":2161}]},{"id":"6c8e575e-ede8-4bae-b569-b82e0be33374","title":"Episode 371: They Never Learn","url":"https://techsnap.systems/371","content_text":"Microsoft puts a data center under the ocean, and they might be onto something. The Zip Slip vulnerability sneaks into your software, and VPNFilter turns out to be more complicated than first known.\n\nPlus the mass exploit of Drupalgeddon2 continues, we break down why, a batch of questions, and more.Sponsored By:Digital Ocean: Apply our promo snapocean after you create your account, and get a $10 credit. Promo Code: snapoceanTing: Save $25 off a device, or get $25 in service credits! Promo Code: Visit techsnap.ting.comiXSystems: Get a system purpose built for you. Promo Code: Tell them we sent you!Links:Microsoft sinks data centre off OrkneyHow to protect yourself from megabreaches like the one that hit TicketflyThree months later, a mass exploit of powerful Web servers continuesBreach detection with Linux filesystem forensicsZip Slip VulnerabilityVPNFilter UpdateRouterSploit: Exploitation Framework for Embedded Devices","content_html":"\u003cp\u003eMicrosoft puts a data center under the ocean, and they might be onto something. The Zip Slip vulnerability sneaks into your software, and VPNFilter turns out to be more complicated than first known.\u003c/p\u003e\n\n\u003cp\u003ePlus the mass exploit of Drupalgeddon2 continues, we break down why, a batch of questions, and more.\u003c/p\u003e\u003cp\u003eSponsored By:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"https://do.co/snap\"\u003eDigital Ocean\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"https://do.co/snap\"\u003eApply our promo snapocean after you create your account, and get a $10 credit.\u003c/a\u003e Promo Code: snapocean\u003c/li\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"http://techsnap.ting.com\"\u003eTing\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"http://techsnap.ting.com\"\u003eSave $25 off a device, or get $25 in service credits!\u003c/a\u003e Promo Code: Visit techsnap.ting.com\u003c/li\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"http://ixsystems.com/techsnap\"\u003eiXSystems\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"http://ixsystems.com/techsnap\"\u003eGet a system purpose built for you.\u003c/a\u003e Promo Code: Tell them we sent you!\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Microsoft sinks data centre off Orkney\" rel=\"nofollow\" href=\"https://www.bbc.com/news/technology-44368813\"\u003eMicrosoft sinks data centre off Orkney\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"How to protect yourself from megabreaches like the one that hit Ticketfly\" rel=\"nofollow\" href=\"https://arstechnica.com/information-technology/2018/06/how-to-protect-yourself-from-megabreaches-like-the-one-that-hit-ticketfly/\"\u003eHow to protect yourself from megabreaches like the one that hit Ticketfly\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Three months later, a mass exploit of powerful Web servers continues\" rel=\"nofollow\" href=\"https://arstechnica.com/information-technology/2018/06/three-months-later-a-mass-exploit-of-powerful-web-servers-continues/\"\u003eThree months later, a mass exploit of powerful Web servers continues\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Breach detection with Linux filesystem forensics\" rel=\"nofollow\" href=\"https://opensource.com/article/18/4/linux-filesystem-forensics?utm_campaign=Security%2BNewsletter\u0026amp;utm_source=Security_Newsletter_co_79\"\u003eBreach detection with Linux filesystem forensics\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Zip Slip Vulnerability\" rel=\"nofollow\" href=\"https://snyk.io/research/zip-slip-vulnerability\"\u003eZip Slip Vulnerability\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"VPNFilter Update\" rel=\"nofollow\" href=\"https://blog.talosintelligence.com/2018/06/vpnfilter-update.html?m=1\"\u003eVPNFilter Update\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"RouterSploit: Exploitation Framework for Embedded Devices\" rel=\"nofollow\" href=\"https://github.com/threat9/routersploit\"\u003eRouterSploit: Exploitation Framework for Embedded Devices\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Microsoft puts a data center under the ocean, and they might be onto something. The Zip Slip vulnerability sneaks into your software, and VPNFilter turns out to be more complicated than first known.","date_published":"2018-06-07T15:15:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/6c8e575e-ede8-4bae-b569-b82e0be33374.mp3","mime_type":"audio/mpeg","size_in_bytes":37806547,"duration_in_seconds":2663}]},{"id":"cbe34348-d2f2-41f1-8480-38bdbc5dd8ce","title":"Episode 370: Hidden in Plain Sight","url":"https://techsnap.systems/370","content_text":"We explain how the much hyped VPNFilter malware actually works, and its rather surprising sophistication.\n\nPlus a clear break down of the recent Kubernetes news, how a 40 year old tel-co protocol is being abused today, and a Git vulnerability you should know about.Sponsored By:Digital Ocean: Apply our promo snapocean after you create your account, and get a $10 credit. Promo Code: snapoceaniXSystems: Get a system purpose built for you. Promo Code: Tell them we sent you!Ting: Save $25 off a device, or get $25 in service credits! Promo Code: Visit techsnap.ting.comLinks:Hiding Information in Plain Text - IEEE SpectrumRemediating the May 2018 Git Security Vulnerability – Microsoft DevOps BlogWhen to use git subtree? - Stack OverflowGhostery Email Incident Update - GhosterySurprise! Student receives $36,000 Google bug bounty for RCE flaw – Naked SecuritySS7 routing-protocol breach of US cellular carrier exposed customer data | Ars TechnicaSnoopSnitch - Apps on Google PlayKubernetes Containerd Integration Goes GA - KubernetesHackers infect 500,000 consumer routers all over the world with malware | Ars TechnicaFBI seizes domain Russia allegedly used to infect 500,000 consumer routers | Ars TechnicaSingapore ISP Leaves 1,000 Routers Open to Attack | Threatpost | The first stop for security newsDon't let Frank near the serverDave decides to move some plugs... ","content_html":"\u003cp\u003eWe explain how the much hyped VPNFilter malware actually works, and its rather surprising sophistication.\u003c/p\u003e\n\n\u003cp\u003ePlus a clear break down of the recent Kubernetes news, how a 40 year old tel-co protocol is being abused today, and a Git vulnerability you should know about.\u003c/p\u003e\u003cp\u003eSponsored By:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"https://do.co/snap\"\u003eDigital Ocean\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"https://do.co/snap\"\u003eApply our promo snapocean after you create your account, and get a $10 credit.\u003c/a\u003e Promo Code: snapocean\u003c/li\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"http://ixsystems.com/techsnap\"\u003eiXSystems\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"http://ixsystems.com/techsnap\"\u003eGet a system purpose built for you.\u003c/a\u003e Promo Code: Tell them we sent you!\u003c/li\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"http://techsnap.ting.com\"\u003eTing\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"http://techsnap.ting.com\"\u003eSave $25 off a device, or get $25 in service credits!\u003c/a\u003e Promo Code: Visit techsnap.ting.com\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Hiding Information in Plain Text - IEEE Spectrum\" rel=\"nofollow\" href=\"https://spectrum.ieee.org/tech-talk/computing/software/hiding-information-in-plain-text\"\u003eHiding Information in Plain Text - IEEE Spectrum\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Remediating the May 2018 Git Security Vulnerability – Microsoft DevOps Blog\" rel=\"nofollow\" href=\"https://blogs.msdn.microsoft.com/devops/2018/05/29/announcing-the-may-2018-git-security-vulnerability/\"\u003eRemediating the May 2018 Git Security Vulnerability – Microsoft DevOps Blog\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"When to use git subtree? - Stack Overflow\" rel=\"nofollow\" href=\"https://stackoverflow.com/questions/32407634/when-to-use-git-subtree\"\u003eWhen to use git subtree? - Stack Overflow\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Ghostery Email Incident Update - Ghostery\" rel=\"nofollow\" href=\"https://www.ghostery.com/blog/ghostery-news/ghostery-email-incident-update/\"\u003eGhostery Email Incident Update - Ghostery\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Surprise! Student receives $36,000 Google bug bounty for RCE flaw – Naked Security\" rel=\"nofollow\" href=\"https://nakedsecurity.sophos.com/2018/05/23/surprise-student-receives-36000-google-bug-bounty-for-rce-flaw/\"\u003eSurprise! Student receives $36,000 Google bug bounty for RCE flaw – Naked Security\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"SS7 routing-protocol breach of US cellular carrier exposed customer data | Ars Technica\" rel=\"nofollow\" href=\"https://arstechnica.com/information-technology/2018/05/nefarious-actors-may-have-abused-routing-protocol-to-spy-on-us-phone-users/\"\u003eSS7 routing-protocol breach of US cellular carrier exposed customer data | Ars Technica\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"SnoopSnitch - Apps on Google Play\" rel=\"nofollow\" href=\"https://play.google.com/store/apps/details?id=de.srlabs.snoopsnitch\u0026amp;hl=en_US\"\u003eSnoopSnitch - Apps on Google Play\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Kubernetes Containerd Integration Goes GA - Kubernetes\" rel=\"nofollow\" href=\"https://kubernetes.io/blog/2018/05/24/kubernetes-containerd-integration-goes-ga/\"\u003eKubernetes Containerd Integration Goes GA - Kubernetes\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Hackers infect 500,000 consumer routers all over the world with malware | Ars Technica\" rel=\"nofollow\" href=\"https://arstechnica.com/information-technology/2018/05/hackers-infect-500000-consumer-routers-all-over-the-world-with-malware/\"\u003eHackers infect 500,000 consumer routers all over the world with malware | Ars Technica\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"FBI seizes domain Russia allegedly used to infect 500,000 consumer routers | Ars Technica\" rel=\"nofollow\" href=\"https://arstechnica.com/information-technology/2018/05/fbi-seizes-server-russia-allegedly-used-to-infect-500000-consumer-routers/\"\u003eFBI seizes domain Russia allegedly used to infect 500,000 consumer routers | Ars Technica\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Singapore ISP Leaves 1,000 Routers Open to Attack | Threatpost | The first stop for security news\" rel=\"nofollow\" href=\"https://threatpost.com/singapore-isp-leaves-1000-routers-open-to-attack/132315/\"\u003eSingapore ISP Leaves 1,000 Routers Open to Attack | Threatpost | The first stop for security news\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Don\u0026#39;t let Frank near the server\" rel=\"nofollow\" href=\"https://pastebin.com/sM9QicJE\"\u003eDon\u0026#39;t let Frank near the server\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Dave decides to move some plugs... \" rel=\"nofollow\" href=\"https://pastebin.com/PCNtN439\"\u003eDave decides to move some plugs... \u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"We explain how the much hyped VPNFilter malware actually works, and its rather surprising sophistication.","date_published":"2018-06-01T08:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/cbe34348-d2f2-41f1-8480-38bdbc5dd8ce.mp3","mime_type":"audio/mpeg","size_in_bytes":43765885,"duration_in_seconds":3089}]},{"id":"c9e44cac-c711-4e40-a417-2d0ecc5712e7","title":"Episode 369: Another Pass at Bypass","url":"https://techsnap.systems/369","content_text":"We’ll explain how Speculative Store Bypass works, and the new mitigation techniques that are inbound. \n\nPlus this week’s security news has a bit of a theme, and we share some great war stories sent into the show.Sponsored By:Digital Ocean: Apply our promo snapocean after you create your account, and get a $10 credit. Promo Code: snapoceaniXSystems: Get a system purpose built for you. Promo Code: Tell them we sent you!Ting: Save $25 off a device, or get $25 in service credits! Promo Code: Visit techsnap.ting.comLinks:Security Flaw Impacts Electron-Based AppsAttackers Use UPnP to Sidestep DDoS Defenses | Threatpost | The first stop for security newsAnother severe flaw in Signal desktop app lets hackers steal your chats in plaintextCritical Linux Flaw Opens the Door to Full Root Access | Threatpost | The first stop for security newsMicrosoft, Google: We've found a fourth data-leaking Meltdown-Spectre CPU hole • The RegisterSpeculative Store Bypass explained: what it is, how it worksTechSNAP Episode 351: Performance MeltdownDave's Users flip the switch!Dave's War Story is really Screwy!Egon's Adventures in misslabled VMs","content_html":"\u003cp\u003eWe’ll explain how Speculative Store Bypass works, and the new mitigation techniques that are inbound. \u003c/p\u003e\n\n\u003cp\u003ePlus this week’s security news has a bit of a theme, and we share some great war stories sent into the show.\u003c/p\u003e\u003cp\u003eSponsored By:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"https://do.co/snap\"\u003eDigital Ocean\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"https://do.co/snap\"\u003eApply our promo snapocean after you create your account, and get a $10 credit.\u003c/a\u003e Promo Code: snapocean\u003c/li\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"http://ixsystems.com/techsnap\"\u003eiXSystems\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"http://ixsystems.com/techsnap\"\u003eGet a system purpose built for you.\u003c/a\u003e Promo Code: Tell them we sent you!\u003c/li\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"http://techsnap.ting.com\"\u003eTing\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"http://techsnap.ting.com\"\u003eSave $25 off a device, or get $25 in service credits!\u003c/a\u003e Promo Code: Visit techsnap.ting.com\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Security Flaw Impacts Electron-Based Apps\" rel=\"nofollow\" href=\"https://www.bleepingcomputer.com/news/security/security-flaw-impacts-electron-based-apps/\"\u003eSecurity Flaw Impacts Electron-Based Apps\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Attackers Use UPnP to Sidestep DDoS Defenses | Threatpost | The first stop for security news\" rel=\"nofollow\" href=\"https://threatpost.com/attackers-use-upnp-to-sidestep-ddos-defenses/131981/\"\u003eAttackers Use UPnP to Sidestep DDoS Defenses | Threatpost | The first stop for security news\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Another severe flaw in Signal desktop app lets hackers steal your chats in plaintext\" rel=\"nofollow\" href=\"https://thehackernews.com/2018/05/signal-desktop-hacking.html?m=1\"\u003eAnother severe flaw in Signal desktop app lets hackers steal your chats in plaintext\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Critical Linux Flaw Opens the Door to Full Root Access | Threatpost | The first stop for security news\" rel=\"nofollow\" href=\"https://threatpost.com/critical-linux-flaw-opens-the-door-to-full-root-access/132034/\"\u003eCritical Linux Flaw Opens the Door to Full Root Access | Threatpost | The first stop for security news\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Microsoft, Google: We\u0026#39;ve found a fourth data-leaking Meltdown-Spectre CPU hole • The Register\" rel=\"nofollow\" href=\"https://www.theregister.co.uk/2018/05/21/spectre_meltdown_v4_microsoft_google/\"\u003eMicrosoft, Google: We\u0026#39;ve found a fourth data-leaking Meltdown-Spectre CPU hole • The Register\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Speculative Store Bypass explained: what it is, how it works\" rel=\"nofollow\" href=\"https://www.redhat.com/en/blog/speculative-store-bypass-explained-what-it-how-it-works\"\u003eSpeculative Store Bypass explained: what it is, how it works\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"TechSNAP Episode 351: Performance Meltdown\" rel=\"nofollow\" href=\"http://techsnap.systems/351\"\u003eTechSNAP Episode 351: Performance Meltdown\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Dave\u0026#39;s Users flip the switch!\" rel=\"nofollow\" href=\"https://pastebin.com/LKVFaUYp\"\u003eDave\u0026#39;s Users flip the switch!\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Dave\u0026#39;s War Story is really Screwy!\" rel=\"nofollow\" href=\"https://pastebin.com/tsfjKEhb\"\u003eDave\u0026#39;s War Story is really Screwy!\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Egon\u0026#39;s Adventures in misslabled VMs\" rel=\"nofollow\" href=\"https://pastebin.com/wg4y034g\"\u003eEgon\u0026#39;s Adventures in misslabled VMs\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"We’ll explain how Speculative Store Bypass works, and the new mitigation techniques that are inbound. ","date_published":"2018-05-23T14:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/c9e44cac-c711-4e40-a417-2d0ecc5712e7.mp3","mime_type":"audio/mp3","size_in_bytes":38084184,"duration_in_seconds":2683}]},{"id":"810af786-1ddc-475f-82e7-65a38debf64e","title":"Episode 368: EFail Explained","url":"https://techsnap.systems/368","content_text":"The EFail hype-train has hit hypersonic speed, we’ll tap the breaks and explain who disclosed it, what it is, what it’s not, our recommendations, and early reactions.\n\nPlus things  to consider when deciding on-premises vs a cloud deployment, and the all business gadget from 1971 that kicked off the consumer electronics revolution. Links:The HP-35 — Consumer Electronics, an Origin StoryThe people cost of building out a Kubernetes cluster on-prem | OperosEFAIL — EFAIL describes vulnerabilities in the end-to-end encryption technologies OpenPGP and S/MIME that leak the plaintext of encrypted emails. efail-attack-paper.pdfGnuPG Efail press release Response No, PGP is not broken, not even with the Efail vulnerabilities - ProtonMail Blog — Recently, news broke about potential vulnerabilities in PGP, dubbed Efail. However, despite reports to the contrary, PGP is not actually broken, as we will explain in this post.Eric's War Story is VERY FamiliarWhen it rains it pours for SteveCritical Cisco WebEx Bug Allows Remote Code Execution Cisco WebEx and 3rd Party Support Utilities","content_html":"\u003cp\u003eThe EFail hype-train has hit hypersonic speed, we’ll tap the breaks and explain who disclosed it, what it is, what it’s not, our recommendations, and early reactions.\u003c/p\u003e\n\n\u003cp\u003ePlus things  to consider when deciding on-premises vs a cloud deployment, and the all business gadget from 1971 that kicked off the consumer electronics revolution. \u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"The HP-35\" rel=\"nofollow\" href=\"http://codex99.com/design/the-hp35.html\"\u003eThe HP-35\u003c/a\u003e \u0026mdash; Consumer Electronics, an Origin Story\u003c/li\u003e\u003cli\u003e\u003ca title=\"The people cost of building out a Kubernetes cluster on-prem | Operos\" rel=\"nofollow\" href=\"https://www.paxautoma.com/blog/2018/02/28/the-people-cost-of-building-out-kubernetes-cluster-on-prem.html\"\u003eThe people cost of building out a Kubernetes cluster on-prem | Operos\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"EFAIL\" rel=\"nofollow\" href=\"https://efail.de/\"\u003eEFAIL\u003c/a\u003e \u0026mdash; EFAIL describes vulnerabilities in the end-to-end encryption technologies OpenPGP and S/MIME that leak the plaintext of encrypted emails. \u003c/li\u003e\u003cli\u003e\u003ca title=\"efail-attack-paper.pdf\" rel=\"nofollow\" href=\"https://efail.de/efail-attack-paper.pdf\"\u003eefail-attack-paper.pdf\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"GnuPG Efail press release Response \" rel=\"nofollow\" href=\"https://lists.gnupg.org/pipermail/gnupg-users/2018-May/060334.html\"\u003eGnuPG Efail press release Response \u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"No, PGP is not broken, not even with the Efail vulnerabilities - ProtonMail Blog\" rel=\"nofollow\" href=\"https://protonmail.com/blog/pgp-vulnerability-efail/\"\u003eNo, PGP is not broken, not even with the Efail vulnerabilities - ProtonMail Blog\u003c/a\u003e \u0026mdash; Recently, news broke about potential vulnerabilities in PGP, dubbed Efail. However, despite reports to the contrary, PGP is not actually broken, as we will explain in this post.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Eric\u0026#39;s War Story is VERY Familiar\" rel=\"nofollow\" href=\"https://pastebin.com/509aJ1PN\"\u003eEric\u0026#39;s War Story is VERY Familiar\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"When it rains it pours for Steve\" rel=\"nofollow\" href=\"https://pastebin.com/cMiJQANX\"\u003eWhen it rains it pours for Steve\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Critical Cisco WebEx Bug Allows Remote Code Execution \" rel=\"nofollow\" href=\"https://threatpost.com/critical-cisco-webex-bug-allows-remote-code-execution/131657/?utm_campaign=Security%2BNewsletter\u0026amp;utm_source=Security_Newsletter_co_76\"\u003eCritical Cisco WebEx Bug Allows Remote Code Execution \u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Cisco WebEx and 3rd Party Support Utilities\" rel=\"nofollow\" href=\"https://collaborationhelp.cisco.com/article/en-us/WBX000026396\"\u003eCisco WebEx and 3rd Party Support Utilities\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"The EFail hype-train has hit hypersonic speed, we’ll tap the breaks and explain who disclosed it, what it is, what it’s not, our recommendations, and early reactions.","date_published":"2018-05-15T12:45:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/810af786-1ddc-475f-82e7-65a38debf64e.mp3","mime_type":"audio/mpeg","size_in_bytes":31418868,"duration_in_seconds":2207}]},{"id":"7e453cc2-5a2c-46a3-8ff4-eaec869e0dde","title":"Episode 367: FreeNAS Uber Build","url":"https://techsnap.systems/367","content_text":"Our FreeNAS build is complete and Allan’s back to cover the final details. Plus the new GPU attack against Android phones, and a perfect example of poor IoT security.Sponsored By:Digital Ocean: Apply our promo snapocean after you create your account, and get a $10 credit. Promo Code: snapoceaniXSystems: Get a system purpose built for you. Promo Code: Tell them we sent you!Ting: Save $25 off a device, or get $25 in service credits! Promo Code: Visit techsnap.ting.comLinks:Drive-by Rowhammer attack uses GPU to compromise an Android phone | Ars Technica — JavaScript based GLitch pwns browsers by flipping bits inside memory chips.\r\nRooting a Logitech Harmony Hub — Exploitation of these vulnerabilities from the local network could allow an attacker to control the devices linked to the Hub as well as use the Hub as an execution space to attack other devices on the local networkA Complete Guide to FreeNAS Hardware Design, Part I: Purpose and Best Practices — If it’s imperative that your ZFS based system must always be available, ECC RAM is a requirement. If it’s only some level of annoying (slightly, moderately…) that you need to restore your ZFS system from backups, non-ECC RAM will fit the bill.FreeNAS: A Worst Practices GuideJason likes HubbleBryan Nuked an email server once...Humble Book Bundle: DevOps by Packt (pay what you want and help charity) — This software engineering bundle is Packt with information! Streamline your processes with ebooks like Automate it!, DevOps for Networking, Mastering Ansible, and Continuous Delivery with Docker and Jenkins. You'll also get helpful videos including Mastering DevOps, Mastering Windows PowerShell 5 Administration, Learning Kubernetes, and more.","content_html":"\u003cp\u003eOur FreeNAS build is complete and Allan’s back to cover the final details. Plus the new GPU attack against Android phones, and a perfect example of poor IoT security.\u003c/p\u003e\u003cp\u003eSponsored By:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"https://do.co/snap\"\u003eDigital Ocean\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"https://do.co/snap\"\u003eApply our promo snapocean after you create your account, and get a $10 credit.\u003c/a\u003e Promo Code: snapocean\u003c/li\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"http://ixsystems.com/techsnap\"\u003eiXSystems\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"http://ixsystems.com/techsnap\"\u003eGet a system purpose built for you.\u003c/a\u003e Promo Code: Tell them we sent you!\u003c/li\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"http://techsnap.ting.com\"\u003eTing\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"http://techsnap.ting.com\"\u003eSave $25 off a device, or get $25 in service credits!\u003c/a\u003e Promo Code: Visit techsnap.ting.com\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Drive-by Rowhammer attack uses GPU to compromise an Android phone | Ars Technica\" rel=\"nofollow\" href=\"https://arstechnica.com/information-technology/2018/05/drive-by-rowhammer-attack-uses-gpu-to-compromise-an-android-phone/\"\u003eDrive-by Rowhammer attack uses GPU to compromise an Android phone | Ars Technica\u003c/a\u003e \u0026mdash; JavaScript based GLitch pwns browsers by flipping bits inside memory chips.\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"Rooting a Logitech Harmony Hub\" rel=\"nofollow\" href=\"https://www.fireeye.com/blog/threat-research/2018/05/rooting-logitech-harmony-hub-improving-iot-security.html\"\u003eRooting a Logitech Harmony Hub\u003c/a\u003e \u0026mdash; Exploitation of these vulnerabilities from the local network could allow an attacker to control the devices linked to the Hub as well as use the Hub as an execution space to attack other devices on the local network\u003c/li\u003e\u003cli\u003e\u003ca title=\"A Complete Guide to FreeNAS Hardware Design, Part I: Purpose and Best Practices\" rel=\"nofollow\" href=\"http://www.freenas.org/blog/a-complete-guide-to-freenas-hardware-design-part-i-purpose-and-best-practices/\"\u003eA Complete Guide to FreeNAS Hardware Design, Part I: Purpose and Best Practices\u003c/a\u003e \u0026mdash; If it’s imperative that your ZFS based system must always be available, ECC RAM is a requirement. If it’s only some level of annoying (slightly, moderately…) that you need to restore your ZFS system from backups, non-ECC RAM will fit the bill.\u003c/li\u003e\u003cli\u003e\u003ca title=\"FreeNAS: A Worst Practices Guide\" rel=\"nofollow\" href=\"http://www.freenas.org/blog/freenas-worst-practices/\"\u003eFreeNAS: A Worst Practices Guide\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Jason likes Hubble\" rel=\"nofollow\" href=\"https://pastebin.com/yEmsXjDX\"\u003eJason likes Hubble\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Bryan Nuked an email server once...\" rel=\"nofollow\" href=\"https://pastebin.com/kJEZNHwm\"\u003eBryan Nuked an email server once...\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Humble Book Bundle: DevOps by Packt (pay what you want and help charity)\" rel=\"nofollow\" href=\"https://www.humblebundle.com/books/devops-books\"\u003eHumble Book Bundle: DevOps by Packt (pay what you want and help charity)\u003c/a\u003e \u0026mdash; This software engineering bundle is Packt with information! Streamline your processes with ebooks like Automate it!, DevOps for Networking, Mastering Ansible, and Continuous Delivery with Docker and Jenkins. You'll also get helpful videos including Mastering DevOps, Mastering Windows PowerShell 5 Administration, Learning Kubernetes, and more.\u003c/li\u003e\u003c/ul\u003e","summary":"Our FreeNAS build is complete and Allan’s back to cover the final details. Plus the new GPU attack against Android phones, and a perfect example of poor IoT security.","date_published":"2018-05-08T17:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/7e453cc2-5a2c-46a3-8ff4-eaec869e0dde.mp3","mime_type":"audio/mpeg","size_in_bytes":31661829,"duration_in_seconds":2224}]},{"id":"c3a8238e-1697-4086-90d1-7b9a02d8379c","title":"Episode 366: Catching up with Allan","url":"https://techsnap.systems/366","content_text":"We catch up with Allan Jude and he shares stories of hunting network bottlenecks, memories of old firewalls, and some classic ZFS updates.\n\nPlus the vulnerabilities found in Volkswagen cars, and the lengths a security research went to create the ultimate honeypot laptop.Special Guest: Allan Jude.Sponsored By:Digital Ocean: Apply our promo snapocean after you create your account, and get a $10 credit. Promo Code: snapoceanTing: Save $25 off a device, or get $25 in service credits! Promo Code: Visit techsnap.ting.comiXSystems: Get a system purpose built for you. Promo Code: Tell them we sent you!Links:Volkswagen and Audi Cars Vulnerable to Remote Hacking — esearchers also gained access to the IVI system's root account, which they say allowed them access to other car data.It’s Impossible to Prove Your Laptop Hasn’t Been Hacked. I Spent Two Years Finding Out. — For the last two years, I have carried a “honeypot” laptop with me every time I’ve traveled; this computer was intended to attract (and then detect) tampering.chipsec —  Platform Security Assessment Framework UEFITool — UEFI firmware image viewer and editor Haven Project — Haven is for people who need a way to protect their personal spaces and possessions without compromising their own privacy, through an Android app and on-device sensorsMr S. Delivers on his DO FreeNAS GuideOZ Shares a War StoryDave's REALLY Close Call...Karl Gives us the CTO View on new HiresOur Approach to Employee Security Training | PagerDuty — These are both training courses that we developed in-house and delivered ourselves.","content_html":"\u003cp\u003eWe catch up with Allan Jude and he shares stories of hunting network bottlenecks, memories of old firewalls, and some classic ZFS updates.\u003c/p\u003e\n\n\u003cp\u003ePlus the vulnerabilities found in Volkswagen cars, and the lengths a security research went to create the ultimate honeypot laptop.\u003c/p\u003e\u003cp\u003eSpecial Guest: Allan Jude.\u003c/p\u003e\u003cp\u003eSponsored By:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"https://do.co/snap\"\u003eDigital Ocean\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"https://do.co/snap\"\u003eApply our promo snapocean after you create your account, and get a $10 credit.\u003c/a\u003e Promo Code: snapocean\u003c/li\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"http://techsnap.ting.com\"\u003eTing\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"http://techsnap.ting.com\"\u003eSave $25 off a device, or get $25 in service credits!\u003c/a\u003e Promo Code: Visit techsnap.ting.com\u003c/li\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"http://ixsystems.com/techsnap\"\u003eiXSystems\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"http://ixsystems.com/techsnap\"\u003eGet a system purpose built for you.\u003c/a\u003e Promo Code: Tell them we sent you!\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Volkswagen and Audi Cars Vulnerable to Remote Hacking\" rel=\"nofollow\" href=\"https://www.bleepingcomputer.com/news/security/volkswagen-and-audi-cars-vulnerable-to-remote-hacking/\"\u003eVolkswagen and Audi Cars Vulnerable to Remote Hacking\u003c/a\u003e \u0026mdash; esearchers also gained access to the IVI system's root account, which they say allowed them access to other car data.\u003c/li\u003e\u003cli\u003e\u003ca title=\"It’s Impossible to Prove Your Laptop Hasn’t Been Hacked. I Spent Two Years Finding Out.\" rel=\"nofollow\" href=\"https://theintercept.com/2018/04/28/computer-malware-tampering/\"\u003eIt’s Impossible to Prove Your Laptop Hasn’t Been Hacked. I Spent Two Years Finding Out.\u003c/a\u003e \u0026mdash; For the last two years, I have carried a “honeypot” laptop with me every time I’ve traveled; this computer was intended to attract (and then detect) tampering.\u003c/li\u003e\u003cli\u003e\u003ca title=\"chipsec\" rel=\"nofollow\" href=\"https://github.com/chipsec/chipsec\"\u003echipsec\u003c/a\u003e \u0026mdash;  Platform Security Assessment Framework \u003c/li\u003e\u003cli\u003e\u003ca title=\"UEFITool\" rel=\"nofollow\" href=\"https://github.com/LongSoft/UEFITool\"\u003eUEFITool\u003c/a\u003e \u0026mdash; UEFI firmware image viewer and editor \u003c/li\u003e\u003cli\u003e\u003ca title=\"Haven Project\" rel=\"nofollow\" href=\"https://guardianproject.github.io/haven/\"\u003eHaven Project\u003c/a\u003e \u0026mdash; Haven is for people who need a way to protect their personal spaces and possessions without compromising their own privacy, through an Android app and on-device sensors\u003c/li\u003e\u003cli\u003e\u003ca title=\"Mr S. Delivers on his DO FreeNAS Guide\" rel=\"nofollow\" href=\"https://pastebin.com/sYV5pjQg\"\u003eMr S. Delivers on his DO FreeNAS Guide\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"OZ Shares a War Story\" rel=\"nofollow\" href=\"https://pastebin.com/rWVgzd03\"\u003eOZ Shares a War Story\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Dave\u0026#39;s REALLY Close Call...\" rel=\"nofollow\" href=\"https://pastebin.com/mmtqt4g4\"\u003eDave\u0026#39;s REALLY Close Call...\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Karl Gives us the CTO View on new Hires\" rel=\"nofollow\" href=\"https://pastebin.com/bN3SHfyv\"\u003eKarl Gives us the CTO View on new Hires\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Our Approach to Employee Security Training | PagerDuty\" rel=\"nofollow\" href=\"https://www.pagerduty.com/blog/security-training-at-pagerduty/\"\u003eOur Approach to Employee Security Training | PagerDuty\u003c/a\u003e \u0026mdash; These are both training courses that we developed in-house and delivered ourselves.\u003c/li\u003e\u003c/ul\u003e","summary":"We catch up with Allan Jude and he shares stories of hunting network bottlenecks, memories of old firewalls, and some classic ZFS updates.","date_published":"2018-05-02T15:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/c3a8238e-1697-4086-90d1-7b9a02d8379c.mp3","mime_type":"audio/mpeg","size_in_bytes":41294844,"duration_in_seconds":2912}]},{"id":"bebfb1b6-cfe5-4c97-855e-24922aeb957c","title":"Episode 365: The Unfixable Exploit","url":"https://techsnap.systems/365","content_text":"Hardware flaws that can’t be solved, human errors at the physical layer, and spoofing cellular networks with a $5 dongle. Sponsored By:iXSystems: Get a system purpose built for you. Promo Code: Tell them we sent you!Digital Ocean: Apply our promo snapocean after you create your account, and get a $10 credit. Promo Code: snapoceanTing: Save $25 off a device, or get $25 in service credits! Promo Code: Visit techsnap.ting.comLinks:Sysadmin unplugged wrong server, ran away, hoped nobody noticed • The Register — ‘I was a snot-nosed kid fresh out of college and thought I knew everything!’Spoofing Cell Networks with a USB to VGA Adapter | Hackaday —  Available through the usual overseas suppliers for as little has $5 USD, these devices can be used unmodified to transmit low-power FM, DAB, DVB-T, GSM, UMTS and GPS signals.ShofEL2, a Tegra X1 and Nintendo Switch exploit — The Tegra X1 (also known as Tegra210) SoC inside the Nintendo Switch contains an exploitable bug that allow taking control over early execution, bypassing all signature checks.Atlanta spends more than $2 million to recover from ransomware attack — . It appears that firms Secureworks and Ernst \u0026amp; Young were paid $650,000 and $600,000, respectively, for emergency services while Edelman was paid $50,000 for crisis communication services. Overall, the funds seemingly applied to the ransomware attack response add up to approximately $2.7 million.Google Chrome 66 Released Today Focuses on Security — The biggest change is that Google Chrome will start showing SSL certificate errors for all Symantec certs issued before June 1, 2016. This is \"stage two\" of Google's long-term plan on distrusting Symantec certificates altogether.Where to get started with monitoring?defunkt uses a fool tools for his networkBrian shares some love for ZabbixVMware Patches Pwn2Own VM Escape Vulnerabilities — VMware on Tuesday patched a series of vulnerabilities uncovered earlier this month at Pwn2Own. The flaws enabled an attacker to execute code on a workstation and carry out a virtual machine escape to attack a host server.balena - A Moby-based container engine for IoT — A Moby-based container engine for IoT","content_html":"\u003cp\u003eHardware flaws that can’t be solved, human errors at the physical layer, and spoofing cellular networks with a $5 dongle. \u003c/p\u003e\u003cp\u003eSponsored By:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"http://ixsystems.com/techsnap\"\u003eiXSystems\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"http://ixsystems.com/techsnap\"\u003eGet a system purpose built for you.\u003c/a\u003e Promo Code: Tell them we sent you!\u003c/li\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"https://do.co/snap\"\u003eDigital Ocean\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"https://do.co/snap\"\u003eApply our promo snapocean after you create your account, and get a $10 credit.\u003c/a\u003e Promo Code: snapocean\u003c/li\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"http://techsnap.ting.com\"\u003eTing\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"http://techsnap.ting.com\"\u003eSave $25 off a device, or get $25 in service credits!\u003c/a\u003e Promo Code: Visit techsnap.ting.com\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Sysadmin unplugged wrong server, ran away, hoped nobody noticed • The Register\" rel=\"nofollow\" href=\"https://www.theregister.co.uk/2018/04/23/who_me/\"\u003eSysadmin unplugged wrong server, ran away, hoped nobody noticed • The Register\u003c/a\u003e \u0026mdash; ‘I was a snot-nosed kid fresh out of college and thought I knew everything!’\u003c/li\u003e\u003cli\u003e\u003ca title=\"Spoofing Cell Networks with a USB to VGA Adapter | Hackaday\" rel=\"nofollow\" href=\"https://hackaday.com/2018/04/23/spoofing-cell-networks-with-a-usb-to-vga-adapter/\"\u003eSpoofing Cell Networks with a USB to VGA Adapter | Hackaday\u003c/a\u003e \u0026mdash;  Available through the usual overseas suppliers for as little has $5 USD, these devices can be used unmodified to transmit low-power FM, DAB, DVB-T, GSM, UMTS and GPS signals.\u003c/li\u003e\u003cli\u003e\u003ca title=\"ShofEL2, a Tegra X1 and Nintendo Switch exploit\" rel=\"nofollow\" href=\"https://fail0verflow.com/blog/2018/shofel2/\"\u003eShofEL2, a Tegra X1 and Nintendo Switch exploit\u003c/a\u003e \u0026mdash; The Tegra X1 (also known as Tegra210) SoC inside the Nintendo Switch contains an exploitable bug that allow taking control over early execution, bypassing all signature checks.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Atlanta spends more than $2 million to recover from ransomware attack\" rel=\"nofollow\" href=\"https://www.engadget.com/2018/04/23/atlanta-spends-over-2-million-ransomware-recovery/\"\u003eAtlanta spends more than $2 million to recover from ransomware attack\u003c/a\u003e \u0026mdash; . It appears that firms Secureworks and Ernst \u0026 Young were paid $650,000 and $600,000, respectively, for emergency services while Edelman was paid $50,000 for crisis communication services. Overall, the funds seemingly applied to the ransomware attack response add up to approximately $2.7 million.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Google Chrome 66 Released Today Focuses on Security\" rel=\"nofollow\" href=\"https://www.bleepingcomputer.com/news/google/google-chrome-66-released-today-focuses-on-security/\"\u003eGoogle Chrome 66 Released Today Focuses on Security\u003c/a\u003e \u0026mdash; The biggest change is that Google Chrome will start showing SSL certificate errors for all Symantec certs issued before June 1, 2016. This is \"stage two\" of Google's long-term plan on distrusting Symantec certificates altogether.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Where to get started with monitoring?\" rel=\"nofollow\" href=\"https://pastebin.com/bPn1cGLV\"\u003eWhere to get started with monitoring?\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"defunkt uses a fool tools for his network\" rel=\"nofollow\" href=\"https://pastebin.com/aFmwbguq\"\u003edefunkt uses a fool tools for his network\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Brian shares some love for Zabbix\" rel=\"nofollow\" href=\"https://pastebin.com/z93N6GzR\"\u003eBrian shares some love for Zabbix\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"VMware Patches Pwn2Own VM Escape Vulnerabilities\" rel=\"nofollow\" href=\"https://threatpost.com/vmware-patches-pwn2own-vm-escape-vulnerabilities/124629/\"\u003eVMware Patches Pwn2Own VM Escape Vulnerabilities\u003c/a\u003e \u0026mdash; VMware on Tuesday patched a series of vulnerabilities uncovered earlier this month at Pwn2Own. The flaws enabled an attacker to execute code on a workstation and carry out a virtual machine escape to attack a host server.\u003c/li\u003e\u003cli\u003e\u003ca title=\"balena - A Moby-based container engine for IoT\" rel=\"nofollow\" href=\"https://www.balena.io/\"\u003ebalena - A Moby-based container engine for IoT\u003c/a\u003e \u0026mdash; A Moby-based container engine for IoT\u003c/li\u003e\u003c/ul\u003e","summary":"Hardware flaws that can’t be solved, human errors at the physical layer, and spoofing cellular networks with a $5 dongle. ","date_published":"2018-04-24T17:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/bebfb1b6-cfe5-4c97-855e-24922aeb957c.mp3","mime_type":"audio/mpeg","size_in_bytes":33195967,"duration_in_seconds":2334}]},{"id":"a667b0ef-12f5-4934-aea6-f713674f2647","title":"Episode 364: The Case for Monitoring","url":"https://techsnap.systems/364","content_text":"We cover all the bases this week in our TechSNAP introduction to server monitoring.\n\nWhy you should monitor, what you should monitor, the basics of Nagios, the biggest drawbacks of Nagios, its alternatives, and our lessons learned from the trenches. Sponsored By:Digital Ocean: Apply our promo snapocean after you create your account, and get a $10 credit. Promo Code: snapoceanTing: Save $25 off a device, or get $25 in service credits! Promo Code: Visit techsnap.ting.comiXSystems: Get a system purpose built for you. Promo Code: Tell them we sent you!Links:Why Bother with Server Monitoring? — Once a network or server has been installed, how do you know it is working as it should?  Just like a car or any appliance, it may need maintenance or parts replaced to keep it in top working order.  Network and server monitoring allows the Network Administrator to see how hardware and software are performing.  We can look for certain signs or warnings that the system is not working efficiently and take action to fix things to prevent system degradation or failure.What is Nagios?  — Monitoring of network services such as SMTP, POP2, HTTP, NNTP, ICMP, SNMP, FTP, SSH.A Real Example Of Nagios Monitoring — \r\n\r\nThere are two major problems the monitoring solves: alerting and trending. Alerting is to notify the person in charge about a major event like service failing to work. Trending is to track the change of something over time – disk or memory usage, replication lag etc.graphios — A program to send nagios perf data to graphite (carbon) / statsd / librato / influxdb Sensu — Sensu’s platform is the solution to the monitoring problems you’re facing today, and the right foundation for your organization tomorrow. From bare metal to Kubernetes—get complete visibility across every system, every protocol, every time.Sensu: Finally the Nagios Replacement I Have Been Looking For! – Chariot SolutionsIcinga 2 — With the RESTful API of Icinga 2 you can update your configurations on the fly or show live information about current problems on your custom dashboards. You can process check results from third party tools or tell the Core to run actions interactively. The interface is secured with SSL. Access control can be configured fine grained and per user.Nagios Vs. Icinga: the real story of one of the most heated forks in free softwarePhill Barber's Blog: Nagios vs Sensu vs Icinga2Prometheus — Power your metrics and alerting with a leading\r\nopen-source monitoring solution.nagios - Docker Hub — Nagios Core with Nagiosgraph, check_nrpe, custom checks \u0026amp; XMPP NotificationsPrevious TechSNAP Coverage: Keeping it Up | TechSNAP 20Dax was inspired by last weeks episode","content_html":"\u003cp\u003eWe cover all the bases this week in our TechSNAP introduction to server monitoring.\u003c/p\u003e\n\n\u003cp\u003eWhy you should monitor, what you should monitor, the basics of Nagios, the biggest drawbacks of Nagios, its alternatives, and our lessons learned from the trenches. \u003c/p\u003e\u003cp\u003eSponsored By:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"https://do.co/snap\"\u003eDigital Ocean\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"https://do.co/snap\"\u003eApply our promo snapocean after you create your account, and get a $10 credit.\u003c/a\u003e Promo Code: snapocean\u003c/li\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"http://techsnap.ting.com\"\u003eTing\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"http://techsnap.ting.com\"\u003eSave $25 off a device, or get $25 in service credits!\u003c/a\u003e Promo Code: Visit techsnap.ting.com\u003c/li\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"http://ixsystems.com/techsnap\"\u003eiXSystems\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"http://ixsystems.com/techsnap\"\u003eGet a system purpose built for you.\u003c/a\u003e Promo Code: Tell them we sent you!\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Why Bother with Server Monitoring?\" rel=\"nofollow\" href=\"http://www.applicationperformancemanagement.org/monitoring/server-monitoring/\"\u003eWhy Bother with Server Monitoring?\u003c/a\u003e \u0026mdash; Once a network or server has been installed, how do you know it is working as it should?  Just like a car or any appliance, it may need maintenance or parts replaced to keep it in top working order.  Network and server monitoring allows the Network Administrator to see how hardware and software are performing.  We can look for certain signs or warnings that the system is not working efficiently and take action to fix things to prevent system degradation or failure.\u003c/li\u003e\u003cli\u003e\u003ca title=\"What is Nagios? \" rel=\"nofollow\" href=\"https://medium.com/linux-monitoring-with-nagios/what-is-nagios-64e547db57ca\"\u003eWhat is Nagios? \u003c/a\u003e \u0026mdash; Monitoring of network services such as SMTP, POP2, HTTP, NNTP, ICMP, SNMP, FTP, SSH.\u003c/li\u003e\u003cli\u003e\u003ca title=\"A Real Example Of Nagios Monitoring\" rel=\"nofollow\" href=\"https://twindb.com/about-nagios-best-practices/\"\u003eA Real Example Of Nagios Monitoring\u003c/a\u003e \u0026mdash; \r\n\r\nThere are two major problems the monitoring solves: alerting and trending. Alerting is to notify the person in charge about a major event like service failing to work. Trending is to track the change of something over time – disk or memory usage, replication lag etc.\u003c/li\u003e\u003cli\u003e\u003ca title=\"graphios\" rel=\"nofollow\" href=\"https://github.com/shawn-sterling/graphios\"\u003egraphios\u003c/a\u003e \u0026mdash; A program to send nagios perf data to graphite (carbon) / statsd / librato / influxdb \u003c/li\u003e\u003cli\u003e\u003ca title=\"Sensu\" rel=\"nofollow\" href=\"https://sensu.io/\"\u003eSensu\u003c/a\u003e \u0026mdash; Sensu’s platform is the solution to the monitoring problems you’re facing today, and the right foundation for your organization tomorrow. From bare metal to Kubernetes—get complete visibility across every system, every protocol, every time.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Sensu: Finally the Nagios Replacement I Have Been Looking For! – Chariot Solutions\" rel=\"nofollow\" href=\"https://chariotsolutions.com/blog/post/sensu-finally-nagios-replacement-looking/\"\u003eSensu: Finally the Nagios Replacement I Have Been Looking For! – Chariot Solutions\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Icinga 2\" rel=\"nofollow\" href=\"https://www.icinga.com/products/icinga-2/\"\u003eIcinga 2\u003c/a\u003e \u0026mdash; With the RESTful API of Icinga 2 you can update your configurations on the fly or show live information about current problems on your custom dashboards. You can process check results from third party tools or tell the Core to run actions interactively. The interface is secured with SSL. Access control can be configured fine grained and per user.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Nagios Vs. Icinga: the real story of one of the most heated forks in free software\" rel=\"nofollow\" href=\"http://freesoftwaremagazine.com/articles/nagios_and_icinga/\"\u003eNagios Vs. Icinga: the real story of one of the most heated forks in free software\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Phill Barber\u0026#39;s Blog: Nagios vs Sensu vs Icinga2\" rel=\"nofollow\" href=\"http://phillbarber.blogspot.com/2015/03/nagios-vs-sensu-vs-icinga2.html\"\u003ePhill Barber\u0026#39;s Blog: Nagios vs Sensu vs Icinga2\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Prometheus\" rel=\"nofollow\" href=\"https://prometheus.io/\"\u003ePrometheus\u003c/a\u003e \u0026mdash; Power your metrics and alerting with a leading\r\nopen-source monitoring solution.\u003c/li\u003e\u003cli\u003e\u003ca title=\"nagios - Docker Hub\" rel=\"nofollow\" href=\"https://hub.docker.com/r/jasonrivers/nagios/\"\u003enagios - Docker Hub\u003c/a\u003e \u0026mdash; Nagios Core with Nagiosgraph, check_nrpe, custom checks \u0026 XMPP Notifications\u003c/li\u003e\u003cli\u003e\u003ca title=\"Previous TechSNAP Coverage: Keeping it Up | TechSNAP 20\" rel=\"nofollow\" href=\"https://www.youtube.com/watch?v=dSN6PDqK8GA\"\u003ePrevious TechSNAP Coverage: Keeping it Up | TechSNAP 20\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Dax was inspired by last weeks episode\" rel=\"nofollow\" href=\"https://pastebin.com/f20XsWVF\"\u003eDax was inspired by last weeks episode\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"We cover all the bases this week in our TechSNAP introduction to server monitoring.","date_published":"2018-04-18T12:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/a667b0ef-12f5-4934-aea6-f713674f2647.mp3","mime_type":"audio/mpeg","size_in_bytes":32205871,"duration_in_seconds":2263}]},{"id":"2f57aaaa-4b64-4c6f-809f-121a3710a543","title":"Episode 363: Tips from the Top","url":"https://techsnap.systems/363","content_text":"Getting started or getting ahead in IT is a moving target, so we’ve crowd sourced some of the best tips and advice to help.\n\nPlus a tricky use of zero-width characters to catch a leaker, a breakdown of the new BranchScope attack, and a full post-mortem of the recent Travis CI outage.Sponsored By:Digital Ocean: Apply our promo snapocean after you create your account, and get a $10 credit. Promo Code: snapoceanTing: Save $25 off a device, or get $25 in service credits! Promo Code: Visit techsnap.ting.comiXSystems: Get a system purpose built for you. Promo Code: Tell them we sent you!Links:Invisibly inserting usernames into text with Zero-Width Characters — Zero-width characters are invisible, ‘non-printing’ characters that are not displayed by the majority of applications.Incident Post-Mortem and Security Advisory — On Tuesday, 13 March 2018 at 12:04 UTC a database query was accidentally run against our production database which truncated all tables.As predicted, more branch prediction processor attacks are discovered — New attack focuses on a different part of the branch prediction system.BranchScope: A New Side-Channel Attack on Directional Branch Predictor - asplos18.pdfMathew has a neat use for TerraformDel says Learn just one thing... Mat Man has some great tipsBen says you might already be doing itMr S with a advice from recruiting stand point.","content_html":"\u003cp\u003eGetting started or getting ahead in IT is a moving target, so we’ve crowd sourced some of the best tips and advice to help.\u003c/p\u003e\n\n\u003cp\u003ePlus a tricky use of zero-width characters to catch a leaker, a breakdown of the new BranchScope attack, and a full post-mortem of the recent Travis CI outage.\u003c/p\u003e\u003cp\u003eSponsored By:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"https://do.co/snap\"\u003eDigital Ocean\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"https://do.co/snap\"\u003eApply our promo snapocean after you create your account, and get a $10 credit.\u003c/a\u003e Promo Code: snapocean\u003c/li\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"http://techsnap.ting.com\"\u003eTing\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"http://techsnap.ting.com\"\u003eSave $25 off a device, or get $25 in service credits!\u003c/a\u003e Promo Code: Visit techsnap.ting.com\u003c/li\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"http://ixsystems.com/techsnap\"\u003eiXSystems\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"http://ixsystems.com/techsnap\"\u003eGet a system purpose built for you.\u003c/a\u003e Promo Code: Tell them we sent you!\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Invisibly inserting usernames into text with Zero-Width Characters\" rel=\"nofollow\" href=\"https://medium.com/@umpox/be-careful-what-you-copy-invisibly-inserting-usernames-into-text-with-zero-width-characters-18b4e6f17b66\"\u003eInvisibly inserting usernames into text with Zero-Width Characters\u003c/a\u003e \u0026mdash; Zero-width characters are invisible, ‘non-printing’ characters that are not displayed by the majority of applications.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Incident Post-Mortem and Security Advisory\" rel=\"nofollow\" href=\"https://blog.travis-ci.com/2018-04-03-incident-post-mortem\"\u003eIncident Post-Mortem and Security Advisory\u003c/a\u003e \u0026mdash; On Tuesday, 13 March 2018 at 12:04 UTC a database query was accidentally run against our production database which truncated all tables.\u003c/li\u003e\u003cli\u003e\u003ca title=\"As predicted, more branch prediction processor attacks are discovered\" rel=\"nofollow\" href=\"https://arstechnica.com/gadgets/2018/03/its-not-just-spectre-researchers-reveal-more-branch-prediction-attacks/\"\u003eAs predicted, more branch prediction processor attacks are discovered\u003c/a\u003e \u0026mdash; New attack focuses on a different part of the branch prediction system.\u003c/li\u003e\u003cli\u003e\u003ca title=\"BranchScope: A New Side-Channel Attack on Directional Branch Predictor - asplos18.pdf\" rel=\"nofollow\" href=\"http://www.cs.ucr.edu/~nael/pubs/asplos18.pdf\"\u003eBranchScope: A New Side-Channel Attack on Directional Branch Predictor - asplos18.pdf\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Mathew has a neat use for Terraform\" rel=\"nofollow\" href=\"https://pastebin.com/dyBfm9Yc\"\u003eMathew has a neat use for Terraform\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Del says Learn just one thing... \" rel=\"nofollow\" href=\"https://pastebin.com/GuiSEDkz\"\u003eDel says Learn just one thing... \u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Mat Man has some great tips\" rel=\"nofollow\" href=\"https://pastebin.com/aX8Tukhs\"\u003eMat Man has some great tips\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Ben says you might already be doing it\" rel=\"nofollow\" href=\"https://pastebin.com/1kETQQaG\"\u003eBen says you might already be doing it\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Mr S with a advice from recruiting stand point.\" rel=\"nofollow\" href=\"https://pastebin.com/chU9RJeC\"\u003eMr S with a advice from recruiting stand point.\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Getting started or getting ahead in IT is a moving target, so we’ve crowd sourced some of the best tips and advice to help.","date_published":"2018-04-12T13:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/2f57aaaa-4b64-4c6f-809f-121a3710a543.mp3","mime_type":"audio/mpeg","size_in_bytes":30109027,"duration_in_seconds":2113}]},{"id":"a2457c20-9cb0-41b9-9599-ed6235873934","title":"Episode 362: Rebuilding it Better","url":"https://techsnap.systems/362","content_text":"It’s a TechSNAP introduction to Terraform, a tool for building, changing, and versioning infrastructure safely and efficiently. \n\nPlus a recent spat of data leaks suggest a common theme, Microsoft’s self inflicted Total Meltdown flaw, and playing around with DNS Rebinding attacks for fun.Sponsored By:Digital Ocean: Apply our promo snapocean after you create your account, and get a $10 credit. Promo Code: snapoceanTing: Save $25 off a device, or get $25 in service credits! Promo Code: Visit techsnap.ting.comiXSystems: Get a system purpose built for you. Promo Code: Tell them we sent you!Links:The Under Armour Hack Was Even Worse Than It Had To Be — When Under Armour announced that its nutrition app MyFitnessPal had suffered a data breach impacting the information of roughly 150 million users, things actually didn't seem so bad.Panerabread.com Leaks Millions of Customer Records — Panerabread.com, the Web site for the American chain of bakery-cafe fast casual restaurants by the same name, leaked millions of customer records — including names, email and physical addresses, birthdays and the last four digits of the customer’s credit card number — for at least eight months before it was yanked offline earlier today, KrebsOnSecurity has learned.No, Panera Bread Doesn’t Take Security Seriously – PB — This post establishes a canonical timeline so subsequent reporting doesn’t get confused.Total Meltdown — In short - the User/Supervisor permission bit was set to User in the PML4 self-referencing entry. This made the page tables available to user mode code in every process. The page tables should normally only be accessible by the kernel itself.\r\nTerraform by HashiCorp — HashiCorp Terraform enables you to safely and predictably create, change, and improve infrastructure. It is an open source tool that codifies APIs into declarative configuration files that can be shared amongst team members, treated as code, edited, reviewed, and versioned. Terraforming 1Password - AgileBits Blog — Most of the 2 hours and 39 minutes of downtime were related to data migration. The 1Password.com database is just under 1TB in size (not including documents and attachments), and it took almost two hours to complete the snapshot and restore operations.Whonow — A malicious DNS server for executing DNS Rebinding attacks on the fly","content_html":"\u003cp\u003eIt’s a TechSNAP introduction to Terraform, a tool for building, changing, and versioning infrastructure safely and efficiently. \u003c/p\u003e\n\n\u003cp\u003ePlus a recent spat of data leaks suggest a common theme, Microsoft’s self inflicted Total Meltdown flaw, and playing around with DNS Rebinding attacks for fun.\u003c/p\u003e\u003cp\u003eSponsored By:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"https://do.co/snap\"\u003eDigital Ocean\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"https://do.co/snap\"\u003eApply our promo snapocean after you create your account, and get a $10 credit.\u003c/a\u003e Promo Code: snapocean\u003c/li\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"http://techsnap.ting.com\"\u003eTing\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"http://techsnap.ting.com\"\u003eSave $25 off a device, or get $25 in service credits!\u003c/a\u003e Promo Code: Visit techsnap.ting.com\u003c/li\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"http://ixsystems.com/techsnap\"\u003eiXSystems\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"http://ixsystems.com/techsnap\"\u003eGet a system purpose built for you.\u003c/a\u003e Promo Code: Tell them we sent you!\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"The Under Armour Hack Was Even Worse Than It Had To Be\" rel=\"nofollow\" href=\"https://www.wired.com/story/under-armour-myfitnesspal-hack-password-hashing/\"\u003eThe Under Armour Hack Was Even Worse Than It Had To Be\u003c/a\u003e \u0026mdash; When Under Armour announced that its nutrition app MyFitnessPal had suffered a data breach impacting the information of roughly 150 million users, things actually didn't seem so bad.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Panerabread.com Leaks Millions of Customer Records\" rel=\"nofollow\" href=\"https://krebsonsecurity.com/2018/04/panerabread-com-leaks-millions-of-customer-records/\"\u003ePanerabread.com Leaks Millions of Customer Records\u003c/a\u003e \u0026mdash; Panerabread.com, the Web site for the American chain of bakery-cafe fast casual restaurants by the same name, leaked millions of customer records — including names, email and physical addresses, birthdays and the last four digits of the customer’s credit card number — for at least eight months before it was yanked offline earlier today, KrebsOnSecurity has learned.\u003c/li\u003e\u003cli\u003e\u003ca title=\"No, Panera Bread Doesn’t Take Security Seriously – PB\" rel=\"nofollow\" href=\"https://medium.com/@djhoulihan/no-panera-bread-doesnt-take-security-seriously-bf078027f815\"\u003eNo, Panera Bread Doesn’t Take Security Seriously – PB\u003c/a\u003e \u0026mdash; This post establishes a canonical timeline so subsequent reporting doesn’t get confused.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Total Meltdown\" rel=\"nofollow\" href=\"http://blog.frizk.net/2018/03/total-meltdown.html\"\u003eTotal Meltdown\u003c/a\u003e \u0026mdash; In short - the User/Supervisor permission bit was set to User in the PML4 self-referencing entry. This made the page tables available to user mode code in every process. The page tables should normally only be accessible by the kernel itself.\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"Terraform by HashiCorp\" rel=\"nofollow\" href=\"https://www.terraform.io/\"\u003eTerraform by HashiCorp\u003c/a\u003e \u0026mdash; HashiCorp Terraform enables you to safely and predictably create, change, and improve infrastructure. It is an open source tool that codifies APIs into declarative configuration files that can be shared amongst team members, treated as code, edited, reviewed, and versioned. \u003c/li\u003e\u003cli\u003e\u003ca title=\"Terraforming 1Password - AgileBits Blog\" rel=\"nofollow\" href=\"https://blog.agilebits.com/2018/01/25/terraforming-1password/\"\u003eTerraforming 1Password - AgileBits Blog\u003c/a\u003e \u0026mdash; Most of the 2 hours and 39 minutes of downtime were related to data migration. The 1Password.com database is just under 1TB in size (not including documents and attachments), and it took almost two hours to complete the snapshot and restore operations.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Whonow\" rel=\"nofollow\" href=\"https://github.com/brannondorsey/whonow\"\u003eWhonow\u003c/a\u003e \u0026mdash; A malicious DNS server for executing DNS Rebinding attacks on the fly\u003c/li\u003e\u003c/ul\u003e","summary":"It’s a TechSNAP introduction to Terraform, a tool for building, changing, and versioning infrastructure safely and efficiently. ","date_published":"2018-04-05T04:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/a2457c20-9cb0-41b9-9599-ed6235873934.mp3","mime_type":"audio/mpeg","size_in_bytes":26804016,"duration_in_seconds":2111}]},{"id":"60c0569a-55b4-446f-bf42-6d017d933f4f","title":"Episode 361: It's All in the Log","url":"https://techsnap.systems/361","content_text":"Embarrassing flaws get exposed when the logs get reviewed, Atlanta city government gets shut down by Ransomware, and the cleverest little Android malware you’ll ever meet.\n\nPlus we go from a hacked client to a Zero-day discovery, answer some questions, ask a few, and more!Sponsored By:Digital Ocean: Apply our promo snapocean after you create your account, and get a $10 credit. Promo Code: snapoceanTing: Save $25 off a device, or get $25 in service credits! Promo Code: Visit techsnap.ting.comiXSystems: Get a system purpose built for you. Promo Code: Tell them we sent you!Links:Unified Logs in High Sierra (10.13) Show Plaintext Password for APFS Encrypted External Volumes — My verification test is below. Note that it gets stored in on-disk, collected logs (non-volatile logs).Thousands of servers found leaking 750MB worth of passwords and keys — Leaky etcd servers could be a boon to data thieves and ransomware scammers.Atlanta city government systems down due to ransomware attack — FBI called in as some city services are interrupted, employees told to turn off PCs.Android malware found inside apps downloaded 500,000 times | ZDNet —  Cybercriminals have distributed malware to hundreds of thousands of Android users by hiding it inside a series of apparently harmless apps.From hacked client to 0day discovery — The client’s account had been blocked because it was spotted sending spam. Once connected to the service, it was clear that the monthly quota of the account was almost reached and that the latest emails sent shown on the dashboard had content that were clearly spam.Listener Feedback from Jeff SListener Feedback from Tyler","content_html":"\u003cp\u003eEmbarrassing flaws get exposed when the logs get reviewed, Atlanta city government gets shut down by Ransomware, and the cleverest little Android malware you’ll ever meet.\u003c/p\u003e\n\n\u003cp\u003ePlus we go from a hacked client to a Zero-day discovery, answer some questions, ask a few, and more!\u003c/p\u003e\u003cp\u003eSponsored By:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"https://do.co/snap\"\u003eDigital Ocean\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"https://do.co/snap\"\u003eApply our promo snapocean after you create your account, and get a $10 credit.\u003c/a\u003e Promo Code: snapocean\u003c/li\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"http://techsnap.ting.com\"\u003eTing\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"http://techsnap.ting.com\"\u003eSave $25 off a device, or get $25 in service credits!\u003c/a\u003e Promo Code: Visit techsnap.ting.com\u003c/li\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"http://ixsystems.com/techsnap\"\u003eiXSystems\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"http://ixsystems.com/techsnap\"\u003eGet a system purpose built for you.\u003c/a\u003e Promo Code: Tell them we sent you!\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Unified Logs in High Sierra (10.13) Show Plaintext Password for APFS Encrypted External Volumes\" rel=\"nofollow\" href=\"https://www.mac4n6.com/blog/2018/3/21/uh-oh-unified-logs-in-high-sierra-1013-show-plaintext-password-for-apfs-encrypted-external-volumes-via-disk-utilityapp\"\u003eUnified Logs in High Sierra (10.13) Show Plaintext Password for APFS Encrypted External Volumes\u003c/a\u003e \u0026mdash; My verification test is below. Note that it gets stored in on-disk, collected logs (non-volatile logs).\u003c/li\u003e\u003cli\u003e\u003ca title=\"Thousands of servers found leaking 750MB worth of passwords and keys\" rel=\"nofollow\" href=\"https://arstechnica.com/information-technology/2018/03/thousands-of-servers-found-leaking-750-mb-worth-of-passwords-and-keys/\"\u003eThousands of servers found leaking 750MB worth of passwords and keys\u003c/a\u003e \u0026mdash; Leaky etcd servers could be a boon to data thieves and ransomware scammers.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Atlanta city government systems down due to ransomware attack\" rel=\"nofollow\" href=\"https://arstechnica.com/information-technology/2018/03/atlanta-city-government-systems-down-due-to-ransomware-attack/\"\u003eAtlanta city government systems down due to ransomware attack\u003c/a\u003e \u0026mdash; FBI called in as some city services are interrupted, employees told to turn off PCs.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Android malware found inside apps downloaded 500,000 times | ZDNet\" rel=\"nofollow\" href=\"http://www.zdnet.com/article/android-malware-found-inside-apps-downloaded-500000-times/\"\u003eAndroid malware found inside apps downloaded 500,000 times | ZDNet\u003c/a\u003e \u0026mdash;  Cybercriminals have distributed malware to hundreds of thousands of Android users by hiding it inside a series of apparently harmless apps.\u003c/li\u003e\u003cli\u003e\u003ca title=\"From hacked client to 0day discovery\" rel=\"nofollow\" href=\"https://security.infoteam.ch/en/blog/posts/from-hacked-client-to-0day-discovery.html\"\u003eFrom hacked client to 0day discovery\u003c/a\u003e \u0026mdash; The client’s account had been blocked because it was spotted sending spam. Once connected to the service, it was clear that the monthly quota of the account was almost reached and that the latest emails sent shown on the dashboard had content that were clearly spam.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Listener Feedback from Jeff S\" rel=\"nofollow\" href=\"https://pastebin.com/kbBuE71Z\"\u003eListener Feedback from Jeff S\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Listener Feedback from Tyler\" rel=\"nofollow\" href=\"https://pastebin.com/cPNmQ1JR\"\u003eListener Feedback from Tyler\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Embarrassing flaws get exposed when the logs get reviewed, Atlanta city government gets shut down by Ransomware, and the cleverest little Android malware you’ll ever meet.\r\n","date_published":"2018-03-29T08:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/60c0569a-55b4-446f-bf42-6d017d933f4f.mp3","mime_type":"audio/mpeg","size_in_bytes":24152919,"duration_in_seconds":1969}]},{"id":"2bdd82c5-b92f-4a94-af10-1fdc61f7a3a9","title":"Episode 360: AMD Flaws Explained","url":"https://techsnap.systems/360","content_text":"We cut through the noise and explain in clear terms what’s really been discovered.  The botched disclosure of flaws in AMD products has overshadowed the technical details of the vulnerabilities, and we aim to fix that..\n\nPlus another DNS Rebinding attack is in the wild and stealing Ethereum, Microsoft opens up a new bug bounty program, Expedia gets hacked, and we perform a TechSNAP checkup.Sponsored By:iXSystems: Get a system purpose built for you. Promo Code: Tell them we sent you!Digital Ocean: Apply our promo snapocean after you create your account, and get a $10 credit. Promo Code: snapoceanTing: Save $25 off a device, or get $25 in service credits! Promo Code: Visit techsnap.ting.comLinks:Microsoft Offers New Bug Bounties for Spectre, ... — Microsoft last week announced new bug bounties for speculative execution side-channel vulnerabilities. These vulnerabilities, of which Spectre and Meltdown were the first known examples, represent a new class of problem and Microsoft would like to know what else might be lurking in the neighborhood.Microsoft patches RDP vulnerability. — Microsoft announced this week that they’ve released a preliminary fix for a vulnerability rated important, and present in all supported versions of Windows in circulation (basically any client or server version of Windows from 2008 onward).Firefox Master Password System Has Been Poorly Secured for the Past 9 Years — For at past nine years, Mozilla has been using an insufficiently strong encryption mechanism for the \"master password\" feature.Firefox Lockbox Extension — The Lockbox extension is a simple, stand-alone password manager that works with Firefox for desktop. It’s the first of several planned experiments designed to help us test and improve password management and online security.How your ethereum can be stolen through DNS rebinding — Most of the ethereum clients run a JSON-RPC service on port 8545 on localhost, but since it’s on localhost, we can’t access it directly from user’s browser due to SOP.TechSNAP Episode 353: Too Many Containers“AMD Flaws” Technical Summary | Trail of Bits Blog — Most of the discussion after the public announcement of the vulnerabilities has been focused on the way they were disclosed rather than their technical impact. In this post, we have tried to extract the relevant technical details from the CTS whitepaper so they can be of use to the security community without the distraction of the surrounding disclosure issues.Ivan is not happy with our memcrashed coverage — Discussion re:\"memcrashed\" on latest TechSNAP left me very mad. I think hosts did not properly explain the issue. PSA: Chrome distrusts certificates issued by Symantec starting today — This was announced back in September for v66, but we have machines running 65.0.3325.162 that display the full page \"NET::ERR_CERT_AUTHORITY_INVALID\" warning so it seems they jumped the gun a bit.Follow up: fail2ban AWS access controls Mr S Has a Handy pfSense how-toRunning pfSense on a DigitalOcean droplet","content_html":"\u003cp\u003eWe cut through the noise and explain in clear terms what’s really been discovered.  The botched disclosure of flaws in AMD products has overshadowed the technical details of the vulnerabilities, and we aim to fix that..\u003c/p\u003e\n\n\u003cp\u003ePlus another DNS Rebinding attack is in the wild and stealing Ethereum, Microsoft opens up a new bug bounty program, Expedia gets hacked, and we perform a TechSNAP checkup.\u003c/p\u003e\u003cp\u003eSponsored By:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"http://ixsystems.com/techsnap\"\u003eiXSystems\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"http://ixsystems.com/techsnap\"\u003eGet a system purpose built for you.\u003c/a\u003e Promo Code: Tell them we sent you!\u003c/li\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"https://do.co/snap\"\u003eDigital Ocean\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"https://do.co/snap\"\u003eApply our promo snapocean after you create your account, and get a $10 credit.\u003c/a\u003e Promo Code: snapocean\u003c/li\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"http://techsnap.ting.com\"\u003eTing\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"http://techsnap.ting.com\"\u003eSave $25 off a device, or get $25 in service credits!\u003c/a\u003e Promo Code: Visit techsnap.ting.com\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Microsoft Offers New Bug Bounties for Spectre, ...\" rel=\"nofollow\" href=\"https://www.darkreading.com/risk-management/microsoft-offers-new-bug-bounties-for-spectre-meltdown-type-flaws/d/d-id/1331303\"\u003eMicrosoft Offers New Bug Bounties for Spectre, ...\u003c/a\u003e \u0026mdash; Microsoft last week announced new bug bounties for speculative execution side-channel vulnerabilities. These vulnerabilities, of which Spectre and Meltdown were the first known examples, represent a new class of problem and Microsoft would like to know what else might be lurking in the neighborhood.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Microsoft patches RDP vulnerability.\" rel=\"nofollow\" href=\"https://nakedsecurity.sophos.com/2018/03/15/microsoft-patches-rdp-vulnerability-update-now/\"\u003eMicrosoft patches RDP vulnerability.\u003c/a\u003e \u0026mdash; Microsoft announced this week that they’ve released a preliminary fix for a vulnerability rated important, and present in all supported versions of Windows in circulation (basically any client or server version of Windows from 2008 onward).\u003c/li\u003e\u003cli\u003e\u003ca title=\"Firefox Master Password System Has Been Poorly Secured for the Past 9 Years\" rel=\"nofollow\" href=\"https://www.bleepingcomputer.com/news/security/firefox-master-password-system-has-been-poorly-secured-for-the-past-9-years/\"\u003eFirefox Master Password System Has Been Poorly Secured for the Past 9 Years\u003c/a\u003e \u0026mdash; For at past nine years, Mozilla has been using an insufficiently strong encryption mechanism for the \"master password\" feature.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Firefox Lockbox Extension\" rel=\"nofollow\" href=\"https://mozilla-lockbox.github.io/lockbox-extension/\"\u003eFirefox Lockbox Extension\u003c/a\u003e \u0026mdash; The Lockbox extension is a simple, stand-alone password manager that works with Firefox for desktop. It’s the first of several planned experiments designed to help us test and improve password management and online security.\u003c/li\u003e\u003cli\u003e\u003ca title=\"How your ethereum can be stolen through DNS rebinding\" rel=\"nofollow\" href=\"https://ret2got.wordpress.com/2018/01/19/how-your-ethereum-can-be-stolen-using-dns-rebinding/\"\u003eHow your ethereum can be stolen through DNS rebinding\u003c/a\u003e \u0026mdash; Most of the ethereum clients run a JSON-RPC service on port 8545 on localhost, but since it’s on localhost, we can’t access it directly from user’s browser due to SOP.\u003c/li\u003e\u003cli\u003e\u003ca title=\"TechSNAP Episode 353: Too Many Containers\" rel=\"nofollow\" href=\"http://techsnap.systems/353\"\u003eTechSNAP Episode 353: Too Many Containers\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"“AMD Flaws” Technical Summary | Trail of Bits Blog\" rel=\"nofollow\" href=\"https://blog.trailofbits.com/2018/03/15/amd-flaws-technical-summary/\"\u003e“AMD Flaws” Technical Summary | Trail of Bits Blog\u003c/a\u003e \u0026mdash; Most of the discussion after the public announcement of the vulnerabilities has been focused on the way they were disclosed rather than their technical impact. In this post, we have tried to extract the relevant technical details from the CTS whitepaper so they can be of use to the security community without the distraction of the surrounding disclosure issues.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Ivan is not happy with our memcrashed coverage\" rel=\"nofollow\" href=\"https://twitter.com/IvanTomica/status/975025525398831104?ref_src=twsrc%5Etfw\"\u003eIvan is not happy with our memcrashed coverage\u003c/a\u003e \u0026mdash; Discussion re:\"memcrashed\" on latest TechSNAP left me very mad. I think hosts did not properly explain the issue. \u003c/li\u003e\u003cli\u003e\u003ca title=\"PSA: Chrome distrusts certificates issued by Symantec starting today\" rel=\"nofollow\" href=\"https://www.reddit.com/r/sysadmin/comments/84m6vr/psa_chrome_distrusts_certificates_issued_by/\"\u003ePSA: Chrome distrusts certificates issued by Symantec starting today\u003c/a\u003e \u0026mdash; This was announced back in September for v66, but we have machines running 65.0.3325.162 that display the full page \"NET::ERR_CERT_AUTHORITY_INVALID\" warning so it seems they jumped the gun a bit.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Follow up: fail2ban AWS access controls \" rel=\"nofollow\" href=\"https://pastebin.com/4Q4zTZGA\"\u003eFollow up: fail2ban AWS access controls \u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Mr S Has a Handy pfSense how-to\" rel=\"nofollow\" href=\"https://pastebin.com/FXA8PzQx\"\u003eMr S Has a Handy pfSense how-to\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Running pfSense on a DigitalOcean droplet\" rel=\"nofollow\" href=\"https://squigly.blogspot.co.il/2018/02/running-pfsense-on-digitalocean-droplet.html\"\u003eRunning pfSense on a DigitalOcean droplet\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"We cut through the noise and explain in clear terms what’s really been discovered.  The botched disclosure of flaws in AMD products has overshadowed the technical details of the vulnerabilities, and we aim to fix that..","date_published":"2018-03-22T12:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/2bdd82c5-b92f-4a94-af10-1fdc61f7a3a9.mp3","mime_type":"audio/mpeg","size_in_bytes":21507018,"duration_in_seconds":1749}]},{"id":"c63e4421-989c-4e30-813c-cb967a5ab29b","title":"Episode 359: Netflix’s Dark Capacity","url":"https://techsnap.systems/359","content_text":"Netflix has a few tricks we can learn from, and the story of clever malware that was operating undetected since 2012. \n\nPlus we discuss Let's Encrypt’s Wildcard support and explain what ACME v2 is.\n\nThen we detail the bad position Samba 4 admins are in, and the real cause of these recent 1.7Tbps DDoS attacks.Sponsored By:Ting: Save $25 off a device, or get $25 in service credits! Promo Code: Visit techsnap.ting.comDigital Ocean: Apply our promo snapocean after you create your account, and get a $10 credit. Promo Code: snapoceaniXSystems: Get a system purpose built for you. Promo Code: Tell them we sent you!Links:Hardcoded Password Found in Cisco Software — Cisco says that an attacker could exploit this vulnerability (CVE-2018-0141) by connecting to the affected system via Secure Shell (SSH) using the hardcoded password.Potent malware that hid for six years spread through routers  — \"The malware is highly advanced, solving all sorts of problems from a technical perspective and often in a very elegant way, combining older and newer components in a thoroughly thought-through, long-term operation, something to expect from a top-notch well-resourced actor.\"CVE 2018-1057: Authenticated Samba users can change other users' password  —  On a Samba 4 AD DC the LDAP server in all versions of Samba from\r\n4.0.0 onwards incorrectly validates permissions to modify passwords\r\nover LDAP allowing authenticated users to change any other users'\r\npasswords, including administrative users and privileged service\r\naccounts (eg Domain Controllers).CVE-2018-1057 - SambaWiki Workarounds  — Revoke the change passwords right for 'the world' from all user objects (including computers) in the directory, leaving only the right to change a user's own password.ACME v2 and Wildcard Certificate Support is Live — We’re pleased to announce that ACMEv2 and wildcard certificate support is live! It just got much easier to wage record-breaking DDoSes  — Within days of the new technique going public, security firms reported it being used in a record-setting 1.3 terabit-per-second DDoS against Github and then, two days later, a record-topping 1.7 Tbps attack against an unnamed US-based service provider.The real cause of large DDoS  — All the gigantic headline-grabbing attacks are what we call \"L3\" (Layer 3 OSI[1]). This kind of attack has a common trait - the malicious software sends as many packets as possible onto the network. Project Nimble – Netflix TechBlog — We set ourselves an aggressive goal of being able to fail over traffic in less than 10 minutes. Follow Up: Alex has a tip for AlexQuestion: Oliver asks about a fail2ban replacement S3Scanner — Scan for open S3 buckets and dump Chromium is also a Snap","content_html":"\u003cp\u003eNetflix has a few tricks we can learn from, and the story of clever malware that was operating undetected since 2012. \u003c/p\u003e\n\n\u003cp\u003ePlus we discuss Let\u0026#39;s Encrypt’s Wildcard support and explain what ACME v2 is.\u003c/p\u003e\n\n\u003cp\u003eThen we detail the bad position Samba 4 admins are in, and the real cause of these recent 1.7Tbps DDoS attacks.\u003c/p\u003e\u003cp\u003eSponsored By:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"http://techsnap.ting.com\"\u003eTing\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"http://techsnap.ting.com\"\u003eSave $25 off a device, or get $25 in service credits!\u003c/a\u003e Promo Code: Visit techsnap.ting.com\u003c/li\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"https://do.co/snap\"\u003eDigital Ocean\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"https://do.co/snap\"\u003eApply our promo snapocean after you create your account, and get a $10 credit.\u003c/a\u003e Promo Code: snapocean\u003c/li\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"http://ixsystems.com/techsnap\"\u003eiXSystems\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"http://ixsystems.com/techsnap\"\u003eGet a system purpose built for you.\u003c/a\u003e Promo Code: Tell them we sent you!\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Hardcoded Password Found in Cisco Software\" rel=\"nofollow\" href=\"https://www.bleepingcomputer.com/news/security/hardcoded-password-found-in-cisco-software/\"\u003eHardcoded Password Found in Cisco Software\u003c/a\u003e \u0026mdash; Cisco says that an attacker could exploit this vulnerability (CVE-2018-0141) by connecting to the affected system via Secure Shell (SSH) using the hardcoded password.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Potent malware that hid for six years spread through routers \" rel=\"nofollow\" href=\"https://arstechnica.com/information-technology/2018/03/potent-malware-that-hid-for-six-years-spread-through-routers/\"\u003ePotent malware that hid for six years spread through routers \u003c/a\u003e \u0026mdash; \"The malware is highly advanced, solving all sorts of problems from a technical perspective and often in a very elegant way, combining older and newer components in a thoroughly thought-through, long-term operation, something to expect from a top-notch well-resourced actor.\"\u003c/li\u003e\u003cli\u003e\u003ca title=\"CVE 2018-1057: Authenticated Samba users can change other users\u0026#39; password \" rel=\"nofollow\" href=\"https://www.samba.org/samba/security/CVE-2018-1057.html\"\u003eCVE 2018-1057: Authenticated Samba users can change other users\u0026#39; password \u003c/a\u003e \u0026mdash;  On a Samba 4 AD DC the LDAP server in all versions of Samba from\r\n4.0.0 onwards incorrectly validates permissions to modify passwords\r\nover LDAP allowing authenticated users to change any other users'\r\npasswords, including administrative users and privileged service\r\naccounts (eg Domain Controllers).\u003c/li\u003e\u003cli\u003e\u003ca title=\"CVE-2018-1057 - SambaWiki Workarounds \" rel=\"nofollow\" href=\"https://wiki.samba.org/index.php/CVE-2018-1057#Workarounds\"\u003eCVE-2018-1057 - SambaWiki Workarounds \u003c/a\u003e \u0026mdash; Revoke the change passwords right for 'the world' from all user objects (including computers) in the directory, leaving only the right to change a user's own password.\u003c/li\u003e\u003cli\u003e\u003ca title=\"ACME v2 and Wildcard Certificate Support is Live\" rel=\"nofollow\" href=\"https://community.letsencrypt.org/t/acme-v2-and-wildcard-certificate-support-is-live/55579\"\u003eACME v2 and Wildcard Certificate Support is Live\u003c/a\u003e \u0026mdash; We’re pleased to announce that ACMEv2 and wildcard certificate support is live! \u003c/li\u003e\u003cli\u003e\u003ca title=\"It just got much easier to wage record-breaking DDoSes \" rel=\"nofollow\" href=\"https://arstechnica.com/information-technology/2018/03/it-just-got-much-easier-to-wage-record-breaking-ddoses/\"\u003eIt just got much easier to wage record-breaking DDoSes \u003c/a\u003e \u0026mdash; Within days of the new technique going public, security firms reported it being used in a record-setting 1.3 terabit-per-second DDoS against Github and then, two days later, a record-topping 1.7 Tbps attack against an unnamed US-based service provider.\u003c/li\u003e\u003cli\u003e\u003ca title=\"The real cause of large DDoS \" rel=\"nofollow\" href=\"https://blog.cloudflare.com/the-root-cause-of-large-ddos-ip-spoofing/\"\u003eThe real cause of large DDoS \u003c/a\u003e \u0026mdash; All the gigantic headline-grabbing attacks are what we call \"L3\" (Layer 3 OSI[1]). This kind of attack has a common trait - the malicious software sends as many packets as possible onto the network. \u003c/li\u003e\u003cli\u003e\u003ca title=\"Project Nimble – Netflix TechBlog\" rel=\"nofollow\" href=\"https://medium.com/netflix-techblog/project-nimble-region-evacuation-reimagined-d0d0568254d4\"\u003eProject Nimble – Netflix TechBlog\u003c/a\u003e \u0026mdash; We set ourselves an aggressive goal of being able to fail over traffic in less than 10 minutes. \u003c/li\u003e\u003cli\u003e\u003ca title=\"Follow Up: Alex has a tip for Alex\" rel=\"nofollow\" href=\"https://pastebin.com/g97N8teu\"\u003eFollow Up: Alex has a tip for Alex\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Question: Oliver asks about a fail2ban replacement \" rel=\"nofollow\" href=\"https://pastebin.com/wrGGUyBp\"\u003eQuestion: Oliver asks about a fail2ban replacement \u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"S3Scanner\" rel=\"nofollow\" href=\"https://github.com/sa7mon/S3Scanner\"\u003eS3Scanner\u003c/a\u003e \u0026mdash; Scan for open S3 buckets and dump \u003c/li\u003e\u003cli\u003e\u003ca title=\"Chromium is also a Snap\" rel=\"nofollow\" href=\"https://snapcraft.io/chromium\"\u003eChromium is also a Snap\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Netflix has a few tricks we can learn from, and the story of clever malware that was operating undetected since 2012. \r\n","date_published":"2018-03-15T20:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/c63e4421-989c-4e30-813c-cb967a5ab29b.mp3","mime_type":"audio/mpeg","size_in_bytes":23670639,"duration_in_seconds":1909}]},{"id":"dd10266c-5d78-43c7-bf71-1d3abb89a7a5","title":"Episode 358: A Future Without Servers","url":"https://techsnap.systems/358","content_text":"The term serverless gets thrown around a lot, but what does it really mean? What are the benefits and the drawbacks? It’s a TechSNAP introduction to Serverless Architecture. \n\nPlus new research with ideas to dramatically improve private web browsing, the growing problem of tracking security vulnerabilities with CVE’s, and much more!Sponsored By:Digital Ocean: Apply our promo snapocean after you create your account, and get a $10 credit. Promo Code: snapoceaniXSystems: Get a system purpose built for you. Promo Code: Tell them we sent you!Ting: Save $25 off a device, or get $25 in service credits! Promo Code: Visit techsnap.ting.comLinks:Revamp of 'Pwned Passwords' Boosts Privacy and Size of Database — In V2 of Pwned Passwords, launched last week, Hunt updated his password data set from 320 million passwords to 501 million new passwords, pulled from almost 3,000 breaches over the past year.Finding Pwned Passwords with 1Password — Troy Hunt and his friends from Cloudflare found a brilliant way to check if my password is leaked without ever needing to send my password to their service. Their server never receives enough information to reconstruct my password.Troy Hunt: I've Just Added 2,844 New Data Breaches With 80M Records To Have I Been PwnedApple’s China data migration includes iCloud keys, making data requests easier for authorities — Now, according to Apple, for the first time the company will store the keys for Chinese iCloud accounts in China itself. That means Chinese authorities will no longer have to use the U.S. courts to seek information on iCloud users and can instead use their own legal system to ask Apple to hand over iCloud data for Chinese users, legal experts said.Microsoft’s Big Email Privacy Case Heads to the Supreme Court Tomorrow — The 2013 warrant involved a drug case, and the Justice Department asked Microsoft to turn over emails that were stored in its Ireland data center. Microsoft objected, arguing that the DoJ could not use a domestic warrant to conduct an international search and that it should instead acquire the data through a treaty process with the Irish government.Researchers Propose Improved Private Web Browsing System — The newly proposed system keeps all the data that the browse loads into memory encrypted until it is displayed on the screen, the researchers say. Users no longer type a URL into the browser, but access the Veil website and enter the URL there. With the help of a blinding server, the Veil format of the requested page is transmitted. Nearly 8,000 Security Flaws Did Not Receive a CVE ID in 2017 — A record-breaking number of 20,832 vulnerabilities have been discovered in 2017 but only 12,932 of these received an official CVE identifier last year, a Risk Based Security (RBS) report reveals.What is Serverless Architecture? What are its criticisms and drawbacks? — Serverless architectures refer to applications that significantly depend on third-party services (knows as Backend as a Service or “BaaS”) or on custom code that’s run in ephemeral containers (Function as a Service or “FaaS”), the best known vendor host of which currently is AWS Lambda.Serverless Security: What's Left to Protect?OpenFaaS - Serverless Functions Made Simple — Serverless Functions Made Simple for Docker and Kubernetesopen-lambda: An open source serverless computing platform — An open source serverless computing platformIron.io - DevOps Solutions from Startups to EnterpriseApache OpenWhisk is a serverless, open source cloud platformFeedback: David's Drive TipsQuestion: Alex has BIG cloud storage requirements....Crostini - Linux App Containers on ChromeOS  — In other words, the Crostini/Terminal feature could be to Chrome OS what the Windows Subsystem for Linux is for Windows 10: a way that developers, power users, and Linux enthusiasts can run native Linux software on a device that’s not running a traditional Linux distribution.","content_html":"\u003cp\u003eThe term serverless gets thrown around a lot, but what does it really mean? What are the benefits and the drawbacks? It’s a TechSNAP introduction to Serverless Architecture. \u003c/p\u003e\n\n\u003cp\u003ePlus new research with ideas to dramatically improve private web browsing, the growing problem of tracking security vulnerabilities with CVE’s, and much more!\u003c/p\u003e\u003cp\u003eSponsored By:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"https://do.co/snap\"\u003eDigital Ocean\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"https://do.co/snap\"\u003eApply our promo snapocean after you create your account, and get a $10 credit.\u003c/a\u003e Promo Code: snapocean\u003c/li\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"http://ixsystems.com/techsnap\"\u003eiXSystems\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"http://ixsystems.com/techsnap\"\u003eGet a system purpose built for you.\u003c/a\u003e Promo Code: Tell them we sent you!\u003c/li\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"http://techsnap.ting.com\"\u003eTing\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"http://techsnap.ting.com\"\u003eSave $25 off a device, or get $25 in service credits!\u003c/a\u003e Promo Code: Visit techsnap.ting.com\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Revamp of \u0026#39;Pwned Passwords\u0026#39; Boosts Privacy and Size of Database\" rel=\"nofollow\" href=\"https://threatpost.com/revamp-of-pwned-passwords-boosts-privacy-and-size-of-database/130082/\"\u003eRevamp of \u0026#39;Pwned Passwords\u0026#39; Boosts Privacy and Size of Database\u003c/a\u003e \u0026mdash; In V2 of Pwned Passwords, launched last week, Hunt updated his password data set from 320 million passwords to 501 million new passwords, pulled from almost 3,000 breaches over the past year.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Finding Pwned Passwords with 1Password\" rel=\"nofollow\" href=\"https://blog.agilebits.com/2018/02/22/finding-pwned-passwords-with-1password/\"\u003eFinding Pwned Passwords with 1Password\u003c/a\u003e \u0026mdash; Troy Hunt and his friends from Cloudflare found a brilliant way to check if my password is leaked without ever needing to send my password to their service. Their server never receives enough information to reconstruct my password.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Troy Hunt: I\u0026#39;ve Just Added 2,844 New Data Breaches With 80M Records To Have I Been Pwned\" rel=\"nofollow\" href=\"https://www.troyhunt.com/ive-just-added-2844-new-data-breaches-with-80m-records-to-have-i-been-pwned/\"\u003eTroy Hunt: I\u0026#39;ve Just Added 2,844 New Data Breaches With 80M Records To Have I Been Pwned\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Apple’s China data migration includes iCloud keys, making data requests easier for authorities\" rel=\"nofollow\" href=\"https://9to5mac.com/2018/02/24/icloud-data-keys-migration/\"\u003eApple’s China data migration includes iCloud keys, making data requests easier for authorities\u003c/a\u003e \u0026mdash; Now, according to Apple, for the first time the company will store the keys for Chinese iCloud accounts in China itself. That means Chinese authorities will no longer have to use the U.S. courts to seek information on iCloud users and can instead use their own legal system to ask Apple to hand over iCloud data for Chinese users, legal experts said.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Microsoft’s Big Email Privacy Case Heads to the Supreme Court Tomorrow\" rel=\"nofollow\" href=\"https://gizmodo.com/microsoft-s-big-email-privacy-case-heads-to-the-supreme-1823328595\"\u003eMicrosoft’s Big Email Privacy Case Heads to the Supreme Court Tomorrow\u003c/a\u003e \u0026mdash; The 2013 warrant involved a drug case, and the Justice Department asked Microsoft to turn over emails that were stored in its Ireland data center. Microsoft objected, arguing that the DoJ could not use a domestic warrant to conduct an international search and that it should instead acquire the data through a treaty process with the Irish government.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Researchers Propose Improved Private Web Browsing System\" rel=\"nofollow\" href=\"https://www.securityweek.com/researchers-propose-improved-private-web-browsing-system\"\u003eResearchers Propose Improved Private Web Browsing System\u003c/a\u003e \u0026mdash; The newly proposed system keeps all the data that the browse loads into memory encrypted until it is displayed on the screen, the researchers say. Users no longer type a URL into the browser, but access the Veil website and enter the URL there. With the help of a blinding server, the Veil format of the requested page is transmitted. \u003c/li\u003e\u003cli\u003e\u003ca title=\"Nearly 8,000 Security Flaws Did Not Receive a CVE ID in 2017\" rel=\"nofollow\" href=\"https://www.bleepingcomputer.com/news/security/nearly-8-000-security-flaws-did-not-receive-a-cve-id-in-2017/\"\u003eNearly 8,000 Security Flaws Did Not Receive a CVE ID in 2017\u003c/a\u003e \u0026mdash; A record-breaking number of 20,832 vulnerabilities have been discovered in 2017 but only 12,932 of these received an official CVE identifier last year, a Risk Based Security (RBS) report reveals.\u003c/li\u003e\u003cli\u003e\u003ca title=\"What is Serverless Architecture? What are its criticisms and drawbacks?\" rel=\"nofollow\" href=\"https://medium.com/@MarutiTech/what-is-serverless-architecture-what-are-its-criticisms-and-drawbacks-928659f9899a\"\u003eWhat is Serverless Architecture? What are its criticisms and drawbacks?\u003c/a\u003e \u0026mdash; Serverless architectures refer to applications that significantly depend on third-party services (knows as Backend as a Service or “BaaS”) or on custom code that’s run in ephemeral containers (Function as a Service or “FaaS”), the best known vendor host of which currently is AWS Lambda.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Serverless Security: What\u0026#39;s Left to Protect?\" rel=\"nofollow\" href=\"https://www.infoq.com/articles/serverless-security\"\u003eServerless Security: What\u0026#39;s Left to Protect?\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"OpenFaaS - Serverless Functions Made Simple\" rel=\"nofollow\" href=\"https://www.openfaas.com/\"\u003eOpenFaaS - Serverless Functions Made Simple\u003c/a\u003e \u0026mdash; Serverless Functions Made Simple for Docker and Kubernetes\u003c/li\u003e\u003cli\u003e\u003ca title=\"open-lambda: An open source serverless computing platform\" rel=\"nofollow\" href=\"https://github.com/open-lambda/open-lambda\"\u003eopen-lambda: An open source serverless computing platform\u003c/a\u003e \u0026mdash; An open source serverless computing platform\u003c/li\u003e\u003cli\u003e\u003ca title=\"Iron.io - DevOps Solutions from Startups to Enterprise\" rel=\"nofollow\" href=\"https://www.iron.io/\"\u003eIron.io - DevOps Solutions from Startups to Enterprise\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Apache OpenWhisk is a serverless, open source cloud platform\" rel=\"nofollow\" href=\"https://openwhisk.apache.org/\"\u003eApache OpenWhisk is a serverless, open source cloud platform\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Feedback: David\u0026#39;s Drive Tips\" rel=\"nofollow\" href=\"https://pastebin.com/iSZgfPuc\"\u003eFeedback: David\u0026#39;s Drive Tips\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Question: Alex has BIG cloud storage requirements....\" rel=\"nofollow\" href=\"https://pastebin.com/mY78CNxK\"\u003eQuestion: Alex has BIG cloud storage requirements....\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Crostini - Linux App Containers on ChromeOS \" rel=\"nofollow\" href=\"https://liliputing.com/2018/02/chromebooks-may-get-native-support-linux-apps-via-crostini.html\"\u003eCrostini - Linux App Containers on ChromeOS \u003c/a\u003e \u0026mdash; In other words, the Crostini/Terminal feature could be to Chrome OS what the Windows Subsystem for Linux is for Windows 10: a way that developers, power users, and Linux enthusiasts can run native Linux software on a device that’s not running a traditional Linux distribution.\u003c/li\u003e\u003c/ul\u003e","summary":"The term serverless gets thrown around a lot, but what does it really mean? What are the benefits and the drawbacks? It’s a TechSNAP introduction to Serverless Architecture. ","date_published":"2018-03-01T08:00:00.000-08:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/dd10266c-5d78-43c7-bf71-1d3abb89a7a5.mp3","mime_type":"audio/mp3","size_in_bytes":26781664,"duration_in_seconds":2188}]},{"id":"3ad2e9bb-44f4-4889-8c42-992309c470df","title":"Episode 357: The Return of Spectre","url":"https://techsnap.systems/357","content_text":"New variants, bad patches, busted microcode and devastated performance. It’s a TechSNAP  Meltdown and Spectre check up.\n\nPlus Tesla gets hit by Monero Cryptojacking, and a dating site that matches people based on their bad passwords…. So we gave it a go!Sponsored By:iXSystems: Get a system purpose built for you. Promo Code: Tell them we sent you!Ting: Save $25 off a device, or get $25 in service credits! Promo Code: Visit techsnap.ting.comDigital Ocean: Apply our promo snapocean after you create your account, and get a $10 credit. Promo Code: snapoceanLinks:People Are Actually Using a Joke Dating Site That Matches People Based on Their Passwords  — This website answers the question no one ever asked: what if you dated someone who used the same password?Flight Sim Company Embeds Malware to Steal Pirates' Passwords — Flight sim company FlightSimLabs has found itself in trouble after installing malware onto users' machines as an anti-piracy measure. Code embedded in its A320-X module contained a mechanism for detecting 'pirate' serial numbers distributed on The Pirate Bay, which then triggered a process through which the company stole usernames and passwords from users' web browsers.Lessons from the Cryptojacking Attack at Tesla — In cases involving the WannaMine malware, a tool called Mimikatz is used to pull credentials from a computer’s memory to infect other computers on the network. The malware then uses the infected computers’ compute to mine a cryptocurrency called Monero quietly in the background.Chef InSpec 2.0 — InSpec is a free open source tool that enables development teams to express security and compliance rules as code. Version 1.0 was about ensuring that applications were set up properly. The new version extends this capability to the cloud where companies are running the applications, allowing teams to test and write rules for compliance with cloud security policy. It supports AWS and Azure and comes with 30 common configurations out of the box including Docker, IIS, NGINX and PostgreSQL.meltdownspectre-patches summary on Github — Summary of the patch status for Meltdown / Spectre.Spectre \u0026amp; Meltdown Checker for Linux — A simple shell script to tell if your Linux installation is vulnerable against the 3 \"speculative execution\" CVEs that were made public early 2018.FreeBSD Finally Gets Mitigated For Spectre \u0026amp; Meltdown — It's taken a few more weeks longer than most of the Linux distributions to be re-worked for Spectre/Meltdown mitigation as well as DragonFlyBSD, but with FreeBSD Revision 329462 it appears their initial fixes are in place. SpeculativeExecutionVulnerabilities - FreeBSD WikiRed Hat CheckerDebian CheckerMicrosoft's free analytics service sniffs out Meltdown, Spectre patch status — Windows Analytics can now scan enterprise PCs running Windows 10, Windows 8.1 and Windows 7 and report on whether they're prepped to fend off attacks based on the Meltdown and Spectre vulnerabilities.KPTI/KAISER Meltdown Initial Performance Regressions — In this post I'll look at the Linux kernel page table isolation (KPTI) patches that workaround Meltdown: what overheads to expect, and ways to tune them. Much of my testing was on Linux 4.14.11 and 4.14.12 a month ago, before we deployed in production. Some older kernels have the KAISER patches for Meltdown, and so far the performance overheads look similar. These results aren't final, since more changes are still being developed, such as for Spectre.New Spectre, Meltdown variants leave victims open to side-channel attacks — MeltdownPrime and SpectrePrime, found by Princeton and NVIDIA researchers, may require significant hardware changes to be mitigated. Question: How to Lock Down Firefox AddonsLocking preferences - MozillaZine Knowledge BaseCCK2 Firefox Lockdown ToolQuestion: Namespaces and sandboxingLinux SandboxingFirejail","content_html":"\u003cp\u003eNew variants, bad patches, busted microcode and devastated performance. It’s a TechSNAP  Meltdown and Spectre check up.\u003c/p\u003e\n\n\u003cp\u003ePlus Tesla gets hit by Monero Cryptojacking, and a dating site that matches people based on their bad passwords…. So we gave it a go!\u003c/p\u003e\u003cp\u003eSponsored By:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"http://ixsystems.com/techsnap\"\u003eiXSystems\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"http://ixsystems.com/techsnap\"\u003eGet a system purpose built for you.\u003c/a\u003e Promo Code: Tell them we sent you!\u003c/li\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"http://techsnap.ting.com\"\u003eTing\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"http://techsnap.ting.com\"\u003eSave $25 off a device, or get $25 in service credits!\u003c/a\u003e Promo Code: Visit techsnap.ting.com\u003c/li\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"https://do.co/snap\"\u003eDigital Ocean\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"https://do.co/snap\"\u003eApply our promo snapocean after you create your account, and get a $10 credit.\u003c/a\u003e Promo Code: snapocean\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"People Are Actually Using a Joke Dating Site That Matches People Based on Their Passwords \" rel=\"nofollow\" href=\"https://motherboard.vice.com/en_us/article/wj4jyz/words-of-heart-password-joke-dating-website-\"\u003ePeople Are Actually Using a Joke Dating Site That Matches People Based on Their Passwords \u003c/a\u003e \u0026mdash; This website answers the question no one ever asked: what if you dated someone who used the same password?\u003c/li\u003e\u003cli\u003e\u003ca title=\"Flight Sim Company Embeds Malware to Steal Pirates\u0026#39; Passwords\" rel=\"nofollow\" href=\"https://torrentfreak.com/flight-sim-company-embeds-malware-to-steal-pirates-passwords-180219/\"\u003eFlight Sim Company Embeds Malware to Steal Pirates\u0026#39; Passwords\u003c/a\u003e \u0026mdash; Flight sim company FlightSimLabs has found itself in trouble after installing malware onto users' machines as an anti-piracy measure. Code embedded in its A320-X module contained a mechanism for detecting 'pirate' serial numbers distributed on The Pirate Bay, which then triggered a process through which the company stole usernames and passwords from users' web browsers.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Lessons from the Cryptojacking Attack at Tesla\" rel=\"nofollow\" href=\"https://blog.redlock.io/cryptojacking-tesla\"\u003eLessons from the Cryptojacking Attack at Tesla\u003c/a\u003e \u0026mdash; In cases involving the WannaMine malware, a tool called Mimikatz is used to pull credentials from a computer’s memory to infect other computers on the network. The malware then uses the infected computers’ compute to mine a cryptocurrency called Monero quietly in the background.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Chef InSpec 2.0\" rel=\"nofollow\" href=\"https://techcrunch.com/2018/02/20/chef-inspec-2-0-wants-to-help-companies-automate-security-compliance-in-cloud-apps/\"\u003eChef InSpec 2.0\u003c/a\u003e \u0026mdash; InSpec is a free open source tool that enables development teams to express security and compliance rules as code. Version 1.0 was about ensuring that applications were set up properly. The new version extends this capability to the cloud where companies are running the applications, allowing teams to test and write rules for compliance with cloud security policy. It supports AWS and Azure and comes with 30 common configurations out of the box including Docker, IIS, NGINX and PostgreSQL.\u003c/li\u003e\u003cli\u003e\u003ca title=\"meltdownspectre-patches summary on Github\" rel=\"nofollow\" href=\"https://github.com/hannob/meltdownspectre-patches\"\u003emeltdownspectre-patches summary on Github\u003c/a\u003e \u0026mdash; Summary of the patch status for Meltdown / Spectre.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Spectre \u0026amp; Meltdown Checker for Linux\" rel=\"nofollow\" href=\"https://github.com/speed47/spectre-meltdown-checker\"\u003eSpectre \u0026amp; Meltdown Checker for Linux\u003c/a\u003e \u0026mdash; A simple shell script to tell if your Linux installation is vulnerable against the 3 \"speculative execution\" CVEs that were made public early 2018.\u003c/li\u003e\u003cli\u003e\u003ca title=\"FreeBSD Finally Gets Mitigated For Spectre \u0026amp; Meltdown\" rel=\"nofollow\" href=\"https://www.phoronix.com/scan.php?page=news_item\u0026amp;px=FreeBSD-Spectre-Meltdown-Fix\"\u003eFreeBSD Finally Gets Mitigated For Spectre \u0026amp; Meltdown\u003c/a\u003e \u0026mdash; It's taken a few more weeks longer than most of the Linux distributions to be re-worked for Spectre/Meltdown mitigation as well as DragonFlyBSD, but with FreeBSD Revision 329462 it appears their initial fixes are in place. \u003c/li\u003e\u003cli\u003e\u003ca title=\"SpeculativeExecutionVulnerabilities - FreeBSD Wiki\" rel=\"nofollow\" href=\"https://wiki.freebsd.org/SpeculativeExecutionVulnerabilities\"\u003eSpeculativeExecutionVulnerabilities - FreeBSD Wiki\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Red Hat Checker\" rel=\"nofollow\" href=\"https://access.redhat.com/security/vulnerabilities/speculativeexecution\"\u003eRed Hat Checker\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Debian Checker\" rel=\"nofollow\" href=\"https://packages.debian.org/stretch-backports/spectre-meltdown-checker?utm_source=dlvr.it\u0026amp;utm_medium=twitter\"\u003eDebian Checker\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Microsoft\u0026#39;s free analytics service sniffs out Meltdown, Spectre patch status\" rel=\"nofollow\" href=\"https://www.computerworld.com/article/3254657/microsoft-windows/microsofts-free-analytics-service-sniffs-out-meltdown-spectre-patch-status.html\"\u003eMicrosoft\u0026#39;s free analytics service sniffs out Meltdown, Spectre patch status\u003c/a\u003e \u0026mdash; Windows Analytics can now scan enterprise PCs running Windows 10, Windows 8.1 and Windows 7 and report on whether they're prepped to fend off attacks based on the Meltdown and Spectre vulnerabilities.\u003c/li\u003e\u003cli\u003e\u003ca title=\"KPTI/KAISER Meltdown Initial Performance Regressions\" rel=\"nofollow\" href=\"http://www.brendangregg.com/blog/2018-02-09/kpti-kaiser-meltdown-performance.html\"\u003eKPTI/KAISER Meltdown Initial Performance Regressions\u003c/a\u003e \u0026mdash; In this post I'll look at the Linux kernel page table isolation (KPTI) patches that workaround Meltdown: what overheads to expect, and ways to tune them. Much of my testing was on Linux 4.14.11 and 4.14.12 a month ago, before we deployed in production. Some older kernels have the KAISER patches for Meltdown, and so far the performance overheads look similar. These results aren't final, since more changes are still being developed, such as for Spectre.\u003c/li\u003e\u003cli\u003e\u003ca title=\"New Spectre, Meltdown variants leave victims open to side-channel attacks\" rel=\"nofollow\" href=\"https://www.techrepublic.com/article/new-spectre-meltdown-variants-leave-victims-open-to-side-channel-attacks/\"\u003eNew Spectre, Meltdown variants leave victims open to side-channel attacks\u003c/a\u003e \u0026mdash; MeltdownPrime and SpectrePrime, found by Princeton and NVIDIA researchers, may require significant hardware changes to be mitigated. \u003c/li\u003e\u003cli\u003e\u003ca title=\"Question: How to Lock Down Firefox Addons\" rel=\"nofollow\" href=\"https://pastebin.com/6p82zt3g\"\u003eQuestion: How to Lock Down Firefox Addons\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Locking preferences - MozillaZine Knowledge Base\" rel=\"nofollow\" href=\"http://kb.mozillazine.org/Locking_preferences\"\u003eLocking preferences - MozillaZine Knowledge Base\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"CCK2 Firefox Lockdown Tool\" rel=\"nofollow\" href=\"https://mike.kaply.com/cck2/\"\u003eCCK2 Firefox Lockdown Tool\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Question: Namespaces and sandboxing\" rel=\"nofollow\" href=\"https://pastebin.com/ghMc0Nvi\"\u003eQuestion: Namespaces and sandboxing\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Linux Sandboxing\" rel=\"nofollow\" href=\"https://chromium.googlesource.com/chromium/src/+/lkcr/docs/linux_sandboxing.md\"\u003eLinux Sandboxing\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Firejail\" rel=\"nofollow\" href=\"https://firejail.wordpress.com/\"\u003eFirejail\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"New variants, bad patches, busted microcode and devastated performance. It’s a TechSNAP  Meltdown and Spectre check up.","date_published":"2018-02-22T12:00:00.000-08:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/3ad2e9bb-44f4-4889-8c42-992309c470df.mp3","mime_type":"audio/mpeg","size_in_bytes":23510211,"duration_in_seconds":1913}]},{"id":"0d9f7516-90f2-4dd5-82e4-3bb92e6de943","title":"Episode 356: The Concern with Containers","url":"https://techsnap.systems/356","content_text":"The problems containers can’t solve, nasty security flaws in Skype and Telegram, and Cisco discovers they have a bigger issue on their hands then first realized. \n\nAnd the latest jaw-dropping techniques to extract data from air-gapped systems.Sponsored By:Ting: Save $25 off a device, or get $25 in service credits! Promo Code: Visit techsnap.ting.comDigital Ocean: Apply our promo snapocean after you create your account, and get a $10 credit. Promo Code: snapoceaniXSystems: Get a system purpose built for you. Promo Code: Tell them we sent you!Links:Skype can't fix a nasty security bug without a massive code rewrite — The bug grants a low-level user access to every corner of the operating system.Zero-day vulnerability in Telegram — The special nonprinting right-to-left override (RLO) character is used to reverse the order of the characters that come after that character in the string. In the Unicode character table, it is represented as ‘U+202E’; one area of legitimate use is when typing Arabic text. In an attack, this character can be used to mislead the victim. It is usually used when displaying the name and extension of an executable file: a piece of software vulnerable to this sort of attack will display the filename incompletely or in reverse.Cisco Adaptive Security Appliance Remote Code Execution and Denial of Service Vulnerability — After further investigation, Cisco has identified additional attack vectors and features that are affected by this vulnerability. In addition, it was also found that the original fix was incomplete so new fixed code versions are now available. Microsoft To Embrace Decentralized Identity Systems Built On Bitcoin And Other Blockchains — In a new post today, Microsoft announced their embrace of public blockchains, such as Bitcoin and Ethereum, for use in decentralized identity systems.XRballer comments on The Stolen XRB has already been Redistributed/Sold Off — But this check was only on java-script client side, you find the js which is sending the request, then you inspect element - console, and run the java-script manually, to send a request for withdrawal of a higher amount than in your balance.Containers Will Not Fix Your Broken Culture — Spoiler alert: the solutions to many difficulties that seem technical can be found by examining our interactions with others. Let's talk about five things you'll want to know when working with those pesky creatures known as humans.Escaping Sensitive Data from Faraday-Caged, Air-Gapped Computers via Magnetic Fields — In this paper, we show how attackers can bypass Faraday cages and air-gaps in order to leak data from highly secure computers. Feedback: BeyondCorpFeedback: MgmtFeedback: SuperMicro Mobo?Super Micro Computer X8DTN+","content_html":"\u003cp\u003eThe problems containers can’t solve, nasty security flaws in Skype and Telegram, and Cisco discovers they have a bigger issue on their hands then first realized. \u003c/p\u003e\n\n\u003cp\u003eAnd the latest jaw-dropping techniques to extract data from air-gapped systems.\u003c/p\u003e\u003cp\u003eSponsored By:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"http://techsnap.ting.com\"\u003eTing\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"http://techsnap.ting.com\"\u003eSave $25 off a device, or get $25 in service credits!\u003c/a\u003e Promo Code: Visit techsnap.ting.com\u003c/li\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"https://do.co/snap\"\u003eDigital Ocean\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"https://do.co/snap\"\u003eApply our promo snapocean after you create your account, and get a $10 credit.\u003c/a\u003e Promo Code: snapocean\u003c/li\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"http://ixsystems.com/techsnap\"\u003eiXSystems\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"http://ixsystems.com/techsnap\"\u003eGet a system purpose built for you.\u003c/a\u003e Promo Code: Tell them we sent you!\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Skype can\u0026#39;t fix a nasty security bug without a massive code rewrite\" rel=\"nofollow\" href=\"http://www.zdnet.com/article/skype-cannot-fix-security-bug-without-a-massive-code-rewrite/\"\u003eSkype can\u0026#39;t fix a nasty security bug without a massive code rewrite\u003c/a\u003e \u0026mdash; The bug grants a low-level user access to every corner of the operating system.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Zero-day vulnerability in Telegram\" rel=\"nofollow\" href=\"https://securelist.com/zero-day-vulnerability-in-telegram/83800/\"\u003eZero-day vulnerability in Telegram\u003c/a\u003e \u0026mdash; The special nonprinting right-to-left override (RLO) character is used to reverse the order of the characters that come after that character in the string. In the Unicode character table, it is represented as ‘U+202E’; one area of legitimate use is when typing Arabic text. In an attack, this character can be used to mislead the victim. It is usually used when displaying the name and extension of an executable file: a piece of software vulnerable to this sort of attack will display the filename incompletely or in reverse.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Cisco Adaptive Security Appliance Remote Code Execution and Denial of Service Vulnerability\" rel=\"nofollow\" href=\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180129-asa1?source=infected.io-telegram\"\u003eCisco Adaptive Security Appliance Remote Code Execution and Denial of Service Vulnerability\u003c/a\u003e \u0026mdash; After further investigation, Cisco has identified additional attack vectors and features that are affected by this vulnerability. In addition, it was also found that the original fix was incomplete so new fixed code versions are now available. \u003c/li\u003e\u003cli\u003e\u003ca title=\"Microsoft To Embrace Decentralized Identity Systems Built On Bitcoin And Other Blockchains\" rel=\"nofollow\" href=\"https://www.forbes.com/sites/ktorpey/2018/02/12/microsoft-to-embrace-decentralized-identity-systems-built-on-bitcoin-and-other-blockchains/#76af78a45ada\"\u003eMicrosoft To Embrace Decentralized Identity Systems Built On Bitcoin And Other Blockchains\u003c/a\u003e \u0026mdash; In a new post today, Microsoft announced their embrace of public blockchains, such as Bitcoin and Ethereum, for use in decentralized identity systems.\u003c/li\u003e\u003cli\u003e\u003ca title=\"XRballer comments on The Stolen XRB has already been Redistributed/Sold Off\" rel=\"nofollow\" href=\"https://www.reddit.com/r/CryptoCurrency/comments/7wonkf/the_stolen_xrb_has_already_been_redistributedsold/du215tr/\"\u003eXRballer comments on The Stolen XRB has already been Redistributed/Sold Off\u003c/a\u003e \u0026mdash; But this check was only on java-script client side, you find the js which is sending the request, then you inspect element - console, and run the java-script manually, to send a request for withdrawal of a higher amount than in your balance.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Containers Will Not Fix Your Broken Culture\" rel=\"nofollow\" href=\"https://queue.acm.org/detail.cfm?id=3185224\"\u003eContainers Will Not Fix Your Broken Culture\u003c/a\u003e \u0026mdash; Spoiler alert: the solutions to many difficulties that seem technical can be found by examining our interactions with others. Let's talk about five things you'll want to know when working with those pesky creatures known as humans.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Escaping Sensitive Data from Faraday-Caged, Air-Gapped Computers via Magnetic Fields\" rel=\"nofollow\" href=\"https://arxiv.org/abs/1802.02700\"\u003eEscaping Sensitive Data from Faraday-Caged, Air-Gapped Computers via Magnetic Fields\u003c/a\u003e \u0026mdash; In this paper, we show how attackers can bypass Faraday cages and air-gaps in order to leak data from highly secure computers. \u003c/li\u003e\u003cli\u003e\u003ca title=\"Feedback: BeyondCorp\" rel=\"nofollow\" href=\"http://pastedown.ctrl-c.us/#RP5t3LFg3gLPAoBi70ua6IyQJGo.markdown\"\u003eFeedback: BeyondCorp\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Feedback: Mgmt\" rel=\"nofollow\" href=\"http://pastedown.ctrl-c.us/#2jhTp3-geBThElev10Bg9oFRHm4.markdown\"\u003eFeedback: Mgmt\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Feedback: SuperMicro Mobo?\" rel=\"nofollow\" href=\"http://pastedown.ctrl-c.us/#U4lx-Ttdf1fcuRyMeWoF6JKsNVo.markdown\"\u003eFeedback: SuperMicro Mobo?\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Super Micro Computer X8DTN+\" rel=\"nofollow\" href=\"https://www.supermicro.com/products/motherboard/QPI/5500/X8DTN_.cfm?IPMI=O\"\u003eSuper Micro Computer X8DTN+\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"The problems containers can’t solve, nasty security flaws in Skype and Telegram, and Cisco discovers they have a bigger issue on their hands then first realized. ","date_published":"2018-02-15T13:00:00.000-08:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/0d9f7516-90f2-4dd5-82e4-3bb92e6de943.mp3","mime_type":"audio/mpeg","size_in_bytes":27434183,"duration_in_seconds":2243}]},{"id":"fa6f72dd-e0ec-4839-b2fb-f1651ecbeda4","title":"Episode 355: Operation FreeNAS Rescue","url":"https://techsnap.systems/355","content_text":"We save our FreeNAS Mini from the edge, and perform an emergency migration to much larger hardware. \n\nPlus 12 tips for secure authentication, the future of network security where there is no LAN, a botnet exploiting Android ADB, and your questions.Sponsored By:iXSystems: Get a system purpose built for you. Promo Code: Tell them we sent you!Ting: Save $25 off a device, or get $25 in service credits! Promo Code: Visit techsnap.ting.comDigital Ocean: Apply our promo snapocean after you create your account, and get a $10 credit. Promo Code: snapoceanLinks:In just 24 hours, 5,000 Android devices are conscripted into mining botnet — A fast-moving botnet that appeared over the weekend has already infected thousands of Android devices with potentially destructive malware that mines digital coins on behalf of the unknown attackers, researchers said.12 best practices for user account, authorization and password management — Account management, authorization and password management can be tricky. For many developers, account management is a dark corner that doesn't get enough attention. For product managers and customers, the resulting experience often falls short of expectations. Google’s Zero Trust 'BeyondCorp' Infrastructure Shows Future Of Network Security — Google started changing its network security policies to a new model of “zero trust,” which treats its own internal network as the insecure Internet. Google released a new paper detailing how this new model works for its network security policies. Google dedicates engineering team to accelerate development of WordPress ecosystem — Google's partnership with WordPress aims to jump-start the platform's support of the latest web technologies -- particularly those involving performance \u0026amp; mobile experience. And they're hiring WordPress experts.UNIXSurplus — UNIXSurplus is a multi-level provider of new and refurbished custom built servers, storage solutions and computer equipment.  FreeNAS Storage Operating System — FreeNAS is an operating system that can be installed on virtually any hardware platform to share data over a network. FreeNAS is the simplest way to create a centralized and easily accessible place for your data. Use FreeNAS with ZFS to protect, store, backup, all of your data. FreeNAS is used everywhere, for the home, small business, and the enterprise.","content_html":"\u003cp\u003eWe save our FreeNAS Mini from the edge, and perform an emergency migration to much larger hardware. \u003c/p\u003e\n\n\u003cp\u003ePlus 12 tips for secure authentication, the future of network security where there is no LAN, a botnet exploiting Android ADB, and your questions.\u003c/p\u003e\u003cp\u003eSponsored By:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"http://ixsystems.com/techsnap\"\u003eiXSystems\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"http://ixsystems.com/techsnap\"\u003eGet a system purpose built for you.\u003c/a\u003e Promo Code: Tell them we sent you!\u003c/li\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"http://techsnap.ting.com\"\u003eTing\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"http://techsnap.ting.com\"\u003eSave $25 off a device, or get $25 in service credits!\u003c/a\u003e Promo Code: Visit techsnap.ting.com\u003c/li\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"https://do.co/snap\"\u003eDigital Ocean\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"https://do.co/snap\"\u003eApply our promo snapocean after you create your account, and get a $10 credit.\u003c/a\u003e Promo Code: snapocean\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"In just 24 hours, 5,000 Android devices are conscripted into mining botnet\" rel=\"nofollow\" href=\"https://arstechnica.com/information-technology/2018/02/out-of-nowhere-currency-mining-botnet-infects-5000-android-devices/\"\u003eIn just 24 hours, 5,000 Android devices are conscripted into mining botnet\u003c/a\u003e \u0026mdash; A fast-moving botnet that appeared over the weekend has already infected thousands of Android devices with potentially destructive malware that mines digital coins on behalf of the unknown attackers, researchers said.\u003c/li\u003e\u003cli\u003e\u003ca title=\"12 best practices for user account, authorization and password management\" rel=\"nofollow\" href=\"https://cloudplatform.googleblog.com/2018/01/12-best-practices-for-user-account.html\"\u003e12 best practices for user account, authorization and password management\u003c/a\u003e \u0026mdash; Account management, authorization and password management can be tricky. For many developers, account management is a dark corner that doesn't get enough attention. For product managers and customers, the resulting experience often falls short of expectations. \u003c/li\u003e\u003cli\u003e\u003ca title=\"Google’s Zero Trust \u0026#39;BeyondCorp\u0026#39; Infrastructure Shows Future Of Network Security\" rel=\"nofollow\" href=\"http://www.tomsitpro.com/articles/google-beyondcorp-future-network-security,1-3229.html\"\u003eGoogle’s Zero Trust \u0026#39;BeyondCorp\u0026#39; Infrastructure Shows Future Of Network Security\u003c/a\u003e \u0026mdash; Google started changing its network security policies to a new model of “zero trust,” which treats its own internal network as the insecure Internet. Google released a new paper detailing how this new model works for its network security policies. \u003c/li\u003e\u003cli\u003e\u003ca title=\"Google dedicates engineering team to accelerate development of WordPress ecosystem\" rel=\"nofollow\" href=\"https://searchengineland.com/need-speed-google-dedicates-engineering-team-accelerate-development-wordpress-ecosystem-291214\"\u003eGoogle dedicates engineering team to accelerate development of WordPress ecosystem\u003c/a\u003e \u0026mdash; Google's partnership with WordPress aims to jump-start the platform's support of the latest web technologies -- particularly those involving performance \u0026 mobile experience. And they're hiring WordPress experts.\u003c/li\u003e\u003cli\u003e\u003ca title=\"UNIXSurplus\" rel=\"nofollow\" href=\"https://unixsurplus.com/\"\u003eUNIXSurplus\u003c/a\u003e \u0026mdash; UNIXSurplus is a multi-level provider of new and refurbished custom built servers, storage solutions and computer equipment.  \u003c/li\u003e\u003cli\u003e\u003ca title=\"FreeNAS Storage Operating System\" rel=\"nofollow\" href=\"http://www.freenas.org/\"\u003eFreeNAS Storage Operating System\u003c/a\u003e \u0026mdash; FreeNAS is an operating system that can be installed on virtually any hardware platform to share data over a network. FreeNAS is the simplest way to create a centralized and easily accessible place for your data. Use FreeNAS with ZFS to protect, store, backup, all of your data. FreeNAS is used everywhere, for the home, small business, and the enterprise.\u003c/li\u003e\u003c/ul\u003e","summary":"We save our FreeNAS Mini from the edge, and perform an emergency migration to much larger hardware. ","date_published":"2018-02-08T11:00:00.000-08:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/fa6f72dd-e0ec-4839-b2fb-f1651ecbeda4.mp3","mime_type":"audio/mpeg","size_in_bytes":30142642,"duration_in_seconds":2413}]},{"id":"e2e1b46b-2f05-465f-821b-95680dc0cda0","title":"Episode 354: Here Come the Script Kiddies","url":"https://techsnap.systems/354","content_text":"AutoSploit has the security industry in a panic, so we give it a go. To our surprise we discover systems at the DOD, Amazon, and other places vulnerable to this automated attack. We’ll tell you all about it, and what these 400 lines of Python known as AutoSploit really do.\n\nPlus injecting arbitrary waveforms into Alexa and Google Assistant commands, making WordPress bulletproof, and how to detect and prevent excessive port scan attacks.Sponsored By:Digital Ocean: Apply our promo snapocean after you create your account, and get a $10 credit. Promo Code: snapoceanTing: Save $25 off a device, or get $25 in service credits! Promo Code: Visit techsnap.ting.comiXSystems: Get a system purpose built for you. Promo Code: Tell them we sent you!Links:Audio Adversarial Examples — We have constructed targeted audio adversarial examples on speech-to-text transcription neural networks: given an arbitrary waveform, we can make a small perturbation that when added to the original waveform causes it to transcribe as any phrase we choose.Keylogger found on thousands of WordPress-based sites, stealing every keypress as you type — But, in a twist, this particular attack isn’t just interested in mining Monero. While the website’s front-end is digging for cryptocurrencies, the back-end is secretly hosting a keylogger designed to steal unsuspecting users’ login credentials.Qubes Air: Generalizing the Qubes Architecture | Qubes OS — Qubes Air is the next step on our roadmap to making the concept of “Security through Compartmentalization” applicable to more scenarios. It is also an attempt to address some of the biggest problems and weaknesses plaguing the current implementation of Qubes, specifically the difficulty of deployment and virtualization as a single point of failure. While Qubes-as-a-Service is one natural application that could be built on top of Qubes Air, it is certainly not the only one. We have also discussed running Qubes over clusters of physically isolated devices, as well as various hybrid scenarios. I believe the approach to security that Qubes has been implementing for years will continue to be valid for years to come, even in a world of apps-as-a-service.Making network authentication simple in a Bring Your Own Device environment — In this article, we explore in depth the challenges we faced regarding compatibility, security, and user experience, and the solutions we came up with. We explain how we combined 802.1X authentication (wired \u0026amp; wireless) and per-subscriber VLANs to offer our users a quality Internet experience.“Autosploit” tool sparks fears of empowered “script kiddies” —  \"AutoSploit attempts to automate the exploitation of remote hosts.\"AutoSploit: Automated Mass Exploiter — Clone the repo. Or deploy via Docker.How To Use psad to Detect Network Intrusion Attempts — The key to using psad effectively is to configure danger levels and email alerts appropriately, and then follow up on any problems. This tool, coupled with other intrusion detection resources like tripwire can provide fairly good coverage to be able to detect intrusion attempts.Portainer: Simple management UI for DockerWhat is iSCSI (Internet Small Computer System Interface)","content_html":"\u003cp\u003eAutoSploit has the security industry in a panic, so we give it a go. To our surprise we discover systems at the DOD, Amazon, and other places vulnerable to this automated attack. We’ll tell you all about it, and what these 400 lines of Python known as AutoSploit really do.\u003c/p\u003e\n\n\u003cp\u003ePlus injecting arbitrary waveforms into Alexa and Google Assistant commands, making WordPress bulletproof, and how to detect and prevent excessive port scan attacks.\u003c/p\u003e\u003cp\u003eSponsored By:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"https://do.co/snap\"\u003eDigital Ocean\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"https://do.co/snap\"\u003eApply our promo snapocean after you create your account, and get a $10 credit.\u003c/a\u003e Promo Code: snapocean\u003c/li\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"http://techsnap.ting.com\"\u003eTing\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"http://techsnap.ting.com\"\u003eSave $25 off a device, or get $25 in service credits!\u003c/a\u003e Promo Code: Visit techsnap.ting.com\u003c/li\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"http://ixsystems.com/techsnap\"\u003eiXSystems\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"http://ixsystems.com/techsnap\"\u003eGet a system purpose built for you.\u003c/a\u003e Promo Code: Tell them we sent you!\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Audio Adversarial Examples\" rel=\"nofollow\" href=\"https://nicholas.carlini.com/code/audio_adversarial_examples/\"\u003eAudio Adversarial Examples\u003c/a\u003e \u0026mdash; We have constructed targeted audio adversarial examples on speech-to-text transcription neural networks: given an arbitrary waveform, we can make a small perturbation that when added to the original waveform causes it to transcribe as any phrase we choose.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Keylogger found on thousands of WordPress-based sites, stealing every keypress as you type\" rel=\"nofollow\" href=\"https://hotforsecurity.bitdefender.com/blog/keylogger-found-on-thousands-of-wordpress-based-sites-stealing-every-keypress-as-you-type-19501.html\"\u003eKeylogger found on thousands of WordPress-based sites, stealing every keypress as you type\u003c/a\u003e \u0026mdash; But, in a twist, this particular attack isn’t just interested in mining Monero. While the website’s front-end is digging for cryptocurrencies, the back-end is secretly hosting a keylogger designed to steal unsuspecting users’ login credentials.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Qubes Air: Generalizing the Qubes Architecture | Qubes OS\" rel=\"nofollow\" href=\"https://www.qubes-os.org/news/2018/01/22/qubes-air/\"\u003eQubes Air: Generalizing the Qubes Architecture | Qubes OS\u003c/a\u003e \u0026mdash; Qubes Air is the next step on our roadmap to making the concept of “Security through Compartmentalization” applicable to more scenarios. It is also an attempt to address some of the biggest problems and weaknesses plaguing the current implementation of Qubes, specifically the difficulty of deployment and virtualization as a single point of failure. While Qubes-as-a-Service is one natural application that could be built on top of Qubes Air, it is certainly not the only one. We have also discussed running Qubes over clusters of physically isolated devices, as well as various hybrid scenarios. I believe the approach to security that Qubes has been implementing for years will continue to be valid for years to come, even in a world of apps-as-a-service.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Making network authentication simple in a Bring Your Own Device environment\" rel=\"nofollow\" href=\"https://medium.com/@anatole.beuzon/making-network-authentication-simple-in-a-bring-your-own-device-environment-9080baf39617\"\u003eMaking network authentication simple in a Bring Your Own Device environment\u003c/a\u003e \u0026mdash; In this article, we explore in depth the challenges we faced regarding compatibility, security, and user experience, and the solutions we came up with. We explain how we combined 802.1X authentication (wired \u0026 wireless) and per-subscriber VLANs to offer our users a quality Internet experience.\u003c/li\u003e\u003cli\u003e\u003ca title=\"“Autosploit” tool sparks fears of empowered “script kiddies”\" rel=\"nofollow\" href=\"https://arstechnica.com/information-technology/2018/02/threat-or-menace-autosploit-tool-sparks-fears-of-empowered-script-kiddies/\"\u003e“Autosploit” tool sparks fears of empowered “script kiddies”\u003c/a\u003e \u0026mdash;  \"AutoSploit attempts to automate the exploitation of remote hosts.\"\u003c/li\u003e\u003cli\u003e\u003ca title=\"AutoSploit: Automated Mass Exploiter\" rel=\"nofollow\" href=\"https://github.com/NullArray/AutoSploit\"\u003eAutoSploit: Automated Mass Exploiter\u003c/a\u003e \u0026mdash; Clone the repo. Or deploy via Docker.\u003c/li\u003e\u003cli\u003e\u003ca title=\"How To Use psad to Detect Network Intrusion Attempts\" rel=\"nofollow\" href=\"https://www.digitalocean.com/community/tutorials/how-to-use-psad-to-detect-network-intrusion-attempts-on-an-ubuntu-vps\"\u003eHow To Use psad to Detect Network Intrusion Attempts\u003c/a\u003e \u0026mdash; The key to using psad effectively is to configure danger levels and email alerts appropriately, and then follow up on any problems. This tool, coupled with other intrusion detection resources like tripwire can provide fairly good coverage to be able to detect intrusion attempts.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Portainer: Simple management UI for Docker\" rel=\"nofollow\" href=\"https://github.com/portainer/portainer\"\u003ePortainer: Simple management UI for Docker\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"What is iSCSI (Internet Small Computer System Interface)\" rel=\"nofollow\" href=\"http://searchstorage.techtarget.com/definition/iSCSI\"\u003eWhat is iSCSI (Internet Small Computer System Interface)\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"AutoSploit has the security industry in a panic, so we give it a go. To our surprise we discover systems at the DOD, Amazon, and other places vulnerable to this automated attack. We’ll tell you all about it, and what these 400 lines of Python known as AutoSploit really do.","date_published":"2018-02-01T18:00:00.000-08:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/e2e1b46b-2f05-465f-821b-95680dc0cda0.mp3","mime_type":"audio/mp3","size_in_bytes":38049693,"duration_in_seconds":3119}]},{"id":"76cf88a2-f5d9-4dba-b314-f9f00e3767df","title":"Episode 353: Too Many Containers","url":"https://techsnap.systems/353","content_text":"We introduce you to Kubernetes, what problems it solves, why everyone is talking about it, and where it came from. Also who shouldn’t be using Kubernetes, and the problems you can run into when scaling it.\n\nPlus how you can store files in others DNS resolver cache, Project Zero finds a new BitTorrent client flaw, and more.Sponsored By:Ting: Save $25 off a device, or get $25 in service credits! Promo Code: Visit techsnap.ting.comiXSystems: Get a system purpose built for you. Promo Code: Tell them we sent you!Digital Ocean: Apply our promo snapocean after you create your account, and get a $10 credit. Promo Code: snapoceanLinks:DNSFS. Store your files in others DNS resolver caches — The DNSFS code is a relatively simple system, every file uploaded is split into 180 byte chunks, and those chunks are “set” inside caches by querying the DNSFS node via the public resolver for a TXT record. After a few seconds the data is removed from DNSFS memory and the data is no longer on the client computer.BPF - the forgotten bytecode — BPF is an absolutely marvelous and flexible way of filtering packets.dnsfs: Store your data in others DNS revolvers cache — Store your data in others DNS revolvers cacheUnauthenticated LAN remote code execution in AsusWRT — However due to a number of coding errors, it is possible for an unauthenticated attacker in the LAN to achieve remote code execution in the router as the root user.AI is moving towards acceptance in cyber security, says Check Point — Artificial intelligence is well on its way to being a useful tool in the cyber security professional’s kit, but according to Check Point, there are still big challenges to overcome.Alphabet is launching a new CyberSecurity unit. — Alphabet, the parent company of Google, announced today that they will be launching Chronicle, a new business unit that will focus on Cyber Security, using their servers and infrastructure. The new organization hopes to focus on machine learning and artificial intelligence to assist in the fight against cybercrime moving forward.\r\n\r\nGoogle Project Zero claims new BitTorrent flaw could enable cyber crooks get into users' PCs — According to Project Zero, the client is vulnerable to a DNS re-binding attack that effectively tricks the PC into accepting requests via port 9091 from malicious websites that it would (and should) ordinarly ignore. CVE-2018-5702: Mitigate dns rebinding attacks against daemon by taviso · Pull Request #468Blizzard Fixes DNS Rebinding Flaw that Put All the Company's Users at RiskWhat is DNS rebinding, in layman's terms?An Introduction to Kubernetes — Kubernetes, at its basic level, is a system for managing containerized applications across a cluster of nodes. In many ways, Kubernetes was designed to address the disconnect between the way that modern, clustered infrastructure is designed, and some of the assumptions that most applications and services have about their environments.What is Kubernetes? — Kubernetes was originally developed and designed by engineers at Google. Google was one of the early contributors to Linux container technology and has talked publicly about how everything at Google runs in containers. (This is the technology behind Google’s cloud services.) Google generates more than 2 billion container deployments a week—all powered by an internal platform: Borg. Borg was the predecessor to Kubernetes and the lessons learned from developing Borg over the years became the primary influence behind much of the Kubernetes technology.Scaling Kubernetes to 2,500 Nodes — We’ve been running Kubernetes for deep learning research for over two years. While our largest-scale workloads manage bare cloud VMs directly, Kubernetes provides a fast iteration cycle, reasonable scalability, and a lack of boilerplate which makes it ideal for most of our experiments.Feedback: Talk more about Windows — I listened to your intro to change management and it seemed like it will be very Linux centric (\"everything is she\"). I'm future segments, please try to include windows desktop and server OS as well.Question: Starting with Ansible Quick — Are there any way to get started other than writing a playbook and trying it out with trial and error?Ansible Best Practises: A project structure that outlines some best practises of how to use ansible — A project structure that outlines some best practises of how to use ansibleansible-console: An Interactive REPL for Ansible — omething found out recently is that Ansible has an interactive REPL of sorts in ansible-console for doing some adhoc things on a collection of hosts.Introduction To Ad-Hoc Commands — Ansible Documentation — An ad-hoc command is something that you might type in to do something really quick, but don’t want to save for later.\r\n\r\nAbout the security content of macOS High Sierra 10.13.3, Security Update 2018-001 Sierra, and Security Update 2018-001 El Capitan - Apple Support — This document describes the security content of macOS High Sierra 10.13.3, Security Update 2018-001 Sierra, and Security Update 2018-001 El Capitan.\r\n\r\n","content_html":"\u003cp\u003eWe introduce you to Kubernetes, what problems it solves, why everyone is talking about it, and where it came from. Also who shouldn’t be using Kubernetes, and the problems you can run into when scaling it.\u003c/p\u003e\n\n\u003cp\u003ePlus how you can store files in others DNS resolver cache, Project Zero finds a new BitTorrent client flaw, and more.\u003c/p\u003e\u003cp\u003eSponsored By:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"http://techsnap.ting.com\"\u003eTing\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"http://techsnap.ting.com\"\u003eSave $25 off a device, or get $25 in service credits!\u003c/a\u003e Promo Code: Visit techsnap.ting.com\u003c/li\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"http://ixsystems.com/techsnap\"\u003eiXSystems\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"http://ixsystems.com/techsnap\"\u003eGet a system purpose built for you.\u003c/a\u003e Promo Code: Tell them we sent you!\u003c/li\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"https://do.co/snap\"\u003eDigital Ocean\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"https://do.co/snap\"\u003eApply our promo snapocean after you create your account, and get a $10 credit.\u003c/a\u003e Promo Code: snapocean\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"DNSFS. Store your files in others DNS resolver caches\" rel=\"nofollow\" href=\"https://blog.benjojo.co.uk/post/dns-filesystem-true-cloud-storage-dnsfs\"\u003eDNSFS. Store your files in others DNS resolver caches\u003c/a\u003e \u0026mdash; The DNSFS code is a relatively simple system, every file uploaded is split into 180 byte chunks, and those chunks are “set” inside caches by querying the DNSFS node via the public resolver for a TXT record. After a few seconds the data is removed from DNSFS memory and the data is no longer on the client computer.\u003c/li\u003e\u003cli\u003e\u003ca title=\"BPF - the forgotten bytecode\" rel=\"nofollow\" href=\"https://blog.cloudflare.com/bpf-the-forgotten-bytecode/\"\u003eBPF - the forgotten bytecode\u003c/a\u003e \u0026mdash; BPF is an absolutely marvelous and flexible way of filtering packets.\u003c/li\u003e\u003cli\u003e\u003ca title=\"dnsfs: Store your data in others DNS revolvers cache\" rel=\"nofollow\" href=\"https://github.com/benjojo/dnsfs\"\u003ednsfs: Store your data in others DNS revolvers cache\u003c/a\u003e \u0026mdash; Store your data in others DNS revolvers cache\u003c/li\u003e\u003cli\u003e\u003ca title=\"Unauthenticated LAN remote code execution in AsusWRT\" rel=\"nofollow\" href=\"https://raw.githubusercontent.com/pedrib/PoC/master/advisories/asuswrt-lan-rce.txt\"\u003eUnauthenticated LAN remote code execution in AsusWRT\u003c/a\u003e \u0026mdash; However due to a number of coding errors, it is possible for an unauthenticated attacker in the LAN to achieve remote code execution in the router as the root user.\u003c/li\u003e\u003cli\u003e\u003ca title=\"AI is moving towards acceptance in cyber security, says Check Point\" rel=\"nofollow\" href=\"http://www.computerweekly.com/news/252433705/AI-is-moving-towards-acceptance-in-cyber-security-says-Check-Point\"\u003eAI is moving towards acceptance in cyber security, says Check Point\u003c/a\u003e \u0026mdash; Artificial intelligence is well on its way to being a useful tool in the cyber security professional’s kit, but according to Check Point, there are still big challenges to overcome.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Alphabet is launching a new CyberSecurity unit.\" rel=\"nofollow\" href=\"https://www.linkedin.com/pulse/alphabet-launching-new-cybersecurity-unit-justin-sleight/\"\u003eAlphabet is launching a new CyberSecurity unit.\u003c/a\u003e \u0026mdash; Alphabet, the parent company of Google, announced today that they will be launching Chronicle, a new business unit that will focus on Cyber Security, using their servers and infrastructure. The new organization hopes to focus on machine learning and artificial intelligence to assist in the fight against cybercrime moving forward.\r\n\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"Google Project Zero claims new BitTorrent flaw could enable cyber crooks get into users\u0026#39; PCs\" rel=\"nofollow\" href=\"https://www.v3.co.uk/v3-uk/news/3024532/google-project-zero-claims-new-bittorrent-flaw-could-enable-cyber-crooks-get-into-users-pcs\"\u003eGoogle Project Zero claims new BitTorrent flaw could enable cyber crooks get into users\u0026#39; PCs\u003c/a\u003e \u0026mdash; According to Project Zero, the client is vulnerable to a DNS re-binding attack that effectively tricks the PC into accepting requests via port 9091 from malicious websites that it would (and should) ordinarly ignore. \u003c/li\u003e\u003cli\u003e\u003ca title=\"CVE-2018-5702: Mitigate dns rebinding attacks against daemon by taviso · Pull Request #468\" rel=\"nofollow\" href=\"https://github.com/transmission/transmission/pull/468\"\u003eCVE-2018-5702: Mitigate dns rebinding attacks against daemon by taviso · Pull Request #468\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Blizzard Fixes DNS Rebinding Flaw that Put All the Company\u0026#39;s Users at Risk\" rel=\"nofollow\" href=\"https://www.bleepingcomputer.com/news/security/blizzard-fixes-dns-rebinding-flaw-that-put-all-the-companys-users-at-risk/\"\u003eBlizzard Fixes DNS Rebinding Flaw that Put All the Company\u0026#39;s Users at Risk\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"What is DNS rebinding, in layman\u0026#39;s terms?\" rel=\"nofollow\" href=\"https://www.quora.com/What-is-DNS-rebinding-in-laymans-terms\"\u003eWhat is DNS rebinding, in layman\u0026#39;s terms?\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"An Introduction to Kubernetes\" rel=\"nofollow\" href=\"https://www.digitalocean.com/community/tutorials/an-introduction-to-kubernetes\"\u003eAn Introduction to Kubernetes\u003c/a\u003e \u0026mdash; Kubernetes, at its basic level, is a system for managing containerized applications across a cluster of nodes. In many ways, Kubernetes was designed to address the disconnect between the way that modern, clustered infrastructure is designed, and some of the assumptions that most applications and services have about their environments.\u003c/li\u003e\u003cli\u003e\u003ca title=\"What is Kubernetes?\" rel=\"nofollow\" href=\"https://www.redhat.com/en/topics/containers/what-is-kubernetes\"\u003eWhat is Kubernetes?\u003c/a\u003e \u0026mdash; Kubernetes was originally developed and designed by engineers at Google. Google was one of the early contributors to Linux container technology and has talked publicly about how everything at Google runs in containers. (This is the technology behind Google’s cloud services.) Google generates more than 2 billion container deployments a week—all powered by an internal platform: Borg. Borg was the predecessor to Kubernetes and the lessons learned from developing Borg over the years became the primary influence behind much of the Kubernetes technology.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Scaling Kubernetes to 2,500 Nodes\" rel=\"nofollow\" href=\"https://blog.openai.com/scaling-kubernetes-to-2500-nodes/\"\u003eScaling Kubernetes to 2,500 Nodes\u003c/a\u003e \u0026mdash; We’ve been running Kubernetes for deep learning research for over two years. While our largest-scale workloads manage bare cloud VMs directly, Kubernetes provides a fast iteration cycle, reasonable scalability, and a lack of boilerplate which makes it ideal for most of our experiments.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Feedback: Talk more about Windows\" rel=\"nofollow\" href=\"https://slexy.org/view/s21GdmdxDs\"\u003eFeedback: Talk more about Windows\u003c/a\u003e \u0026mdash; I listened to your intro to change management and it seemed like it will be very Linux centric (\"everything is she\"). I'm future segments, please try to include windows desktop and server OS as well.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Question: Starting with Ansible Quick\" rel=\"nofollow\" href=\"https://slexy.org/view/s2sGYopuRw\"\u003eQuestion: Starting with Ansible Quick\u003c/a\u003e \u0026mdash; Are there any way to get started other than writing a playbook and trying it out with trial and error?\u003c/li\u003e\u003cli\u003e\u003ca title=\"Ansible Best Practises: A project structure that outlines some best practises of how to use ansible\" rel=\"nofollow\" href=\"https://github.com/enginyoyen/ansible-best-practises\"\u003eAnsible Best Practises: A project structure that outlines some best practises of how to use ansible\u003c/a\u003e \u0026mdash; A project structure that outlines some best practises of how to use ansible\u003c/li\u003e\u003cli\u003e\u003ca title=\"ansible-console: An Interactive REPL for Ansible\" rel=\"nofollow\" href=\"https://yobriefca.se/blog/2017/01/10/ansible-console-an-interactive-repl-for-ansible/\"\u003eansible-console: An Interactive REPL for Ansible\u003c/a\u003e \u0026mdash; omething found out recently is that Ansible has an interactive REPL of sorts in ansible-console for doing some adhoc things on a collection of hosts.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Introduction To Ad-Hoc Commands — Ansible Documentation\" rel=\"nofollow\" href=\"http://docs.ansible.com/ansible/latest/intro_adhoc.html\"\u003eIntroduction To Ad-Hoc Commands — Ansible Documentation\u003c/a\u003e \u0026mdash; An ad-hoc command is something that you might type in to do something really quick, but don’t want to save for later.\r\n\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"About the security content of macOS High Sierra 10.13.3, Security Update 2018-001 Sierra, and Security Update 2018-001 El Capitan - Apple Support\" rel=\"nofollow\" href=\"https://support.apple.com/en-us/HT208465\"\u003eAbout the security content of macOS High Sierra 10.13.3, Security Update 2018-001 Sierra, and Security Update 2018-001 El Capitan - Apple Support\u003c/a\u003e \u0026mdash; This document describes the security content of macOS High Sierra 10.13.3, Security Update 2018-001 Sierra, and Security Update 2018-001 El Capitan.\r\n\r\n\u003c/li\u003e\u003c/ul\u003e","summary":"We introduce you to Kubernetes, what problems it solves, why everyone is talking about it, and where it came from. Also who shouldn’t be using Kubernetes, and the problems you can run into when scaling it.","date_published":"2018-01-25T16:00:00.000-08:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/76cf88a2-f5d9-4dba-b314-f9f00e3767df.mp3","mime_type":"audio/mp3","size_in_bytes":31823746,"duration_in_seconds":2588}]},{"id":"a35e6ff5-f699-4f4a-b6dd-3f01fff2a445","title":"Episode 352: Stop Using apt-get ","url":"https://techsnap.systems/352","content_text":"And start using configuration management. Embrace reproducibility of systems, and streamlined management with TechSNAP’s introduction to Configuration Management.\n\nPlus the news of the week that could impact your systems, feedback, and more.Sponsored By:Digital Ocean: Apply our promo snapocean after you create your account, and get a $10 credit. Promo Code: snapoceaniXSystems: Get a system purpose built for you. Promo Code: Tell them we sent you!Ting: Save $25 off a device, or get $25 in service credits! Promo Code: Visit techsnap.ting.comLinks:SamSam Ransomware Hits Hospitals, City Councils, ICS Firms — The SamSam crew usually scans the Internet for computers with open RDP connections and they break into networks by brute-forcing these RDP endpoints to spread to more computers.\r\nRDP hijacking — how to hijack RDS and RemoteApp sessions transparently to move through an… — How you can very easily use Remote Desktop Services to gain lateral movement through a network, using no external software.EFF and Lookout Uncover New Malware Espionage Campaign Infecting Thousands Around the World — The trojanized apps, including Signal and WhatsApp, function like the legitimate apps and send and receive messages normally. However, the fake apps also allow the attackers to take photos, retrieve location information, capture audio, and more.Lenovo Discovers and Removes Backdoor in Networking Switches — Lenovo engineers have discovered a backdoor in the firmware of RackSwitch and BladeCenter networking switches. The company released firmware updates earlier this week.Intel says Meltdown / Spectre patch causes reboots in computers with newer processors too — Data center performance can degrade by up to 25 percent for certain workloads.VMware pulled Spectre patches on Friday. — Affected updates are the ones for ESXi under VMSA-2018-0004 that contained CPU microcode. Despite these being the affected patches, all of the patches under VMSA-2018-004 have been pulled.Spectre Mitigation Added To GCC 8, Seeking Backport To GCC 7 — The set of Spectre mitigation patches for the GNU Compiler Collection (GCC) were accepted to mainline and will be part of GCC 8 with the GCC 8.1 stable release that will likely be due out around March. This is on top of many other changes/features of GCC 8. New Linux Method to Check your System — grep . /sys/devices/system/cpu/vulnerabilities/*AMD Processor Security — AMD will make optional microcode updates available to our customers and partners for Ryzen and EPYC processors starting this week.Skyfall and SolaceAn Introduction to Configuration Management | DigitalOcean — As a broader subject, configuration management (CM) refers to the process of systematically handling changes to a system in a way that it maintains integrity over time. Even though this process was not originated in the IT industry, the term is broadly used to refer to server configuration managementConfiguration Management on the Desktop — It installs GNOME, sets up my wallpaper, applies my GTK/icon themes, sets up my keyboard shortcuts, etc. It also sets up my SSH keys, user dotfiles, OpenSSH config, and much more. ","content_html":"\u003cp\u003eAnd start using configuration management. Embrace reproducibility of systems, and streamlined management with TechSNAP’s introduction to Configuration Management.\u003c/p\u003e\n\n\u003cp\u003ePlus the news of the week that could impact your systems, feedback, and more.\u003c/p\u003e\u003cp\u003eSponsored By:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"https://do.co/snap\"\u003eDigital Ocean\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"https://do.co/snap\"\u003eApply our promo snapocean after you create your account, and get a $10 credit.\u003c/a\u003e Promo Code: snapocean\u003c/li\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"http://ixsystems.com/techsnap\"\u003eiXSystems\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"http://ixsystems.com/techsnap\"\u003eGet a system purpose built for you.\u003c/a\u003e Promo Code: Tell them we sent you!\u003c/li\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"http://techsnap.ting.com\"\u003eTing\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"http://techsnap.ting.com\"\u003eSave $25 off a device, or get $25 in service credits!\u003c/a\u003e Promo Code: Visit techsnap.ting.com\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"SamSam Ransomware Hits Hospitals, City Councils, ICS Firms\" rel=\"nofollow\" href=\"https://www.bleepingcomputer.com/news/security/samsam-ransomware-hits-hospitals-city-councils-ics-firms/\"\u003eSamSam Ransomware Hits Hospitals, City Councils, ICS Firms\u003c/a\u003e \u0026mdash; The SamSam crew usually scans the Internet for computers with open RDP connections and they break into networks by brute-forcing these RDP endpoints to spread to more computers.\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"RDP hijacking — how to hijack RDS and RemoteApp sessions transparently to move through an…\" rel=\"nofollow\" href=\"https://medium.com/@networksecurity/rdp-hijacking-how-to-hijack-rds-and-remoteapp-sessions-transparently-to-move-through-an-da2a1e73a5f6\"\u003eRDP hijacking — how to hijack RDS and RemoteApp sessions transparently to move through an…\u003c/a\u003e \u0026mdash; How you can very easily use Remote Desktop Services to gain lateral movement through a network, using no external software.\u003c/li\u003e\u003cli\u003e\u003ca title=\"EFF and Lookout Uncover New Malware Espionage Campaign Infecting Thousands Around the World\" rel=\"nofollow\" href=\"https://www.eff.org/press/releases/eff-and-lookout-uncover-new-malware-espionage-campaign-infecting-thousands-around\"\u003eEFF and Lookout Uncover New Malware Espionage Campaign Infecting Thousands Around the World\u003c/a\u003e \u0026mdash; The trojanized apps, including Signal and WhatsApp, function like the legitimate apps and send and receive messages normally. However, the fake apps also allow the attackers to take photos, retrieve location information, capture audio, and more.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Lenovo Discovers and Removes Backdoor in Networking Switches\" rel=\"nofollow\" href=\"https://www.bleepingcomputer.com/news/security/lenovo-discovers-and-removes-backdoor-in-networking-switches/\"\u003eLenovo Discovers and Removes Backdoor in Networking Switches\u003c/a\u003e \u0026mdash; Lenovo engineers have discovered a backdoor in the firmware of RackSwitch and BladeCenter networking switches. The company released firmware updates earlier this week.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Intel says Meltdown / Spectre patch causes reboots in computers with newer processors too\" rel=\"nofollow\" href=\"https://www.theverge.com/2018/1/18/16904726/intel-meltdown-spectre-fix-higher-reboots\"\u003eIntel says Meltdown / Spectre patch causes reboots in computers with newer processors too\u003c/a\u003e \u0026mdash; Data center performance can degrade by up to 25 percent for certain workloads.\u003c/li\u003e\u003cli\u003e\u003ca title=\"VMware pulled Spectre patches on Friday.\" rel=\"nofollow\" href=\"https://www.reddit.com/r/sysadmin/comments/7qjnfx/vmware_pulled_spectre_patches_on_friday/\"\u003eVMware pulled Spectre patches on Friday.\u003c/a\u003e \u0026mdash; Affected updates are the ones for ESXi under VMSA-2018-0004 that contained CPU microcode. Despite these being the affected patches, all of the patches under VMSA-2018-004 have been pulled.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Spectre Mitigation Added To GCC 8, Seeking Backport To GCC 7\" rel=\"nofollow\" href=\"https://www.phoronix.com/scan.php?page=news_item\u0026amp;px=GCC-8-Spectre-Mitigation-Lands\"\u003eSpectre Mitigation Added To GCC 8, Seeking Backport To GCC 7\u003c/a\u003e \u0026mdash; The set of Spectre mitigation patches for the GNU Compiler Collection (GCC) were accepted to mainline and will be part of GCC 8 with the GCC 8.1 stable release that will likely be due out around March. This is on top of many other changes/features of GCC 8. \u003c/li\u003e\u003cli\u003e\u003ca title=\"New Linux Method to Check your System\" rel=\"nofollow\" href=\"http://kroah.com/log/blog/2018/01/19/meltdown-status-2/\"\u003eNew Linux Method to Check your System\u003c/a\u003e \u0026mdash; grep . /sys/devices/system/cpu/vulnerabilities/*\u003c/li\u003e\u003cli\u003e\u003ca title=\"AMD Processor Security\" rel=\"nofollow\" href=\"https://www.amd.com/en/corporate/speculative-execution\"\u003eAMD Processor Security\u003c/a\u003e \u0026mdash; AMD will make optional microcode updates available to our customers and partners for Ryzen and EPYC processors starting this week.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Skyfall and Solace\" rel=\"nofollow\" href=\"https://skyfallattack.com/\"\u003eSkyfall and Solace\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"An Introduction to Configuration Management | DigitalOcean\" rel=\"nofollow\" href=\"https://www.digitalocean.com/community/tutorials/an-introduction-to-configuration-management\"\u003eAn Introduction to Configuration Management | DigitalOcean\u003c/a\u003e \u0026mdash; As a broader subject, configuration management (CM) refers to the process of systematically handling changes to a system in a way that it maintains integrity over time. Even though this process was not originated in the IT industry, the term is broadly used to refer to server configuration management\u003c/li\u003e\u003cli\u003e\u003ca title=\"Configuration Management on the Desktop\" rel=\"nofollow\" href=\"https://slexy.org/view/s23m6LwSnL\"\u003eConfiguration Management on the Desktop\u003c/a\u003e \u0026mdash; It installs GNOME, sets up my wallpaper, applies my GTK/icon themes, sets up my keyboard shortcuts, etc. It also sets up my SSH keys, user dotfiles, OpenSSH config, and much more. \u003c/li\u003e\u003c/ul\u003e","summary":"And start using configuration management. Embrace reproducibility of systems, and streamlined management with TechSNAP’s introduction to Configuration Management.\r\n","date_published":"2018-01-22T21:00:00.000-08:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/a35e6ff5-f699-4f4a-b6dd-3f01fff2a445.mp3","mime_type":"audio/mpeg","size_in_bytes":26958801,"duration_in_seconds":2200}]},{"id":"92c20700-9d53-4470-a263-d3e009a19100","title":"Episode 351: Performance Meltdown","url":"https://techsnap.systems/351","content_text":"The types of workloads that will see the largest performance impacts from Meltdown, tools to test yourself, and the outlook for 2018.\n\nPlus a concise breakdown of Meltdown, Spectre, and side-channel attacks like only TechSNAP can. \n\nThen we run through the timeline of events, and the scuttlebutt of so called coordinated disclosure. We also discuss yet another security issue in macOS High Sierra, a backdoor in popular storage appliances, your questions, and more!Sponsored By:Ting: Save $25 off a device, or get $25 in service credits! Promo Code: Visit techsnap.ting.comiXSystems: Get a system purpose built for you. Promo Code: Tell them we sent you!Digital Ocean: Apply our promo snapocean after you create your account, and get a $10 credit. Promo Code: snapoceanLinks:Meltdown and Spectre — Meltdown and Spectre exploit critical vulnerabilities in modern processors. The Meltdown and Spectre CPU Bugs, ExplainedHow we got to Spectre and Meltdown A Timeline My version of the timeline... — My version of the timeline on Spectre Meltdown. This post will be updated! If you want to add/correct something, please comment.How Tier 2 cloud vendors banded together to cope with Spectre and Meltdown | TechCrunch — Eventually six cloud providers — Scaleway, DigitalOcean, Packet, Vultr, Linode and OVH — formed a consortium of sorts to help one another and share information. In order to make the process more efficient, they started a Slack channel with CEOs, CTOs and engineers from the various companies sharing information and fixes as they became available.FreeBSD was made aware of Meltdown and Spectre in late December. There's currently no ETA for mitigation. — It looks like Dragonfly BSD has a patch, so hopefully that will be useful for FreeBSD.heads up: Fix for intel hardware bug will lead to performance regressions — Upcoming versions of the linux kernel (and apparently also windows and\r\nothers), will include new feature that apparently has been implemented\r\nwith haste to work around an intel hardware bug.AWS Developer Forums: Degraded performance — Immediately following the reboot my server running on this instance started to suffer from cpu stress.Google is pushing Retpoline — With Retpoline, we could protect our infrastructure at compile-time, with no source-code modifications. Furthermore, testing this feature, particularly when combined with optimizations such as software branch prediction hints, demonstrated that this protection came with almost no performance loss.\r\n\r\nPCID is now a critical performance/security feature on x86  — On any system that does not currently show \"pcid\" in the flags line of /proc/cpuinfo, Meltdown is a bigger issue than \"install latest updates\".\r\nSpectre \u0026amp; Meltdown vulnerability/mitigation checker for Linux — A simple shell script to tell if your Linux installation is vulnerable against the 3 \"speculative execution\" CVEs that were made public early 2018.Microsoft PowerShell Script to check for Meltdown — To help customers verify that protections are enabled, Microsoft has published a PowerShell script that customers can run on their systems. Install and run the script by running the following commands.\r\n\r\nWhy Raspberry Pi isn't vulnerable to Spectre or Meltdown — To help us understand why, here’s a little primer on some concepts in modern processor design. macOS High Sierra's App Store System Preferences Can Be Unlocked With Any Password — A bug report submitted on Open Radar this week has revealed a security flaw in the current version of macOS High Sierra that allows the App Store menu in System Preferences to be unlocked with any password. Major macOS High Sierra Bug Allows Full Admin Access Without PasswordWD My Cloud NAS devices have hard-wired backdoor — Lets anyone log in as user mydlinkBRionyg with the password abc12345cba.Question: How could I measure all of these overhead performance hits? — My question: how could I measure all of these overhead performance hits, so I can put in a well educated request to adjust all of these components, so I have a computer that performs near its capacity?PerfmonTroubleshooting with the Windows Sysinternals ToolsProcDumpProcess Monitor - Replaces filemonQuestion: MySQL Replication Woes — The problem is that during some larger deletes on the master, the tables on the slave get locked and the slave lag goes through the roof.. During this time all of my selects that have been sent to the slave are just sitting there and waiting for the table to unlock while the master is just fine.Ask Noah 44: Red Hat with Brandon JohnsonBSD Now 228: The Spectre of Meltdown","content_html":"\u003cp\u003eThe types of workloads that will see the largest performance impacts from Meltdown, tools to test yourself, and the outlook for 2018.\u003c/p\u003e\n\n\u003cp\u003ePlus a concise breakdown of Meltdown, Spectre, and side-channel attacks like only TechSNAP can. \u003c/p\u003e\n\n\u003cp\u003eThen we run through the timeline of events, and the scuttlebutt of so called coordinated disclosure. We also discuss yet another security issue in macOS High Sierra, a backdoor in popular storage appliances, your questions, and more!\u003c/p\u003e\u003cp\u003eSponsored By:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"http://techsnap.ting.com\"\u003eTing\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"http://techsnap.ting.com\"\u003eSave $25 off a device, or get $25 in service credits!\u003c/a\u003e Promo Code: Visit techsnap.ting.com\u003c/li\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"http://ixsystems.com/techsnap\"\u003eiXSystems\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"http://ixsystems.com/techsnap\"\u003eGet a system purpose built for you.\u003c/a\u003e Promo Code: Tell them we sent you!\u003c/li\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"https://do.co/snap\"\u003eDigital Ocean\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"https://do.co/snap\"\u003eApply our promo snapocean after you create your account, and get a $10 credit.\u003c/a\u003e Promo Code: snapocean\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Meltdown and Spectre\" rel=\"nofollow\" href=\"https://meltdownattack.com/\"\u003eMeltdown and Spectre\u003c/a\u003e \u0026mdash; Meltdown and Spectre exploit critical vulnerabilities in modern processors. \u003c/li\u003e\u003cli\u003e\u003ca title=\"The Meltdown and Spectre CPU Bugs, Explained\" rel=\"nofollow\" href=\"https://blog.barkly.com/meltdown-spectre-bugs-explained\"\u003eThe Meltdown and Spectre CPU Bugs, Explained\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"How we got to Spectre and Meltdown A Timeline My version of the timeline...\" rel=\"nofollow\" href=\"https://plus.google.com/+jwildeboer/posts/jj6a9JUaovP\"\u003eHow we got to Spectre and Meltdown A Timeline My version of the timeline...\u003c/a\u003e \u0026mdash; My version of the timeline on Spectre Meltdown. This post will be updated! If you want to add/correct something, please comment.\u003c/li\u003e\u003cli\u003e\u003ca title=\"How Tier 2 cloud vendors banded together to cope with Spectre and Meltdown | TechCrunch\" rel=\"nofollow\" href=\"https://techcrunch.com/2018/01/06/how-tier-2-cloud-vendors-banded-together-to-cope-with-spectre-and-meltdown/\"\u003eHow Tier 2 cloud vendors banded together to cope with Spectre and Meltdown | TechCrunch\u003c/a\u003e \u0026mdash; Eventually six cloud providers — Scaleway, DigitalOcean, Packet, Vultr, Linode and OVH — formed a consortium of sorts to help one another and share information. In order to make the process more efficient, they started a Slack channel with CEOs, CTOs and engineers from the various companies sharing information and fixes as they became available.\u003c/li\u003e\u003cli\u003e\u003ca title=\"FreeBSD was made aware of Meltdown and Spectre in late December. There\u0026#39;s currently no ETA for mitigation.\" rel=\"nofollow\" href=\"https://www.reddit.com/r/freebsd/comments/7och5a/freebsd_was_made_aware_of_meltdown_and_spectre_in/\"\u003eFreeBSD was made aware of Meltdown and Spectre in late December. There\u0026#39;s currently no ETA for mitigation.\u003c/a\u003e \u0026mdash; It looks like Dragonfly BSD has a patch, so hopefully that will be useful for FreeBSD.\u003c/li\u003e\u003cli\u003e\u003ca title=\"heads up: Fix for intel hardware bug will lead to performance regressions\" rel=\"nofollow\" href=\"https://www.postgresql.org/message-id/20180102222354.qikjmf7dvnjgbkxe@alap3.anarazel.de\"\u003eheads up: Fix for intel hardware bug will lead to performance regressions\u003c/a\u003e \u0026mdash; Upcoming versions of the linux kernel (and apparently also windows and\r\nothers), will include new feature that apparently has been implemented\r\nwith haste to work around an intel hardware bug.\u003c/li\u003e\u003cli\u003e\u003ca title=\"AWS Developer Forums: Degraded performance\" rel=\"nofollow\" href=\"https://forums.aws.amazon.com/thread.jspa?threadID=269858\"\u003eAWS Developer Forums: Degraded performance\u003c/a\u003e \u0026mdash; Immediately following the reboot my server running on this instance started to suffer from cpu stress.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Google is pushing Retpoline\" rel=\"nofollow\" href=\"https://www.blog.google/topics/google-cloud/protecting-our-google-cloud-customers-new-vulnerabilities-without-impacting-performance/\"\u003eGoogle is pushing Retpoline\u003c/a\u003e \u0026mdash; With Retpoline, we could protect our infrastructure at compile-time, with no source-code modifications. Furthermore, testing this feature, particularly when combined with optimizations such as software branch prediction hints, demonstrated that this protection came with almost no performance loss.\r\n\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"PCID is now a critical performance/security feature on x86 \" rel=\"nofollow\" href=\"http://archive.is/ma8Iw#selection-341.2-344.0\"\u003ePCID is now a critical performance/security feature on x86 \u003c/a\u003e \u0026mdash; On any system that does not currently show \"pcid\" in the flags line of /proc/cpuinfo, Meltdown is a bigger issue than \"install latest updates\".\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"Spectre \u0026amp; Meltdown vulnerability/mitigation checker for Linux\" rel=\"nofollow\" href=\"https://github.com/speed47/spectre-meltdown-checker\"\u003eSpectre \u0026amp; Meltdown vulnerability/mitigation checker for Linux\u003c/a\u003e \u0026mdash; A simple shell script to tell if your Linux installation is vulnerable against the 3 \"speculative execution\" CVEs that were made public early 2018.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Microsoft PowerShell Script to check for Meltdown\" rel=\"nofollow\" href=\"https://support.microsoft.com/en-gb/help/4073119/protect-against-speculative-execution-side-channel-vulnerabilities-in\"\u003eMicrosoft PowerShell Script to check for Meltdown\u003c/a\u003e \u0026mdash; To help customers verify that protections are enabled, Microsoft has published a PowerShell script that customers can run on their systems. Install and run the script by running the following commands.\r\n\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"Why Raspberry Pi isn\u0026#39;t vulnerable to Spectre or Meltdown\" rel=\"nofollow\" href=\"https://www.raspberrypi.org/blog/why-raspberry-pi-isnt-vulnerable-to-spectre-or-meltdown/\"\u003eWhy Raspberry Pi isn\u0026#39;t vulnerable to Spectre or Meltdown\u003c/a\u003e \u0026mdash; To help us understand why, here’s a little primer on some concepts in modern processor design. \u003c/li\u003e\u003cli\u003e\u003ca title=\"macOS High Sierra\u0026#39;s App Store System Preferences Can Be Unlocked With Any Password\" rel=\"nofollow\" href=\"https://www.macrumors.com/2018/01/10/macos-high-sierra-app-store-password-bug/\"\u003emacOS High Sierra\u0026#39;s App Store System Preferences Can Be Unlocked With Any Password\u003c/a\u003e \u0026mdash; A bug report submitted on Open Radar this week has revealed a security flaw in the current version of macOS High Sierra that allows the App Store menu in System Preferences to be unlocked with any password. \u003c/li\u003e\u003cli\u003e\u003ca title=\"Major macOS High Sierra Bug Allows Full Admin Access Without Password\" rel=\"nofollow\" href=\"https://www.macrumors.com/2017/11/28/macos-high-sierra-bug-admin-access/\"\u003eMajor macOS High Sierra Bug Allows Full Admin Access Without Password\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"WD My Cloud NAS devices have hard-wired backdoor\" rel=\"nofollow\" href=\"https://www.theregister.co.uk/2018/01/08/wd_mycloud_nas_backdoor/\"\u003eWD My Cloud NAS devices have hard-wired backdoor\u003c/a\u003e \u0026mdash; Lets anyone log in as user mydlinkBRionyg with the password abc12345cba.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Question: How could I measure all of these overhead performance hits?\" rel=\"nofollow\" href=\"https://slexy.org/view/s2hNxl4Ras\"\u003eQuestion: How could I measure all of these overhead performance hits?\u003c/a\u003e \u0026mdash; My question: how could I measure all of these overhead performance hits, so I can put in a well educated request to adjust all of these components, so I have a computer that performs near its capacity?\u003c/li\u003e\u003cli\u003e\u003ca title=\"Perfmon\" rel=\"nofollow\" href=\"https://technet.microsoft.com/en-us/library/bb490957.aspx\"\u003ePerfmon\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Troubleshooting with the Windows Sysinternals Tools\" rel=\"nofollow\" href=\"https://docs.microsoft.com/en-us/sysinternals/learn/troubleshooting-book\"\u003eTroubleshooting with the Windows Sysinternals Tools\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"ProcDump\" rel=\"nofollow\" href=\"https://docs.microsoft.com/en-us/sysinternals/downloads/procdump\"\u003eProcDump\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Process Monitor - Replaces filemon\" rel=\"nofollow\" href=\"https://docs.microsoft.com/en-us/sysinternals/downloads/procmon\"\u003eProcess Monitor - Replaces filemon\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Question: MySQL Replication Woes\" rel=\"nofollow\" href=\"https://slexy.org/view/s2iRKPgsGI\"\u003eQuestion: MySQL Replication Woes\u003c/a\u003e \u0026mdash; The problem is that during some larger deletes on the master, the tables on the slave get locked and the slave lag goes through the roof.. During this time all of my selects that have been sent to the slave are just sitting there and waiting for the table to unlock while the master is just fine.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Ask Noah 44: Red Hat with Brandon Johnson\" rel=\"nofollow\" href=\"http://www.jupiterbroadcasting.com/121292/redhat-with-brandon-johnson-ask-noah-44/\"\u003eAsk Noah 44: Red Hat with Brandon Johnson\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"BSD Now 228: The Spectre of Meltdown\" rel=\"nofollow\" href=\"http://www.jupiterbroadcasting.com/121362/the-spectre-of-meltdown-bsd-now-228/\"\u003eBSD Now 228: The Spectre of Meltdown\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"The types of workloads that will see the largest performance impacts from Meltdown, tools to test yourself, and the outlook for 2018.\r\n\r\nPlus a concise breakdown of Meltdown, Spectre, and side-channel attacks like only TechSNAP can. ","date_published":"2018-01-11T16:00:00.000-08:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/92c20700-9d53-4470-a263-d3e009a19100.mp3","mime_type":"audio/mpeg","size_in_bytes":30893583,"duration_in_seconds":2503}]},{"id":"18f0b5cf-66ed-47af-89ca-011c4a0dae68","title":"Episode 350: Trials of TLS","url":"https://techsnap.systems/350","content_text":"The trials and tribulations of the long journey to TLS 1.3, and the “middleware” that’s keeping us from having nice things. Plus a pack of Leaky S3 bucket stories and the data that was exposed.\n\nThen we do a deep dive into some SMB fundamentals and practical tips to stay on top of suspicious network traffic.Sponsored By:iXSystems: Get a system purpose built for you. Promo Code: Tell them we sent you!Digital Ocean: Apply our promo snapocean after you create your account, and get a $10 credit. Promo Code: snapoceanTing: Save $25 off a device, or get $25 in service credits! Promo Code: Visit techsnap.ting.comLinks:Why TLS 1.3 isn't in browsers yet — It has been over a year since Cloudflare’s TLS 1.3 launch and still, none of the major browsers have enabled TLS 1.3 by default.TLS 1.3 middleboxes test — This page performs some tests to check for middlebox interference with TLS 1.3. For that it requires Adobe Flash and TCP port 843 to be open. If this is not the case, all tests will fail with N/A. Drone maker DJI left its private SSL, firmware keys open to world+dog on GitHub FOR YEARS — AWS account credentials and firmware AES encryption keys were also exposed on GitHub,Data on 123 million US households exposed  — Leaky bucket might be a better description because when opened the database revealed the personal financial data of 123m American households – in effect everyone with an address in the US around the time of the file’s creation in 2013.Massive US military social media spying archive left wide open in AWS S3 buckets — Three misconfigured AWS S3 buckets have been discovered wide open on the public internet containing \"dozens of terabytes\" of social media posts and similar pages – all scraped from around the world by the US military to identify and profile persons of interest.Security Monkey — Security Monkey monitors your AWS and GCP accounts for policy changes and alerts on insecure configurations. Support is available for OpenStack public and private clouds. It provides a single UI to browse and search through all of your accounts, regions, and cloud services. The monkey remembers previous states and can show you exactly what changed, and when.An Introduction to SMB for Network Security Analysts — At its most basic, SMB is a protocol to allow devices to perform a number of functions on each other over a (usually local) network.StorageCrypter Ransomware: Security Threat or Clickbait? — Hats off to the most buzzword-loaded headline of the year: “StorageCrypt Ransomware Infecting NAS Devices Using SambaCry”. DHCPDECLINE Follow Up  — I think I have a hypothesis. When dhclient is offered an IP, it attempts to look it up in dhcpd.leases (under /var), and if /var has errors, the lookup fails and says \"not found\" (which is what the DHCPDECLINE line says in the log).Please keep some BSD — Please don't get too Linux single-minded. Some FreeBSD plugs here and there are welcome.Repairing a 1960s mainframe: Fixing the IBM 1401's core memory and power supply — Core memory was a popular form of storage in this era as it was relatively fast and inexpensive. Each bit is stored in a tiny magnetized ferrite ring called a core.","content_html":"\u003cp\u003eThe trials and tribulations of the long journey to TLS 1.3, and the “middleware” that’s keeping us from having nice things. Plus a pack of Leaky S3 bucket stories and the data that was exposed.\u003c/p\u003e\n\n\u003cp\u003eThen we do a deep dive into some SMB fundamentals and practical tips to stay on top of suspicious network traffic.\u003c/p\u003e\u003cp\u003eSponsored By:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"http://ixsystems.com/techsnap\"\u003eiXSystems\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"http://ixsystems.com/techsnap\"\u003eGet a system purpose built for you.\u003c/a\u003e Promo Code: Tell them we sent you!\u003c/li\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"https://do.co/snap\"\u003eDigital Ocean\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"https://do.co/snap\"\u003eApply our promo snapocean after you create your account, and get a $10 credit.\u003c/a\u003e Promo Code: snapocean\u003c/li\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"http://techsnap.ting.com\"\u003eTing\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"http://techsnap.ting.com\"\u003eSave $25 off a device, or get $25 in service credits!\u003c/a\u003e Promo Code: Visit techsnap.ting.com\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Why TLS 1.3 isn\u0026#39;t in browsers yet\" rel=\"nofollow\" href=\"https://blog.cloudflare.com/why-tls-1-3-isnt-in-browsers-yet/\"\u003eWhy TLS 1.3 isn\u0026#39;t in browsers yet\u003c/a\u003e \u0026mdash; It has been over a year since Cloudflare’s TLS 1.3 launch and still, none of the major browsers have enabled TLS 1.3 by default.\u003c/li\u003e\u003cli\u003e\u003ca title=\"TLS 1.3 middleboxes test\" rel=\"nofollow\" href=\"https://tls13.mitm.watch/\"\u003eTLS 1.3 middleboxes test\u003c/a\u003e \u0026mdash; This page performs some tests to check for middlebox interference with TLS 1.3. For that it requires Adobe Flash and TCP port 843 to be open. If this is not the case, all tests will fail with N/A. \u003c/li\u003e\u003cli\u003e\u003ca title=\"Drone maker DJI left its private SSL, firmware keys open to world+dog on GitHub FOR YEARS\" rel=\"nofollow\" href=\"https://www.theregister.co.uk/2017/11/16/dji_private_keys_left_github/\"\u003eDrone maker DJI left its private SSL, firmware keys open to world+dog on GitHub FOR YEARS\u003c/a\u003e \u0026mdash; AWS account credentials and firmware AES encryption keys were also exposed on GitHub,\u003c/li\u003e\u003cli\u003e\u003ca title=\"Data on 123 million US households exposed \" rel=\"nofollow\" href=\"https://nakedsecurity.sophos.com/2017/12/22/data-on-123-million-us-households-exposed/\"\u003eData on 123 million US households exposed \u003c/a\u003e \u0026mdash; Leaky bucket might be a better description because when opened the database revealed the personal financial data of 123m American households – in effect everyone with an address in the US around the time of the file’s creation in 2013.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Massive US military social media spying archive left wide open in AWS S3 buckets\" rel=\"nofollow\" href=\"https://www.theregister.co.uk/2017/11/17/us_military_spying_archive_exposed/\"\u003eMassive US military social media spying archive left wide open in AWS S3 buckets\u003c/a\u003e \u0026mdash; Three misconfigured AWS S3 buckets have been discovered wide open on the public internet containing \"dozens of terabytes\" of social media posts and similar pages – all scraped from around the world by the US military to identify and profile persons of interest.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Security Monkey\" rel=\"nofollow\" href=\"https://github.com/Netflix/security_monkey\"\u003eSecurity Monkey\u003c/a\u003e \u0026mdash; Security Monkey monitors your AWS and GCP accounts for policy changes and alerts on insecure configurations. Support is available for OpenStack public and private clouds. It provides a single UI to browse and search through all of your accounts, regions, and cloud services. The monkey remembers previous states and can show you exactly what changed, and when.\u003c/li\u003e\u003cli\u003e\u003ca title=\"An Introduction to SMB for Network Security Analysts\" rel=\"nofollow\" href=\"https://401trg.pw/an-introduction-to-smb-for-network-security-analysts/\"\u003eAn Introduction to SMB for Network Security Analysts\u003c/a\u003e \u0026mdash; At its most basic, SMB is a protocol to allow devices to perform a number of functions on each other over a (usually local) network.\u003c/li\u003e\u003cli\u003e\u003ca title=\"StorageCrypter Ransomware: Security Threat or Clickbait?\" rel=\"nofollow\" href=\"https://www.ixsystems.com/blog/storagecrypter/\"\u003eStorageCrypter Ransomware: Security Threat or Clickbait?\u003c/a\u003e \u0026mdash; Hats off to the most buzzword-loaded headline of the year: “StorageCrypt Ransomware Infecting NAS Devices Using SambaCry”. \u003c/li\u003e\u003cli\u003e\u003ca title=\"DHCPDECLINE Follow Up \" rel=\"nofollow\" href=\"https://slexy.org/view/s2NNasfpFl\"\u003eDHCPDECLINE Follow Up \u003c/a\u003e \u0026mdash; I think I have a hypothesis. When dhclient is offered an IP, it attempts to look it up in dhcpd.leases (under /var), and if /var has errors, the lookup fails and says \"not found\" (which is what the DHCPDECLINE line says in the log).\u003c/li\u003e\u003cli\u003e\u003ca title=\"Please keep some BSD\" rel=\"nofollow\" href=\"https://slexy.org/view/s2EING9Vai\"\u003ePlease keep some BSD\u003c/a\u003e \u0026mdash; Please don't get too Linux single-minded. Some FreeBSD plugs here and there are welcome.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Repairing a 1960s mainframe: Fixing the IBM 1401\u0026#39;s core memory and power supply\" rel=\"nofollow\" href=\"http://www.righto.com/2017/12/repairing-1960s-mainframe-fixing-ibm.html\"\u003eRepairing a 1960s mainframe: Fixing the IBM 1401\u0026#39;s core memory and power supply\u003c/a\u003e \u0026mdash; Core memory was a popular form of storage in this era as it was relatively fast and inexpensive. Each bit is stored in a tiny magnetized ferrite ring called a core.\u003c/li\u003e\u003c/ul\u003e","summary":"A deep dive into some SMB fundamentals and practical tips to stay on top of suspicious network traffic.\r\n","date_published":"2017-12-29T08:00:00.000-08:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/18f0b5cf-66ed-47af-89ca-011c4a0dae68.mp3","mime_type":"audio/mp3","size_in_bytes":37195885,"duration_in_seconds":3043}]},{"id":"1f0cbb01-a231-4cf6-9f5d-f3ded5714065","title":"Episode 349: All Natural Namespaces","url":"https://techsnap.systems/349","content_text":"Network Namespaces have been around for a while, but there may be be some very practical ways to use them that you’ve never considered. Wes does a deep dive into a very flexible tool.\n\nPlus what might be the world’s most important killswitch, the real dollar values for stolen credentials and the 19 year old attack that’s back.Sponsored By:iXSystems: Get a system purpose built for you. Promo Code: Tell them we sent you!Ting: Save $25 off a device, or get $25 in service credits! Promo Code: Visit techsnap.ting.comDigital Ocean: Apply our promo snapocean after you create your account, and get a $10 credit. Promo Code: snapoceanLinks:The Market for Stolen Account Credentials — But oh, how times have changed! With dozens of sites in the underground now competing to purchase and resell credentials for a variety of online locations, it has never been easier for a botmaster to earn a handsome living based solely on the sale of stolen usernames and passwords alone.Hackers shut down plant by targeting its safety system —  FireEye reported that a plant of an unmentioned nature and location (other firms believe it's in the Middle East) was forced to shut down after a hack targeted its industrial safety system -- it's the first known instance of a breach like this taking place.FireEye Report on TRITON — We assess with moderate confidence that the attacker was developing the capability to cause physical damage and inadvertently shutdown operations. This malware, which we call TRITON, is an attack framework built to interact with Triconex Safety Instrumented System (SIS) controllers.ROBOT Attack: 19-Year-Old Bleichenbacher Attack — Dubbed ROBOT (Return of Bleichenbacher's Oracle Attack), the attack allows an attacker to perform RSA decryption and cryptographic operations using the private key configured on the vulnerable TLS servers.The ROBOT Attack - Offical SiteRobot-detect: Detection script for the ROBOT vulnerability — Tool to detect the ROBOT attack (Return of Bleichenbacher's Oracle Threat).WannaCry: End of Year Retrospective — Since our Vantage team sinkholed and subsequently nullified the WannaCry attack on May 12th, 2017, we have been monitoring and maintaining the domain known as the WannaCry killswitch.Why NSA spied on inexplicably unencrypted Windows crash reports — And, according to slides published this weekend by Der Spiegel, this information also includes crash reports from Microsoft's Windows Error Reporting facility built in to Windows.Network namespaces —  As the name would imply, network namespaces partition the use of the network—devices, addresses, ports, routes, firewall rules, etc.—into separate boxes, essentially virtualizing the network within a single running kernel instance. namespaces - Linux manual page — A namespace wraps a global system resource in an abstraction that\r\n       makes it appear to the processes within the namespace that they have\r\n       their own isolated instance of the global resource.  Changes to the\r\n       global resource are visible to other processes that are members of\r\n       the namespace, but are invisible to other processes.  One use of\r\n       namespaces is to implement containers.Network Namespaces » ADMIN Magazine — With network namespaces, you can virtualize network devices, IPv4 and IPv6 protocol stacks, routing tables, ARP tables, and firewalls separately, as well as /proc/net, /sys/class/net/, QoS policies, port numbers, and sockets in such a way that individual applications can find a particular network setup without the use of containers.How to Get the Network Namespace Associated With a SocketNetwork devices as virtual Ethernet devices — Virtualize network devices as virtual Ethernet devices by configuring direct MacVTap connections or virtual switches.Testing network software with pytest and Linux namespacesImplementation of IEEE 802.1ab (LLDP) — LLDP is an industry standard protocol designed to supplant proprietary Link-Layer protocols such as EDP or CDP. The goal of LLDP is to provide an inter-vendor compatible mechanism to deliver Link-Layer notifications to adjacent network devices.WireGuard Routing \u0026amp; Network Namespaces — This allows for some very cool properties. Namely, you can create the WireGuard interface in one namespace (A), move it to another (B), and have cleartext packets sent from namespace B get sent encrypted through a UDP socket in namespace A.VRF for Linux — The concept of VRF was first introduced around 1999 for L3 VPNs, but it has become a fundamental feature for a networking OS. VRF provides traffic isolation at layer 3 for routing, similar to how you use a VLAN to isolate traffic at layer 2. Think multiple routing tables.linux/vrf.txt at master · torvalds/linux · GitHubUsing VRFs with linux Feedback - DHCPDECLINE over and over againDHCP Snooping - CiscoHidden Backdoor Found In WordPress Captcha Plugin Affects Over 300,000 Sites — In a blog post published on Tuesday, WordFence security firm revealed why WordPress recently kicked a popular Captcha plugin with more than 300,000 active installations out of its official plugin store.","content_html":"\u003cp\u003eNetwork Namespaces have been around for a while, but there may be be some very practical ways to use them that you’ve never considered. Wes does a deep dive into a very flexible tool.\u003c/p\u003e\n\n\u003cp\u003ePlus what might be the world’s most important killswitch, the real dollar values for stolen credentials and the 19 year old attack that’s back.\u003c/p\u003e\u003cp\u003eSponsored By:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"http://ixsystems.com/techsnap\"\u003eiXSystems\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"http://ixsystems.com/techsnap\"\u003eGet a system purpose built for you.\u003c/a\u003e Promo Code: Tell them we sent you!\u003c/li\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"http://techsnap.ting.com\"\u003eTing\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"http://techsnap.ting.com\"\u003eSave $25 off a device, or get $25 in service credits!\u003c/a\u003e Promo Code: Visit techsnap.ting.com\u003c/li\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"https://do.co/snap\"\u003eDigital Ocean\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"https://do.co/snap\"\u003eApply our promo snapocean after you create your account, and get a $10 credit.\u003c/a\u003e Promo Code: snapocean\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"The Market for Stolen Account Credentials\" rel=\"nofollow\" href=\"https://krebsonsecurity.com/2017/12/the-market-for-stolen-account-credentials/\"\u003eThe Market for Stolen Account Credentials\u003c/a\u003e \u0026mdash; But oh, how times have changed! With dozens of sites in the underground now competing to purchase and resell credentials for a variety of online locations, it has never been easier for a botmaster to earn a handsome living based solely on the sale of stolen usernames and passwords alone.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Hackers shut down plant by targeting its safety system\" rel=\"nofollow\" href=\"https://www.engadget.com/2017/12/17/hackers-shut-down-plant-by-targeting-safety-system/\"\u003eHackers shut down plant by targeting its safety system\u003c/a\u003e \u0026mdash;  FireEye reported that a plant of an unmentioned nature and location (other firms believe it's in the Middle East) was forced to shut down after a hack targeted its industrial safety system -- it's the first known instance of a breach like this taking place.\u003c/li\u003e\u003cli\u003e\u003ca title=\"FireEye Report on TRITON\" rel=\"nofollow\" href=\"https://www.fireeye.com/blog/threat-research/2017/12/attackers-deploy-new-ics-attack-framework-triton.html\"\u003eFireEye Report on TRITON\u003c/a\u003e \u0026mdash; We assess with moderate confidence that the attacker was developing the capability to cause physical damage and inadvertently shutdown operations. This malware, which we call TRITON, is an attack framework built to interact with Triconex Safety Instrumented System (SIS) controllers.\u003c/li\u003e\u003cli\u003e\u003ca title=\"ROBOT Attack: 19-Year-Old Bleichenbacher Attack\" rel=\"nofollow\" href=\"https://thehackernews.com/2017/12/bleichenbacher-robot-rsa.html\"\u003eROBOT Attack: 19-Year-Old Bleichenbacher Attack\u003c/a\u003e \u0026mdash; Dubbed ROBOT (Return of Bleichenbacher's Oracle Attack), the attack allows an attacker to perform RSA decryption and cryptographic operations using the private key configured on the vulnerable TLS servers.\u003c/li\u003e\u003cli\u003e\u003ca title=\"The ROBOT Attack - Offical Site\" rel=\"nofollow\" href=\"https://robotattack.org/\"\u003eThe ROBOT Attack - Offical Site\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Robot-detect: Detection script for the ROBOT vulnerability\" rel=\"nofollow\" href=\"https://github.com/robotattackorg/robot-detect\"\u003eRobot-detect: Detection script for the ROBOT vulnerability\u003c/a\u003e \u0026mdash; Tool to detect the ROBOT attack (Return of Bleichenbacher's Oracle Threat).\u003c/li\u003e\u003cli\u003e\u003ca title=\"WannaCry: End of Year Retrospective\" rel=\"nofollow\" href=\"https://blog.kryptoslogic.com/malware/2017/12/20/end-of-year.html\"\u003eWannaCry: End of Year Retrospective\u003c/a\u003e \u0026mdash; Since our Vantage team sinkholed and subsequently nullified the WannaCry attack on May 12th, 2017, we have been monitoring and maintaining the domain known as the WannaCry killswitch.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Why NSA spied on inexplicably unencrypted Windows crash reports\" rel=\"nofollow\" href=\"https://arstechnica.com/information-technology/2013/12/why-nsa-spied-on-inexplicably-unencrypted-windows-crash-reports/\"\u003eWhy NSA spied on inexplicably unencrypted Windows crash reports\u003c/a\u003e \u0026mdash; And, according to slides published this weekend by Der Spiegel, this information also includes crash reports from Microsoft's Windows Error Reporting facility built in to Windows.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Network namespaces\" rel=\"nofollow\" href=\"https://lwn.net/Articles/580893/\"\u003eNetwork namespaces\u003c/a\u003e \u0026mdash;  As the name would imply, network namespaces partition the use of the network—devices, addresses, ports, routes, firewall rules, etc.—into separate boxes, essentially virtualizing the network within a single running kernel instance. \u003c/li\u003e\u003cli\u003e\u003ca title=\"namespaces - Linux manual page\" rel=\"nofollow\" href=\"http://man7.org/linux/man-pages/man7/namespaces.7.html\"\u003enamespaces - Linux manual page\u003c/a\u003e \u0026mdash; A namespace wraps a global system resource in an abstraction that\r\n       makes it appear to the processes within the namespace that they have\r\n       their own isolated instance of the global resource.  Changes to the\r\n       global resource are visible to other processes that are members of\r\n       the namespace, but are invisible to other processes.  One use of\r\n       namespaces is to implement containers.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Network Namespaces » ADMIN Magazine\" rel=\"nofollow\" href=\"http://www.admin-magazine.com/Archive/2016/34/The-practical-benefits-of-network-namespaces\"\u003eNetwork Namespaces » ADMIN Magazine\u003c/a\u003e \u0026mdash; With network namespaces, you can virtualize network devices, IPv4 and IPv6 protocol stacks, routing tables, ARP tables, and firewalls separately, as well as /proc/net, /sys/class/net/, QoS policies, port numbers, and sockets in such a way that individual applications can find a particular network setup without the use of containers.\u003c/li\u003e\u003cli\u003e\u003ca title=\"How to Get the Network Namespace Associated With a Socket\" rel=\"nofollow\" href=\"https://brennan.io/2017/03/08/sock-net/\"\u003eHow to Get the Network Namespace Associated With a Socket\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Network devices as virtual Ethernet devices\" rel=\"nofollow\" href=\"https://www.ibm.com/support/knowledgecenter/en/linuxonibm/com.ibm.linux.z.ldva/ldva_c_virtualizationOfNetworkDevices.html\"\u003eNetwork devices as virtual Ethernet devices\u003c/a\u003e \u0026mdash; Virtualize network devices as virtual Ethernet devices by configuring direct MacVTap connections or virtual switches.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Testing network software with pytest and Linux namespaces\" rel=\"nofollow\" href=\"https://vincent.bernat.im/en/blog/2016-testing-pytest-linux-namespaces\"\u003eTesting network software with pytest and Linux namespaces\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Implementation of IEEE 802.1ab (LLDP)\" rel=\"nofollow\" href=\"https://vincentbernat.github.io/lldpd/\"\u003eImplementation of IEEE 802.1ab (LLDP)\u003c/a\u003e \u0026mdash; LLDP is an industry standard protocol designed to supplant proprietary Link-Layer protocols such as EDP or CDP. The goal of LLDP is to provide an inter-vendor compatible mechanism to deliver Link-Layer notifications to adjacent network devices.\u003c/li\u003e\u003cli\u003e\u003ca title=\"WireGuard Routing \u0026amp; Network Namespaces\" rel=\"nofollow\" href=\"https://www.wireguard.com/netns/\"\u003eWireGuard Routing \u0026amp; Network Namespaces\u003c/a\u003e \u0026mdash; This allows for some very cool properties. Namely, you can create the WireGuard interface in one namespace (A), move it to another (B), and have cleartext packets sent from namespace B get sent encrypted through a UDP socket in namespace A.\u003c/li\u003e\u003cli\u003e\u003ca title=\"VRF for Linux\" rel=\"nofollow\" href=\"https://cumulusnetworks.com/blog/vrf-for-linux/\"\u003eVRF for Linux\u003c/a\u003e \u0026mdash; The concept of VRF was first introduced around 1999 for L3 VPNs, but it has become a fundamental feature for a networking OS. VRF provides traffic isolation at layer 3 for routing, similar to how you use a VLAN to isolate traffic at layer 2. Think multiple routing tables.\u003c/li\u003e\u003cli\u003e\u003ca title=\"linux/vrf.txt at master · torvalds/linux · GitHub\" rel=\"nofollow\" href=\"https://github.com/torvalds/linux/blob/master/Documentation/networking/vrf.txt\"\u003elinux/vrf.txt at master · torvalds/linux · GitHub\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Using VRFs with linux \" rel=\"nofollow\" href=\"https://andir.github.io/posts/linux-ip-vrf/\"\u003eUsing VRFs with linux \u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Feedback - DHCPDECLINE over and over again\" rel=\"nofollow\" href=\"https://slexy.org/view/s20dzBcJU2\"\u003eFeedback - DHCPDECLINE over and over again\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"DHCP Snooping - Cisco\" rel=\"nofollow\" href=\"https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/12-2SX/configuration/guide/book/snoodhcp.html\"\u003eDHCP Snooping - Cisco\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Hidden Backdoor Found In WordPress Captcha Plugin Affects Over 300,000 Sites\" rel=\"nofollow\" href=\"https://thehackernews.com/2017/12/wordpress-security-plugin.html\"\u003eHidden Backdoor Found In WordPress Captcha Plugin Affects Over 300,000 Sites\u003c/a\u003e \u0026mdash; In a blog post published on Tuesday, WordFence security firm revealed why WordPress recently kicked a popular Captcha plugin with more than 300,000 active installations out of its official plugin store.\u003c/li\u003e\u003c/ul\u003e","summary":"Network Namespaces have been around for a while, but there may be be some very practical ways to use them that you’ve never considered. Wes does a deep dive into a very flexible tool.\r\n","date_published":"2017-12-21T19:00:00.000-08:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/1f0cbb01-a231-4cf6-9f5d-f3ded5714065.mp3","mime_type":"audio/mpeg","size_in_bytes":36892159,"duration_in_seconds":3000}]},{"id":"74701ab6-ae93-42d3-b9ed-e8ec152108fd","title":"Episode 348: Server Neglect","url":"https://techsnap.systems/348","content_text":"Authors of one of the most infamous botnets of all time get busted, researchers discover keyloggers built into HP Laptops, the major HomeKit flaw no one is talking about, and the new version of FreeNAS packs a lot of features for a point release.\n\nPlus an update on the show and what to expect, and we attempt something TechSNAP could never do as a video production, a live double FreeNAS upgrade!Sponsored By:Digital Ocean: Apply our promo snapocean after you create your account, and get a $10 credit. Promo Code: snapoceanTing: Save $25 off a device, or get $25 in service credits! Promo Code: Visit techsnap.ting.comiXSystems: Get a system purpose built for you. Promo Code: Tell them we sent you!Links:Our New Contact PageMirai IoT Botnet Co-Authors Plead Guilty — Krebs on Security — The U.S. Justice Department on Tuesday unsealed the guilty pleas of two men first identified in January 2017 by KrebsOnSecurity as the likely co-authors of Mirai, a malware strain that remotely enslaves so-called “Internet of Things” devices such as security cameras, routers, and digital video recorders for use in large scale attacks designed to knock Web sites and entire networks offline (including multiple major attacks against this site).\r\nPre-Installed Keylogger Found On Over 460 HP Laptop Models — The Keylogger was found embedded in the SynTP.sys file, a part of Synaptics touchpad driver that ships with HP notebook computers, leaving more than 460 HP Notebook models vulnerable to hackers.HP keylogger -  ZwClose Blog Post — TL;DR: HP had a keylogger in the keyboard driver. The keylogger saved scan codes to a WPP trace. The logging was disabled by default but could be enabled by setting a registry value (UAC required)Apple Releases iOS 11.2.1 Update With HomeKit Fix — According to Apple's release notes, the update re-enables remote access for shared users of the Home app. Apple broke remote access for shared users when implementing a fix for a major HomeKit vulnerability last week. FreeNAS 11.1 Released — The FreeNAS Development Team is excited and proud to present FreeNAS 11.1! FreeNAS 11.1 adds cloud integration, OpenZFS performance improvements, including the ability to prioritize resilvering operations, and preliminary Docker support to the world’s most popular software-defined storage operating system. This release includes an updated preview of the beta version of the new administrator graphical user interface, including the ability to select display themes. This post provides a brief overview of the new features.Process Doppelgänging Attack — Dubbed ‘Process Doppelgänging‘ by Tal Liberman and Eugene Kogan of EnSilo, the attack was demonstrated during Black Hat Europe 2017 security conference in London earlier today. Doppelgänging, a fileless code injection technique, works in such a manner that an attacker can manipulate the way Windows handles its file transaction process and pass malicious files even if the code is known to be malicious.\r\n\r\nProcess Doppelgänging - Black Hat Europe 2017 — By using NTFS transactions, we make changes to an executable file that will never actually be committed to disk. We will then use undocumented implementation details of the process loading mechanism to load our modified executable, but not before rolling back the changes we made to the executable. The result of this procedure is creating a process from the modified executable, while deployed security mechanisms in the dark.\r\n","content_html":"\u003cp\u003eAuthors of one of the most infamous botnets of all time get busted, researchers discover keyloggers built into HP Laptops, the major HomeKit flaw no one is talking about, and the new version of FreeNAS packs a lot of features for a point release.\u003c/p\u003e\n\n\u003cp\u003ePlus an update on the show and what to expect, and we attempt something TechSNAP could never do as a video production, a live double FreeNAS upgrade!\u003c/p\u003e\u003cp\u003eSponsored By:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"https://do.co/snap\"\u003eDigital Ocean\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"https://do.co/snap\"\u003eApply our promo snapocean after you create your account, and get a $10 credit.\u003c/a\u003e Promo Code: snapocean\u003c/li\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"http://techsnap.ting.com\"\u003eTing\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"http://techsnap.ting.com\"\u003eSave $25 off a device, or get $25 in service credits!\u003c/a\u003e Promo Code: Visit techsnap.ting.com\u003c/li\u003e\u003cli\u003e\u003ca rel=\"nofollow\" href=\"http://ixsystems.com/techsnap\"\u003eiXSystems\u003c/a\u003e: \u003ca rel=\"nofollow\" href=\"http://ixsystems.com/techsnap\"\u003eGet a system purpose built for you.\u003c/a\u003e Promo Code: Tell them we sent you!\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Our New Contact Page\" rel=\"nofollow\" href=\"http://techsnap.systems/contact\"\u003eOur New Contact Page\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Mirai IoT Botnet Co-Authors Plead Guilty — Krebs on Security\" rel=\"nofollow\" href=\"https://krebsonsecurity.com/2017/12/mirai-iot-botnet-co-authors-plead-guilty/\"\u003eMirai IoT Botnet Co-Authors Plead Guilty — Krebs on Security\u003c/a\u003e \u0026mdash; The U.S. Justice Department on Tuesday unsealed the guilty pleas of two men first identified in January 2017 by KrebsOnSecurity as the likely co-authors of Mirai, a malware strain that remotely enslaves so-called “Internet of Things” devices such as security cameras, routers, and digital video recorders for use in large scale attacks designed to knock Web sites and entire networks offline (including multiple major attacks against this site).\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"Pre-Installed Keylogger Found On Over 460 HP Laptop Models\" rel=\"nofollow\" href=\"https://thehackernews.com/2017/12/hp-laptop-keylogger.html\"\u003ePre-Installed Keylogger Found On Over 460 HP Laptop Models\u003c/a\u003e \u0026mdash; The Keylogger was found embedded in the SynTP.sys file, a part of Synaptics touchpad driver that ships with HP notebook computers, leaving more than 460 HP Notebook models vulnerable to hackers.\u003c/li\u003e\u003cli\u003e\u003ca title=\"HP keylogger -  ZwClose Blog Post\" rel=\"nofollow\" href=\"https://zwclose.github.io/HP-keylogger/\"\u003eHP keylogger -  ZwClose Blog Post\u003c/a\u003e \u0026mdash; TL;DR: HP had a keylogger in the keyboard driver. The keylogger saved scan codes to a WPP trace. The logging was disabled by default but could be enabled by setting a registry value (UAC required)\u003c/li\u003e\u003cli\u003e\u003ca title=\"Apple Releases iOS 11.2.1 Update With HomeKit Fix\" rel=\"nofollow\" href=\"https://www.macrumors.com/2017/12/13/apple-releases-ios-11-2-1-update-with-homekit-fix/\"\u003eApple Releases iOS 11.2.1 Update With HomeKit Fix\u003c/a\u003e \u0026mdash; According to Apple's release notes, the update re-enables remote access for shared users of the Home app. Apple broke remote access for shared users when implementing a fix for a major HomeKit vulnerability last week. \u003c/li\u003e\u003cli\u003e\u003ca title=\"FreeNAS 11.1 Released\" rel=\"nofollow\" href=\"http://www.freenas.org/blog/freenas-11-1-release/\"\u003eFreeNAS 11.1 Released\u003c/a\u003e \u0026mdash; The FreeNAS Development Team is excited and proud to present FreeNAS 11.1! FreeNAS 11.1 adds cloud integration, OpenZFS performance improvements, including the ability to prioritize resilvering operations, and preliminary Docker support to the world’s most popular software-defined storage operating system. This release includes an updated preview of the beta version of the new administrator graphical user interface, including the ability to select display themes. This post provides a brief overview of the new features.\u003c/li\u003e\u003cli\u003e\u003ca title=\"Process Doppelgänging Attack\" rel=\"nofollow\" href=\"https://www.hackread.com/process-doppelganging-attack-windows-evades-av/\"\u003eProcess Doppelgänging Attack\u003c/a\u003e \u0026mdash; Dubbed ‘Process Doppelgänging‘ by Tal Liberman and Eugene Kogan of EnSilo, the attack was demonstrated during Black Hat Europe 2017 security conference in London earlier today. Doppelgänging, a fileless code injection technique, works in such a manner that an attacker can manipulate the way Windows handles its file transaction process and pass malicious files even if the code is known to be malicious.\r\n\r\n\u003c/li\u003e\u003cli\u003e\u003ca title=\"Process Doppelgänging - Black Hat Europe 2017\" rel=\"nofollow\" href=\"https://www.blackhat.com/eu-17/briefings/schedule/index.html#lost-in-transaction-process-doppelgnging-8811\"\u003eProcess Doppelgänging - Black Hat Europe 2017\u003c/a\u003e \u0026mdash; By using NTFS transactions, we make changes to an executable file that will never actually be committed to disk. We will then use undocumented implementation details of the process loading mechanism to load our modified executable, but not before rolling back the changes we made to the executable. The result of this procedure is creating a process from the modified executable, while deployed security mechanisms in the dark.\r\n\u003c/li\u003e\u003c/ul\u003e","summary":"Authors of one of the most infamous botnets of all time get busted, researchers discover keyloggers built into HP Laptops, the major HomeKit flaw no one is talking about, and the new version of FreeNAS packs a lot of features for a point release.","date_published":"2017-12-14T13:00:00.000-08:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/74701ab6-ae93-42d3-b9ed-e8ec152108fd.mp3","mime_type":"audio/mpeg","size_in_bytes":36296449,"duration_in_seconds":2953}]},{"id":"395B92E8-6FD8-4587-B725-31399554C561","title":"Episode 347: A Farewell to Dan | TechSNAP 347","url":"https://techsnap.systems/347","content_text":"We say farewell to Dan, but don't despair, we've still got a ton of great topics to cover as we say goodbye. We compare the handling of recent data breaches at imgur \u0026amp; DJI, share some in-depth guides on beefing up your security posture \u0026amp; see Dan off with some of your finest feedback and the world's tastiest roundup.","content_html":"\u003cp\u003eWe say farewell to Dan, but don\u0026#39;t despair, we\u0026#39;ve still got a ton of great topics to cover as we say goodbye. We compare the handling of recent data breaches at imgur \u0026amp; DJI, share some in-depth guides on beefing up your security posture \u0026amp; see Dan off with some of your finest feedback and the world\u0026#39;s tastiest roundup.\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/xhVWinInJp8\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"We say farewell to Dan, but don't despair, we've still got a ton of great topics to cover as we say goodbye. We compare the handling of recent data breaches at imgur \u0026 DJI, share some in-depth guides on beefing up your security posture \u0026 much more!","date_published":"2017-11-30T02:00:00.000-08:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/ad3d1818-a53e-4dd0-aba2-32eccea8763d.mp3","mime_type":"audio/mpeg","size_in_bytes":48512152,"duration_in_seconds":5999}]},{"id":"DD777D2B-E077-465D-8FA3-01EF6CEF7B37","title":"Episode 346: Neutral Nets | TechSNAP 346","url":"https://techsnap.systems/346","content_text":"We get depressed over some new stats confirming our worst fears about the huge number of outdated and unpatched android systems. But, in some good news, Github wants to help you, and your open source projects, stay secure with their new Security Alerts feature. We discuss the details and what it needs to be relevant.\n\nPlus some handy tips for getting out of a sticky situation in git, a net neutrality PSA, and some big news from Dan.","content_html":"\u003cp\u003eWe get depressed over some new stats confirming our worst fears about the huge number of outdated and unpatched android systems. But, in some good news, Github wants to help you, and your open source projects, stay secure with their new Security Alerts feature. We discuss the details and what it needs to be relevant.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus some handy tips for getting out of a sticky situation in git, a net neutrality PSA, and some big news from Dan.\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/iwt5GqdLqO0\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"We get depressed over new stats confirming our worst fears about the huge number of outdated \u0026 unpatched android systems. Github wants to help you stay secure with their new Security Alerts feature. We discuss what it needs to be relevant \u0026 more!","date_published":"2017-11-20T17:00:00.000-08:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/4885323e-783b-4325-9fba-9aafb394417a.mp3","mime_type":"audio/mpeg","size_in_bytes":37602359,"duration_in_seconds":4635}]},{"id":"AC309FE0-44EE-46C2-80DF-98299422D5D7","title":"Episode 345: Namespaces GOTO Jail | TechSNAP 345","url":"https://techsnap.systems/345","content_text":"We can't contain our excitement as we dive deep into the world of jails, zones \u0026amp; so-called linux containers. Dan shares his years of experience using the time-tested original bad boy of containers, FreeBSD jails. Wes breaks down cgroups, namespaces \u0026amp; explains how they come together to create a container. Plus we discuss similarities, differences, workflows \u0026amp; more!\n\nAnd of course your fantastic feedback, a record setting round-up \u0026amp; so much more!","content_html":"\u003cp\u003eWe can't contain our excitement as we dive deep into the world of jails, zones \u0026 so-called linux containers. Dan shares his years of experience using the time-tested original bad boy of containers, FreeBSD jails. Wes breaks down cgroups, namespaces \u0026 explains how they come together to create a container. Plus we discuss similarities, differences, workflows \u0026 more!\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003eAnd of course your fantastic feedback, a record setting round-up \u0026amp; so much more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/t8LbMlXFh84\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"Jails, zones \u0026 linux containers. Dan shares his years of experience using FreeBSD jails. Wes breaks down cgroups, namespaces \u0026 explains how they come together to create a container. Plus we discuss similarities, differences, workflows \u0026 more!","date_published":"2017-11-18T01:15:00.000-08:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/3414f71b-ed05-436c-b7de-e7eb5d1fcec5.mp3","mime_type":"audio/mpeg","size_in_bytes":54561688,"duration_in_seconds":6755}]},{"id":"F50A9D00-00DE-4897-807F-3DAE1B2FD36E","title":"Episode 344: SSL Strippers | TechSNAP 344","url":"https://techsnap.systems/344","content_text":"You may think that’s a secure password field, but don’t be fooled! We’ve got the disturbing tale of some negligent websites \u0026amp; their fraudulent fonts. Then, some top tips to evaluate the security of your banking institutions \u0026amp; best practices for verbal passwords. Plus, a controversial discussion of opsec, obfuscation, security \u0026amp; you!","content_html":"\u003cp\u003eYou may think that’s a secure password field, but don’t be fooled! We’ve got the disturbing tale of some negligent websites \u0026amp; their fraudulent fonts. Then, some top tips to evaluate the security of your banking institutions \u0026amp; best practices for verbal passwords. Plus, a controversial discussion of opsec, obfuscation, security \u0026amp; you!\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/wPWKOQkLLu0\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"We’ve got the disturbing tale of some negligent websites \u0026 their fraudulent fonts. Then, some top tips to evaluate the security of your banking institutions \u0026 best practices for verbal passwords. Plus, a discussion of opsec, obfuscation, security \u0026 you!","date_published":"2017-11-08T00:00:00.000-08:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/31ee1ed1-a7c2-47c5-8d68-e9ec5646d4db.mp3","mime_type":"audio/mpeg","size_in_bytes":38340700,"duration_in_seconds":4728}]},{"id":"D2A2DEF9-1574-4C92-B53F-329E3E591383","title":"Episode 343: Low Security Pillow Storage | TechSNAP 343","url":"https://techsnap.systems/343","content_text":"We've got some top tips to turn you from ssh-novice to port-forwarding master.  Plus the latest on the confusing story of Kaspersky, the NSA \u0026amp; a bone-headed contractor. Then, our backup sense is tingling, with the story of $30,000 lost to a forgotten pin.\n\nAnd of course your fantastic feedback, a record setting round-up \u0026amp; so much more on this week's episode of TechSNAP!","content_html":"\u003cp\u003eWe've got some top tips to turn you from ssh-novice to port-forwarding master.  Plus the latest on the confusing story of Kaspersky, the NSA \u0026 a bone-headed contractor. Then, our backup sense is tingling, with the story of $30,000 lost to a forgotten pin.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003eAnd of course your fantastic feedback, a record setting round-up \u0026amp; so much more on this week\u0026#39;s episode of TechSNAP!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/PA9oAfqA94g\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"We've got some top tips to turn you from ssh-novice to port-forwarding master.  Plus the latest on the confusing story of Kaspersky, the NSA \u0026 a bone-headed contractor. Then, our backup sense is tingling, with the story of $30,000 lost to a forgotten pin.","date_published":"2017-10-31T23:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/22580dad-98a8-4c27-83eb-398985f12f50.mp3","mime_type":"audio/mpeg","size_in_bytes":42551880,"duration_in_seconds":5254}]},{"id":"312D59E4-300D-45FF-B9FD-34D086C77D49","title":"Episode 342: Cloudy with a chance of ABI | TechSNAP 342","url":"https://techsnap.systems/342","content_text":"We air Microsoft's dirty laundry as news leaks about their less than stellar handling of a security database breach, plus a fascinating story of deceit, white lies, and tacos; all par for the course in the world of social engineering, and we find out that so-called-smart cards might not be so smart, after it is revealed that millions are vulnerable to a crippling cryptographic attack \u0026amp; more!","content_html":"\u003cp\u003eWe air Microsoft\u0026#39;s dirty laundry as news leaks about their less than stellar handling of a security database breach, plus a fascinating story of deceit, white lies, and tacos; all par for the course in the world of social engineering, and we find out that so-called-smart cards might not be so smart, after it is revealed that millions are vulnerable to a crippling cryptographic attack \u0026amp; more!\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/43b_YtE9zRo\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"We air Microsoft's dirty laundry as news leaks about their less than stellar handling of a security database breach, plus a fascinating story of deceit, white lies, and tacos, so-called-smart cards might not be so smart \u0026 more!","date_published":"2017-10-24T22:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/8cc0043d-66bc-4ebd-ab23-1522a2f5e56d.mp3","mime_type":"audio/mpeg","size_in_bytes":49428924,"duration_in_seconds":6114}]},{"id":"375F22EA-9EE7-4471-B477-C51B01EB5599","title":"Episode 341: HAMR Time | TechSNAP 341","url":"https://techsnap.systems/341","content_text":"We've got bad news for Wifi-lovers as the KRACK hack takes the world by storm; We have the details \u0026amp; some places to watch to make sure you stay patched. Plus, some distressing revelations about third party access to your personal information through some US mobile carriers. Then we cover the ongoing debate over HAMR, MAMR, and the future of hard drive technology \u0026amp; take a mini deep dive into the world of elliptic curve cryptography.","content_html":"\u003cp\u003eWe\u0026#39;ve got bad news for Wifi-lovers as the KRACK hack takes the world by storm; We have the details \u0026amp; some places to watch to make sure you stay patched. Plus, some distressing revelations about third party access to your personal information through some US mobile carriers. Then we cover the ongoing debate over HAMR, MAMR, and the future of hard drive technology \u0026amp; take a mini deep dive into the world of elliptic curve cryptography.\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/tCPgR3Vz7WE\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"The KRACK hack takes the world by storm; Plus, third party access to your personal information through some US mobile carriers. Then the ongoing debate over HAMR, MAMR \u0026 take a mini deep dive into the world of elliptic curve cryptography.","date_published":"2017-10-17T21:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/35b25705-6bbd-47f0-bf86-6204c68ed8e5.mp3","mime_type":"audio/mpeg","size_in_bytes":33442807,"duration_in_seconds":4115}]},{"id":"5220D803-BDE6-4134-9EC1-34B037810814","title":"Episode 340: Spy Tapes | TechSNAP 340","url":"https://techsnap.systems/340","content_text":"We try our hand at spycraft with a set of espionage themed stories covering everything from the latest troubles at Kaspersky to the strategic implications of responsible disclosure at the NSA. Plus, a few more reasons to be careful with what you post on social media \u0026amp; a fascinating discussion of the ethics of running a data breach search service.","content_html":"\u003cp\u003eWe try our hand at spycraft with a set of espionage themed stories covering everything from the latest troubles at Kaspersky to the strategic implications of responsible disclosure at the NSA. Plus, a few more reasons to be careful with what you post on social media \u0026amp; a fascinating discussion of the ethics of running a data breach search service.\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/teE9O4M12fU\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"We try spycraft with a set of espionage themed stories covering everything from the latest troubles at Kaspersky to the implications of responsible disclosure at the NSA, a fascinating discussion of the ethics of running a data breach search service.","date_published":"2017-10-12T19:00:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/fb7f1bc6-bfe4-4598-8fd6-8754a27d41ef.mp3","mime_type":"audio/mpeg","size_in_bytes":53117215,"duration_in_seconds":6575}]},{"id":"23F5A263-67E1-4372-85BF-15875915C96E","title":"Episode 339: Laying Internet Pipe | TechSNAP 339","url":"https://techsnap.systems/339","content_text":"We cover the problematic implications of SESTA, the latest internet regulations proposed in the US, plus some PR troubles for CBS's Showtime after cryptocoin mining software was found embedded in their webpage \u0026amp; Dan gets excited as we discuss why tape-powered backups are still important for many large organizations.\n\nAnd of course your feedback, a fantastic round-up \u0026amp; so much more on this week's episode of TechSNAP!","content_html":"\u003cp\u003eWe cover the problematic implications of SESTA, the latest internet regulations proposed in the US, plus some PR troubles for CBS's Showtime after cryptocoin mining software was found embedded in their webpage \u0026 Dan gets excited as we discuss why tape-powered backups are still important for many large organizations.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003eAnd of course your feedback, a fantastic round-up \u0026amp; so much more on this week\u0026#39;s episode of TechSNAP!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/4lTp6RiTLRw\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"We cover the problematic implications of SESTA, plus some PR troubles for CBS's Showtime after cryptocoin mining software was found embedded in their webpage \u0026 why tape-powered backups are still important for many large organizations.","date_published":"2017-10-05T15:45:58.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/d77b2afa-20d8-4066-9e1c-64fcc7c2e706.mp3","mime_type":"audio/mpeg","size_in_bytes":35899074,"duration_in_seconds":4477}]},{"id":"9BD33842-C8E6-4C09-8DAA-A94AFDC619ED","title":"Episode 338: Patch Your S3it | TechSNAP 338","url":"https://techsnap.systems/338","content_text":"Distrustful US allies further delay the NSA’s new crypto, Viacom’s leaky buckets almost expose its entire IT infrastructure, plus a few more Equifax mishaps \u0026amp; a government spyware tool that might just be masquerading as your favorite app.\n\nAnd of course your feedback, a fantastic round-up \u0026amp; so much more on this week's episode of techsnap!","content_html":"\u003cp\u003eDistrustful US allies further delay the NSA’s new crypto, Viacom’s leaky buckets almost expose its entire IT infrastructure, plus a few more Equifax mishaps \u0026 a government spyware tool that might just be masquerading as your favorite app.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003eAnd of course your feedback, a fantastic round-up \u0026amp; so much more on this week\u0026#39;s episode of techsnap!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/3ZedEjnOYFY\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"Distrustful US allies further delay the NSA’s new crypto, Viacom’s leaky buckets almost expose its entire IT infrastructure, plus a few more Equifax mishaps \u0026 a government spyware tool that might just be masquerading as your favorite app.","date_published":"2017-09-27T00:44:19.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/2b9e2320-6177-4acd-b0ec-0ea566d36bbb.mp3","mime_type":"audio/mpeg","size_in_bytes":32579222,"duration_in_seconds":4062}]},{"id":"2DFF0948-13E1-464B-948B-FD81B0356EF5","title":"Episode 337: FCC’s Free Offsite Storage | TechSNAP 337","url":"https://techsnap.systems/337","content_text":"That Equifax hack? So last week! This weeks vulnerability is BlueBorne, a new attack on just about every bluetooth capable device. We've got the details, and what you need to know to get patched. Plus some of our favorite overlooked shell commands \u0026amp; a breakdown of the ACLUs recent lawsuit to protect your rights at the border.","content_html":"\u003cp\u003eThat Equifax hack? So last week! This weeks vulnerability is BlueBorne, a new attack on just about every bluetooth capable device. We\u0026#39;ve got the details, and what you need to know to get patched. Plus some of our favorite overlooked shell commands \u0026amp; a breakdown of the ACLUs recent lawsuit to protect your rights at the border.\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/NAaXXJ-6taM\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"That Equifax hack? So last week! This weeks vulnerability is BlueBorne, a new attack on just about every bluetooth capable device. Plus some favorite overlooked shell commands, a breakdown of the ACLUs lawsuit to protect your rights at the border \u0026 more!\n","date_published":"2017-09-19T20:42:41.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/8f089c28-018c-45e9-b082-7337dcac9e97.mp3","mime_type":"audio/mpeg","size_in_bytes":40165864,"duration_in_seconds":5010}]},{"id":"490C5352-E6BF-470C-8E48-692D20E47D04","title":"Episode 336: Equihax | TechSNAP 336","url":"https://techsnap.systems/336","content_text":"Equifax got hacked, some top tips for staying safe \u0026amp; a debate over just who's to blame for vulnerable open source software. Then Google's breaking up with Symantec \u0026amp; we take a little time for Sysadmin 101, this time, ticketing systems.","content_html":"\u003cp\u003eEquifax got hacked, some top tips for staying safe \u0026amp; a debate over just who\u0026#39;s to blame for vulnerable open source software. Then Google\u0026#39;s breaking up with Symantec \u0026amp; we take a little time for Sysadmin 101, this time, ticketing systems.\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/yq_ROJBC6N8\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"Equifax got hacked, some top tips for staying safe \u0026 a debate over just who's to blame for vulnerable open source software. Then Google's breaking up with Symantec \u0026 we take a little time for Sysadmin 101, this time, ticketing systems.","date_published":"2017-09-12T23:56:34.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/6426577e-ccca-4cf9-b06a-37d4b74e1a6f.mp3","mime_type":"audio/mpeg","size_in_bytes":42693394,"duration_in_seconds":5326}]},{"id":"6FB762CB-81A4-44D6-9CBF-4F8669355B06","title":"Episode 335: Extended Usefulness | TechSNAP 335","url":"https://techsnap.systems/335","content_text":"We're extending your filesystems usefulness with extended attributes! We learn what they are \u0026amp; how they might be useful. Plus, we take a look behind the scenes of a major spambot operation \u0026amp; check in with Bruce Schneier on the state of internet privacy.","content_html":"\u003cp\u003eWe\u0026#39;re extending your filesystems usefulness with extended attributes! We learn what they are \u0026amp; how they might be useful. Plus, we take a look behind the scenes of a major spambot operation \u0026amp; check in with Bruce Schneier on the state of internet privacy.\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/5wrXuUdcPYs\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"We're extending your filesystems usefulness with extended attributes! We learn what they are \u0026 how they might be useful. Plus, we take a look behind the scenes of a major spambot operation \u0026 check in with Bruce Schneier on the state of internet privacy.","date_published":"2017-09-05T22:23:35.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/73ce3740-7629-4829-8519-dc49712b933d.mp3","mime_type":"audio/mpeg","size_in_bytes":46150813,"duration_in_seconds":5758}]},{"id":"52C642F6-C12B-40AA-A740-12F311979B2C","title":"Episode 334: HPKP: Hard to Say, Hard to Use | TechSNAP 334","url":"https://techsnap.systems/334","content_text":"We discuss, and struggle to pronounce, the difficulties in deploying HTTP public key pinning \u0026amp; some possible alternatives you should consider. Then we get excited for (n+1)sec, a new protocol for distributed multiparty chat encryption \u0026amp; explore the nuances of setting up home VPN gateway!","content_html":"\u003cp\u003eWe discuss, and struggle to pronounce, the difficulties in deploying HTTP public key pinning \u0026amp; some possible alternatives you should consider. Then we get excited for (n+1)sec, a new protocol for distributed multiparty chat encryption \u0026amp; explore the nuances of setting up home VPN gateway!\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/nQZbKLZ5OjQ\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"We discuss, and struggle to pronounce, the difficulties in deploying HTTP public key pinning \u0026 some possible alternatives you should consider. Then we get excited for (n+1)sec \u0026 explore the nuances of setting up home VPN gateway!","date_published":"2017-08-29T23:00:07.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/f7bb2a7b-329f-4092-ac30-106a4d3f78f4.mp3","mime_type":"audio/mpeg","size_in_bytes":40484305,"duration_in_seconds":5050}]},{"id":"7A5F1852-0EA4-435E-9ECD-9077D85733CC","title":"Episode 333: Rsync On Ice | TechSNAP 333","url":"https://techsnap.systems/333","content_text":"We take a trip to the ends of the earth and hear some stories of tech support in Antarctica, cover a surprisingly reasonable new suggested standard for responsible disclosure \u0026amp; discuss Kreb's latest adventures in the world of deep-insert credit card skimmers.\n\nAnd of course your feedback, a fantastic round-up \u0026amp; so much more!","content_html":"\u003cp\u003eWe take a trip to the ends of the earth and hear some stories of tech support in Antarctica, cover a surprisingly reasonable new suggested standard for responsible disclosure \u0026 discuss Kreb's latest adventures in the world of deep-insert credit card skimmers.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003eAnd of course your feedback, a fantastic round-up \u0026amp; so much more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/M1IB8ShcfEE\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"We take a trip to the ends of the earth and hear stories of tech support in Antarctica, cover a surprisingly reasonable new suggested standard for responsible disclosure, discuss Kreb's adventures in the world of deep-insert credit card skimmers \u0026 more!","date_published":"2017-08-25T08:31:57.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/e4bac9b1-c308-41c8-935b-204aa0c3dd38.mp3","mime_type":"audio/mpeg","size_in_bytes":45490632,"duration_in_seconds":5676}]},{"id":"304638F6-1A30-49FC-8F5B-749C9499EED8","title":"Episode 332: Leaky Pumps | TechSNAP 332","url":"https://techsnap.systems/332","content_text":"With some clever new card skimmer tech we’ve got one more reason to watch your wallet at the gas pump, plus a few handy recommendations for postgres migrations \u0026amp; Dan dives deep into his quest for the ultimate boot and nuke experience. \n\nPlus your feedback, a fantastic round-up \u0026amp; so much more!","content_html":"\u003cp\u003eWith some clever new card skimmer tech we’ve got one more reason to watch your wallet at the gas pump, plus a few handy recommendations for postgres migrations \u0026 Dan dives deep into his quest for the ultimate boot and nuke experience. \u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus your feedback, a fantastic round-up \u0026amp; so much more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/GblfDzTkzyg\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"With some new card skimmer tech that’s more reason to watch your wallet at the pump, a few tips for postgres migrations \u0026 Dan dives deep into his quest for the ultimate boot and nuke experience. \n\nPlus your feedback, a fantastic round-up \u0026 so much more!","date_published":"2017-08-16T00:37:56.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/d2b7d46e-375c-4d11-8803-a7d675675b0f.mp3","mime_type":"audio/mpeg","size_in_bytes":42480070,"duration_in_seconds":5299}]},{"id":"8E68E5EF-2A81-4F68-8CC1-54958EA71733","title":"Episode 331: BTRFS is Toast | TechSNAP 331","url":"https://techsnap.systems/331","content_text":"We discuss just how hard, or not, responsible disclosure really is, share some sad news about the status of BTRFS on RHEL, a few more reasons to use ZFS.\n\nThen, we find out if our passwords have been cracked, reveal Dan’s password hashes live on air \u0026amp; more!","content_html":"\u003cp\u003eWe discuss just how hard, or not, responsible disclosure really is, share some sad news about the status of BTRFS on RHEL, a few more reasons to use ZFS.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003eThen, we find out if our passwords have been cracked, reveal Dan’s password hashes live on air \u0026amp; more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/VMb7SIyY120\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"We discuss just how hard, or not, responsible disclosure really is, share some sad news about the status of BTRFS on RHEL, a few more reasons to use ZFS.\n\nThen, we find out if our passwords have been cracked, reveal Dan’s password hashes live \u0026 more!","date_published":"2017-08-08T23:43:58.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/567fc697-49c8-46fe-b2e4-8a0ff639e139.mp3","mime_type":"audio/mpeg","size_in_bytes":40852955,"duration_in_seconds":5096}]},{"id":"7A7B04AF-983F-445E-82B8-B4ADD4E5B30B","title":"Episode 330: Netflix Lab Rats | TechSNAP 330","url":"https://techsnap.systems/330","content_text":"Dan does some sleuthing \u0026amp; finds that the story of a major data leak isn't quite what it seems, then a new Talos report that shows a large number of unpatched \u0026amp; unprotected memcached servers. We discuss just how bad that might be. Plus, between some excellent feedback \u0026amp; Dan's recent adventures, we've got a itty bitty ZFS deep dive.\n\nAnd of course your feedback, a fantastic round-up \u0026amp; so much more on this week's episode of TechSNAP.","content_html":"\u003cp\u003eDan does some sleuthing \u0026 finds that the story of a major data leak isn't quite what it seems, then a new Talos report that shows a large number of unpatched \u0026 unprotected memcached servers. We discuss just how bad that might be. Plus, between some excellent feedback \u0026 Dan's recent adventures, we've got a itty bitty ZFS deep dive.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003eAnd of course your feedback, a fantastic round-up \u0026amp; so much more on this week\u0026#39;s episode of TechSNAP.\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/TQAK-zLO4mI\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"Dan finds a story of a major data leak isn't quite what it seems, a new Talos report that shows a large number of unpatched \u0026 unprotected memcached servers. Plus, between some excellent feedback \u0026 Dan's adventures, we've got a itty bitty ZFS deep dive.","date_published":"2017-08-02T00:18:03.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/2b58d6e3-b7a1-47f8-a335-86822888ce98.mp3","mime_type":"audio/mpeg","size_in_bytes":39176738,"duration_in_seconds":4886}]},{"id":"01349BC8-D756-4FED-B00D-9158E51EF87A","title":"Episode 329: Teeny Weeny DNS Server | TechSNAP 329","url":"https://techsnap.systems/329","content_text":"We've got the latest on some mysterious mac malware that's been lurking for years, a handy new tool to help you monitor, backup and generally work with your DNS infrastructure \u0026amp; possibly more problems for Symantec, the certificate authority who just can't seem to get things right.","content_html":"\u003cp\u003eWe\u0026#39;ve got the latest on some mysterious mac malware that\u0026#39;s been lurking for years, a handy new tool to help you monitor, backup and generally work with your DNS infrastructure \u0026amp; possibly more problems for Symantec, the certificate authority who just can\u0026#39;t seem to get things right.\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/Gs9tgClZRD0\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"Some mysterious mac malware that's been lurking for years, a new tool to help you monitor, backup and generally work with your DNS infrastructure \u0026 possibly more problems for Symantec, the certificate authority who just can't seem to get things right.","date_published":"2017-07-25T23:28:58.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/6fd5681e-e1ed-4263-9d6f-b6eac906976a.mp3","mime_type":"audio/mpeg","size_in_bytes":39411850,"duration_in_seconds":4916}]},{"id":"88E5C9EB-105E-4DA1-8A7D-D2B002913AA5","title":"Episode 328: LetsEncrypt is a SNAP | TechSNAP 328","url":"https://techsnap.systems/328","content_text":"The recent ‘Devil’s Ivy’ vulnerability has caused quite a rash in the security journalism community. Is it as bad as poison ivy or just a bunch of hyperbole? We discuss. Plus you’ve heard of public key encryption, but what lies beyond? We cover some possible alternatives and the problem of identity.\n\nThen Dan’s got the latest on his Let’s encrypt setup including a brand new open source tool you too can use!","content_html":"\u003cp\u003eThe recent ‘Devil’s Ivy’ vulnerability has caused quite a rash in the security journalism community. Is it as bad as poison ivy or just a bunch of hyperbole? We discuss. Plus you’ve heard of public key encryption, but what lies beyond? We cover some possible alternatives and the problem of identity.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003eThen Dan’s got the latest on his Let’s encrypt setup including a brand new open source tool you too can use!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/6twiDPUoJL0\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"The recent ‘Devil’s Ivy’ vulnerability has caused quite a rash in the security journalism community. We discuss. Plus you’ve heard of public key encryption, but what lies beyond? We cover some possible alternatives and the problem of identity \u0026 more!","date_published":"2017-07-18T23:49:14.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/78145f7d-83ba-4c62-9a9f-17e964603ad8.mp3","mime_type":"audio/mpeg","size_in_bytes":46186755,"duration_in_seconds":5763}]},{"id":"358C04A2-5F50-4341-B0FE-66FCB643BF0A","title":"Episode 327: Unsecured IO | TechSNAP 327","url":"https://techsnap.systems/327","content_text":"GNUPG has just released a fix for a dangerous side-channel attack that could expose your private key, a leak of NASDAQ test data was picked up by real news organizations and caused a bit of a panic \u0026amp; the fascinating story of a security researched who managed to take over all .io domains with a little sleuthing and a few domain registrations.\n\nPlus Dan's got so much new stuff it has its own segment, and of course your feedback, a fantastic round-up \u0026amp; so much more!","content_html":"\u003cp\u003eGNUPG has just released a fix for a dangerous side-channel attack that could expose your private key, a leak of NASDAQ test data was picked up by real news organizations and caused a bit of a panic \u0026 the fascinating story of a security researched who managed to take over all .io domains with a little sleuthing and a few domain registrations.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus Dan\u0026#39;s got so much new stuff it has its own segment, and of course your feedback, a fantastic round-up \u0026amp; so much more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/LIBkV5IfmBU\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"GNUPG has just released a fix for a dangerous side-channel attack, a leak of NASDAQ test data was picked up by real news organizations and caused a bit of a panic, a security researched who managed to take over all .io domains \u0026 more!","date_published":"2017-07-12T01:14:15.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/438f87f0-79a8-42d1-9c45-604cb904e6f6.mp3","mime_type":"audio/mpeg","size_in_bytes":49958787,"duration_in_seconds":6234}]},{"id":"535A1C7F-B8A6-493F-88F1-0210E049A3F0","title":"Episode 326: Broadband from Space | TechSNAP 326","url":"https://techsnap.systems/326","content_text":"A new satellite broadband ISP has approval to serve the US, are their low-latency claims too good to be true? UK Law enforcement claims that visiting the dark web is a potential sign of terrorism, watch out tor users! Then we follow a Krebs’ deep dive into the wild world of robocalls.\n \nPlus Dan’s latest Let’s Encrypt updates, your fantastic feedback, a robust roundup \u0026amp; so much more!","content_html":"\u003cp\u003eA new satellite broadband ISP has approval to serve the US, are their low-latency claims too good to be true? UK Law enforcement claims that visiting the dark web is a potential sign of terrorism, watch out tor users! Then we follow a Krebs’ deep dive into the wild world of robocalls.\u003cbr\u003e\u003cbr\u003e\n\u003cbr /\u003e \u003cbr\u003e\n\u003cp\u003ePlus Dan’s latest Let’s Encrypt updates, your fantastic feedback, a robust roundup \u0026amp; so much more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/xWJhlPVxzAI\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"A new satellite broadband ISP has approval to serve the US, UK Law enforcement claims that visiting the dark web is a potential sign of terrorism \u0026 a Krebs’ deep dive into the wild world of robocalls. Plus Dan’s latest Let’s Encrypt updates \u0026 more!","date_published":"2017-07-04T23:54:02.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/f2875968-b204-4e1e-bb8a-9f0cb5bc09ef.mp3","mime_type":"audio/mpeg","size_in_bytes":46600111,"duration_in_seconds":5814}]},{"id":"5858B530-04BF-4B16-89D8-EEFB0FC8F0D1","title":"Episode 325: Google Reads Your Email | TechSNAP 325","url":"https://techsnap.systems/325","content_text":"We go to air just as a massive cyberattack strikes Europe, Google stops reading your email, well sorta maybe \u0026amp; we discuss the latest debate over US government access to overseas data.\n\nPlus some fantastic feedback, a robust roundup \u0026amp; so much more!","content_html":"\u003cp\u003eWe go to air just as a massive cyberattack strikes Europe, Google stops reading your email, well sorta maybe \u0026 we discuss the latest debate over US government access to overseas data.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus some fantastic feedback, a robust roundup \u0026amp; so much more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/R9hCTrnj3oU\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"We go to air just as a massive cyberattack strikes Europe, Google stops reading your email, well sorta maybe \u0026 we discuss the latest debate over US government access to overseas data.\n\nPlus some fantastic feedback, a robust roundup \u0026 so much more!","date_published":"2017-06-27T21:25:24.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/0f1f39ae-ac88-4a90-8205-49dee6274850.mp3","mime_type":"audio/mpeg","size_in_bytes":39032128,"duration_in_seconds":4868}]},{"id":"B32668AF-27C1-43E3-A9B5-C82CEE28786C","title":"Episode 324: DNS Mastery | TechSNAP 324","url":"https://techsnap.systems/324","content_text":"We’ve got the latest on the ‘Stack Crash’ vulnerability affecting a UNIX OS near you. Plus thanks to a recent RNC data leak we’ve got your name, address, birthday \u0026amp; a lot more personal information!\n\nThen Dan does a deep dive on his DNS infrastructure, some recent improvements \u0026amp; his integration with Let’s Encrypt.\n \nPlus some fantastic feedback, a robust roundup \u0026amp; so much more!","content_html":"\u003cp\u003eWe’ve got the latest on the ‘Stack Crash’ vulnerability affecting a UNIX OS near you. Plus thanks to a recent RNC data leak we’ve got your name, address, birthday \u0026 a lot more personal information!\u003c/p\u003e\n\n\u003cp\u003eThen Dan does a deep dive on his DNS infrastructure, some recent improvements \u0026amp; his integration with Let’s Encrypt.\u003cbr\u003e\n\u003cbr /\u003e \u003cbr\u003e\n\u003cp\u003ePlus some fantastic feedback, a robust roundup \u0026amp; so much more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/L0YVB0G_9Ic\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"We’ve got the latest on the ‘Stack Crash’ vulnerability affecting UNIX OSes. Plus thanks to a recent RNC data leak we’ve got your name, address, birthday \u0026 a lot more personal information! Then Dan does a deep dive on his DNS infrastructure \u0026 more!","date_published":"2017-06-20T23:07:31.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/0d4edadd-a777-4b19-9e79-75c4c30442de.mp3","mime_type":"audio/mpeg","size_in_bytes":49333128,"duration_in_seconds":6156}]},{"id":"131ED4E6-1807-4280-AB90-720D495B8491","title":"Episode 323: Comment \u0026 Control | TechSNAP 323","url":"https://techsnap.systems/323","content_text":"Dan's back from BSDCAN with peanut butter, taps, and a new library that's the source of all truth. Then we've got the story of Britney Spears latest career move: controlling botnets through Instagram comments \u0026amp; Dan teaches us about steganography and how it helped catch an NSA leaker.\n \nPlus some fantastic feedback, a robust roundup \u0026amp; so much more!","content_html":"\u003cp\u003eDan\u0026#39;s back from BSDCAN with peanut butter, taps, and a new library that\u0026#39;s the source of all truth. Then we\u0026#39;ve got the story of Britney Spears latest career move: controlling botnets through Instagram comments \u0026amp; Dan teaches us about steganography and how it helped catch an NSA leaker.\u003cbr\u003e\n\u003cbr /\u003e \u003cbr\u003e\n\u003cp\u003ePlus some fantastic feedback, a robust roundup \u0026amp; so much more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/DL2i2SwTTF0\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"Peanut butter, taps \u0026 a new library that's the source of all truth. Then the story of Britney Spears latest career move: controlling botnets through Instagram comments \u0026 Dan teaches us about steganography and how it helped catch an NSA leaker.","date_published":"2017-06-14T04:27:16.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/4459874e-54ec-47c8-bf1f-79140abf5348.mp3","mime_type":"audio/mpeg","size_in_bytes":47542175,"duration_in_seconds":5932}]},{"id":"93C5196A-692F-4738-B73F-F8983B2FAE0C","title":"Episode 322: #NotMyInternet | TechSNAP 322","url":"https://techsnap.systems/322","content_text":"We discuss who really controls the internet \u0026amp; just how centralized and potentially vulnerable it has become. Plus the latest security letdowns from Windows 10, the story of a questionably ethical hacker \u0026amp; Zomato's data breach.\n \nPlus some fantastic feedback, a robust roundup \u0026amp; so much more!","content_html":"\u003cp\u003eWe discuss who really controls the internet \u0026amp; just how centralized and potentially vulnerable it has become. Plus the latest security letdowns from Windows 10, the story of a questionably ethical hacker \u0026amp; Zomato\u0026#39;s data breach.\u003cbr\u003e\n\u003cbr /\u003e \u003cbr\u003e\n\u003cp\u003ePlus some fantastic feedback, a robust roundup \u0026amp; so much more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/u0yxtJK1UKw\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"We discuss who really controls the internet \u0026 just how centralized and potentially vulnerable it has become. Plus the latest security letdowns from Windows 10, the story of a questionably ethical hacker \u0026 Zomato's data breach \u0026 so much more!","date_published":"2017-06-06T21:33:42.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/6a339060-41e9-401c-9de0-2b7a3c543b56.mp3","mime_type":"audio/mpeg","size_in_bytes":46731324,"duration_in_seconds":5831}]},{"id":"B6523917-CD35-4F76-BE43-B6D81F7E7733","title":"Episode 321: A Burrito Stole My Money | TechSNAP 321","url":"https://techsnap.systems/321","content_text":"Not only is the UK leaving the Eurozone, they are starting their own internet, this time with more surveillance! Then we’ve got some top tips on getting recruited by the Israeli NSA \u0026amp; the details of some new WannaCry wannabes that may be infecting a windows server near you.\n \nPlus some fantastic feedback, a robust roundup \u0026amp; so much more!","content_html":"\u003cp\u003eNot only is the UK leaving the Eurozone, they are starting their own internet, this time with more surveillance! Then we’ve got some top tips on getting recruited by the Israeli NSA \u0026amp; the details of some new WannaCry wannabes that may be infecting a windows server near you.\u003cbr\u003e\n\u003cbr /\u003e \u003cbr\u003e\n\u003cp\u003ePlus some fantastic feedback, a robust roundup \u0026amp; so much more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/iIKdHvqBkkI\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"Not only is the UK leaving the Eurozone, they’re starting their own internet with more surveillance! Then some top tips on getting recruited by the Israeli NSA \u0026 the details of some new WannaCry wannabes that may be infecting a windows server near you.\n","date_published":"2017-05-30T22:37:52.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/75c3fe05-6e82-4e30-8c30-d4243a9c6098.mp3","mime_type":"audio/mpeg","size_in_bytes":40584651,"duration_in_seconds":5062}]},{"id":"64B3A9D1-23F0-4AE9-B8EB-4FFEBD0A0BB6","title":"Episode 320: Kill Switch Engage | TechSNAP 320","url":"https://techsnap.systems/320","content_text":"We've got another round of WannaCry analysis, the latest on the FCCs battle over Net neutrality. Then IPv6 Tunnels \u0026amp; you, a 2017 check-in.\n\nPlus some fantastic feedback, a robust roundup \u0026amp; so much more!","content_html":"\u003cp\u003eWe've got another round of WannaCry analysis, the latest on the FCCs battle over Net neutrality. Then IPv6 Tunnels \u0026 you, a 2017 check-in.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus some fantastic feedback, a robust roundup \u0026amp; so much more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/cIA-TJDyt0E\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"We've got another round of WannaCry analysis, the latest on the FCCs battle over Net neutrality. Then IPv6 Tunnels \u0026 you, a 2017 check-in.\n\nPlus some fantastic feedback, a robust roundup \u0026 so much more!","date_published":"2017-05-23T19:18:50.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/a3074aaa-e030-4f97-9b2d-ba4d5736a079.mp3","mime_type":"audio/mpeg","size_in_bytes":37815558,"duration_in_seconds":4716}]},{"id":"0CB2FB98-8A0B-4B0B-BDA2-A08390272C71","title":"Episode 319: When IT Security Cries | TechSNAP 319","url":"https://techsnap.systems/319","content_text":"The WannaCry Worm has brought the world to tears. We've got the latest details, conspiracy theories, fallout \u0026amp; some tissues.\n\nPlus a keylogger that may be hiding in your audio driver, some great hardware recommendations from the audience,  your great feedback, a hard hitting round up \u0026amp; so much more!","content_html":"\u003cp\u003eThe WannaCry Worm has brought the world to tears. We've got the latest details, conspiracy theories, fallout \u0026 some tissues.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus a keylogger that may be hiding in your audio driver, some great hardware recommendations from the audience,  your great feedback, a hard hitting round up \u0026amp; so much more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/R4pwGVJL0-s\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"The WannaCry Worm has brought the world to tears. We've got the latest details, conspiracy theories, fallout \u0026 some tissues.\n\nPlus a keylogger that may be hiding in your audio driver, some great hardware recommendations from the audience \u0026 so much more!","date_published":"2017-05-16T22:38:57.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/d1a67b84-aa5b-432c-b85f-438e15488ae7.mp3","mime_type":"audio/mpeg","size_in_bytes":38588892,"duration_in_seconds":4813}]},{"id":"4ADFDB3A-C52D-4F57-B5D8-C3B79E3017AE","title":"Episode 318: All Drives Die | TechSNAP 318","url":"https://techsnap.systems/318","content_text":"Turns out you've been doing passwords wrong, but don't worry, we've got the latest and greatest guidance from NIST. Plus the latest numbers from BackBlaze with some interesting conclusions about enterprise drives.\n\nThen the details about that google docs worm everyone's talking about, some top tips to stay safe \u0026amp; so much more!","content_html":"\u003cp\u003eTurns out you've been doing passwords wrong, but don't worry, we've got the latest and greatest guidance from NIST. Plus the latest numbers from BackBlaze with some interesting conclusions about enterprise drives.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003eThen the details about that google docs worm everyone\u0026#39;s talking about, some top tips to stay safe \u0026amp; so much more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/VBZvzGd4ycg\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"Turns out you've been doing passwords wrong, we've got guidance from NIST. Plus the latest numbers from BackBlaze with some interesting conclusions.\n\nThen, that google docs worm everyone's talking about, some top tips to stay safe \u0026 so much more!","date_published":"2017-05-09T21:42:09.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/bc77de17-6a1e-41d7-8cef-16299e5627bd.mp3","mime_type":"audio/mpeg","size_in_bytes":38084803,"duration_in_seconds":4750}]},{"id":"5077500E-5265-480D-9E29-4069FA05D1BC","title":"Episode 317: Some Fishy Chips | TechSNAP 317","url":"https://techsnap.systems/317","content_text":"Intel's patched a remote execution exploit that’s been lurking in their chips for the past nine years, we’ve got the details \u0026amp; some handy tips to check if you’re affected. Then Dan does a deep dive into friend of the show Tarsnap: what it is, how to use it \u0026amp; why it’s so awesome. Plus we discuss when we use external services versus building ourselves \u0026amp; a few tips for lightweight backup solutions that might work for you.\n\nThen your fantastic feedback, a riotous roundup \u0026amp; so much more!","content_html":"\u003cp\u003eIntel's patched a remote execution exploit that’s been lurking in their chips for the past nine years, we’ve got the details \u0026 some handy tips to check if you’re affected. Then Dan does a deep dive into friend of the show Tarsnap: what it is, how to use it \u0026 why it’s so awesome. Plus we discuss when we use external services versus building ourselves \u0026 a few tips for lightweight backup solutions that might work for you.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003eThen your fantastic feedback, a riotous roundup \u0026amp; so much more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/3zoJjgWZ3LE\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"Intel's patched a remote execution exploit that’s been lurking in their chips for the past nine years. Then Dan does a deep dive into friend of the show Tarsnap. Plus we discuss when we use external services versus building ourselves \u0026 much more!","date_published":"2017-05-03T02:53:47.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/e23499bb-a6f8-4977-adc9-6cb38af47070.mp3","mime_type":"audio/mpeg","size_in_bytes":47232680,"duration_in_seconds":5893}]},{"id":"5AE1CB2E-8C22-4479-9379-DA2AD42A4693","title":"Episode 316: PHP Steals Your Nuts | TechSNAP 316","url":"https://techsnap.systems/316","content_text":"The squirrels have gotten in the mailbag as the guys discuss an unfortunate new vulnerability in Squirrelmail. Plus an interesting new entrant to the anonymous domain name space from some of the internet’s most famous rabble rousers. Then Dan \u0026amp; Wes get just a bit jealous of Canada’s new take on net neutrality \u0026amp; more!","content_html":"\u003cp\u003eThe squirrels have gotten in the mailbag as the guys discuss an unfortunate new vulnerability in Squirrelmail. Plus an interesting new entrant to the anonymous domain name space from some of the internet’s most famous rabble rousers. Then Dan \u0026amp; Wes get just a bit jealous of Canada’s new take on net neutrality \u0026amp; more!\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/3XSykcLcRik\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"The guys discuss an unfortunate new vulnerability in Squirrelmail. Plus a new entrant to the anonymous domain name space from some of the internet’s most famous rabble rousers. Then Dan \u0026 Wes get a bit jealous of Canada’s take on net neutrality \u0026 more!","date_published":"2017-04-26T00:04:08.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/2c990981-cc7f-4f2e-b7f3-bad0a3892390.mp3","mime_type":"audio/mpeg","size_in_bytes":49153640,"duration_in_seconds":6133}]},{"id":"919B9614-2A41-4544-9BDB-6514D7487C65","title":"Episode 315: Tales of FileSystems | TechSNAP 315","url":"https://techsnap.systems/315","content_text":"We’ve got the latest gossip on Apple’s brand new filesystem \u0026amp; why you should care! Plus Dan dives deep into the wonderful world of ZFS and FreeBSD jails \u0026amp; shows us how he is putting them to use in his latest server build.\n\nPlus it’s your fantastic feedback, a riotous roundup \u0026amp; so much more!","content_html":"\u003cp\u003eWe’ve got the latest gossip on Apple’s brand new filesystem \u0026 why you should care! Plus Dan dives deep into the wonderful world of ZFS and FreeBSD jails \u0026 shows us how he is putting them to use in his latest server build.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus it’s your fantastic feedback, a riotous roundup \u0026amp; so much more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/WQuqqUgOfxs\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"We’ve got the latest gossip on Apple’s brand new filesystem, Plus Dan dives deep into the world of ZFS and FreeBSD jails \u0026 shows us how he is putting them to use in his latest server build.\n\nPlus your fantastic feedback, a riotous roundup \u0026 so much more!","date_published":"2017-04-18T21:57:56.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/abd624f0-314c-4c15-870a-0279204aeb2d.mp3","mime_type":"audio/mpeg","size_in_bytes":46571075,"duration_in_seconds":5811}]},{"id":"99470104-3B5B-49BD-8C95-4180DC77493A","title":"Episode 314: Cyber Liability | TechSNAP 314","url":"https://techsnap.systems/314","content_text":"We cover some fascinating new research that can steal your phone’s PIN using just the on-board sensors. Then we cover how computer security is broken from top to bottom and Dan does another deep dive, this time on everyone’s favorite database, PostgresSQL.\n\nPlus it’s your feedback, a huge roundup \u0026amp; so much more!","content_html":"\u003cp\u003eWe cover some fascinating new research that can steal your phone’s PIN using just the on-board sensors. Then we cover how computer security is broken from top to bottom and Dan does another deep dive, this time on everyone’s favorite database, PostgresSQL.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus it’s your feedback, a huge roundup \u0026amp; so much more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/Qw9YvALcXl8\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"We cover some new research that can steal your phone’s PIN using just the on-board sensors. Then we cover how computer security is broken from top to bottom, Dan does another deep dive, this time on everyone’s favorite database, PostgresSQ \u0026 more!","date_published":"2017-04-12T03:13:41.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/36406e0b-d851-4d58-87ec-b9dce2b370fa.mp3","mime_type":"audio/mpeg","size_in_bytes":50339580,"duration_in_seconds":6282}]},{"id":"32951009-A775-4AA3-8780-619AD9C9749D","title":"Episode 313: Wifi Stack Overfloweth | TechSNAP 313","url":"https://techsnap.systems/313","content_text":"Your Wifi Stack is under attack! But dont worry, Apple’s got the patch \u0026amp; we’ve got the story. Then the latest ATM hacking tips that will only cost you $15 \u0026amp; Dan does a deep dive into Let’s Encrypt!\n\nPlus it’s your feedback, a huge roundup \u0026amp; so much more!","content_html":"\u003cp\u003eYour Wifi Stack is under attack! But dont worry, Apple’s got the patch \u0026 we’ve got the story. Then the latest ATM hacking tips that will only cost you $15 \u0026 Dan does a deep dive into Let’s Encrypt!\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus it’s your feedback, a huge roundup \u0026amp; so much more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/V2ix0lgBCHk\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"Your Wifi Stack is under attack! But dont worry, Apple’s got the patch \u0026 we’ve got the story. Then the latest ATM hacking tips that will only cost you $15 \u0026 Dan does a deep dive into Let’s Encrypt!\n\nPlus it’s your feedback, a huge roundup \u0026 so much more!","date_published":"2017-04-05T02:04:35.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/5fa6d751-825c-4287-9b6b-12572e049a42.mp3","mime_type":"audio/mpeg","size_in_bytes":48840179,"duration_in_seconds":6094}]},{"id":"5E50C834-89DB-4219-8EC0-C0E948201876","title":"Episode 312: Privacy is Dead | TechSNAP 312","url":"https://techsnap.systems/312","content_text":"This week, we sell your private browsing history to the highest bidder! Oh wait, that’s your ISP! We cover the latest rollback of internet privacy regulations in the US, plus the surprisingly uplifting story of script kiddies getting their day in court, Dan does a not-so-deep dive into ZFS \u0026amp; explains why you should already be using it.\n\nPlus it’s your feedback, a huge roundup \u0026amp; so much more!","content_html":"\u003cp\u003eThis week, we sell your private browsing history to the highest bidder! Oh wait, that’s your ISP! We cover the latest rollback of internet privacy regulations in the US, plus the surprisingly uplifting story of script kiddies getting their day in court, Dan does a not-so-deep dive into ZFS \u0026 explains why you should already be using it.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus it’s your feedback, a huge roundup \u0026amp; so much more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/CMmvfW88JHg\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"This week, we cover the latest rollback of internet privacy regulations in the US, plus the story of script kiddies getting their day in court \u0026 Dan does a not-so-deep dive into ZFS .\n\nPlus it’s your feedback, a huge roundup \u0026 so much more!","date_published":"2017-03-29T01:34:54.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/497169fb-6063-4684-a029-a2903f750745.mp3","mime_type":"audio/mpeg","size_in_bytes":49444924,"duration_in_seconds":6170}]},{"id":"42DA225B-4041-4E04-8556-A0B534C6C67C","title":"Episode 311: Check Yo Checksum | TechSNAP 311","url":"https://techsnap.systems/311","content_text":"The guys break with the usual format \u0026amp; turn things over to Dan for a deep deep dive on Bacula! Then it’s the latest Yahoo hack news \u0026amp; a few more reasons you should already be using ZFS.\n\nPlus it’s your feedback, a huge roundup \u0026amp; so much more!","content_html":"\u003cp\u003eThe guys break with the usual format \u0026 turn things over to Dan for a deep deep dive on Bacula! Then it’s the latest Yahoo hack news \u0026 a few more reasons you should already be using ZFS.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus it’s your feedback, a huge roundup \u0026amp; so much more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/OTc-DWvKA9c\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"The guys break with the usual format \u0026 turn things over to Dan for a deep deep dive on Bacula! Then it’s the latest Yahoo hack news \u0026 a few more reasons you should already be using ZFS.\n\nPlus it’s your feedback, a huge roundup \u0026 so much more!","date_published":"2017-03-22T02:11:34.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/3e2d6ca9-56e6-48d5-aabd-3b8ce6c233f6.mp3","mime_type":"audio/mpeg","size_in_bytes":58535753,"duration_in_seconds":7306}]},{"id":"9B9F2E5D-7653-4E79-85DA-4A11D4B0D6D8","title":"Episode 310: Don’t Panic \u0026 P your S | TechSNAP 310","url":"https://techsnap.systems/310","content_text":"We crack open Vault 7 \u0026amp; are a little let down by what's inside, give you one more reason you should already be using ZFS \u0026amp; just when you thought you could trust your phone again, we’ve got the story of preinstalled Android malware. Then it’s your feedback, a huge roundup \u0026amp; so much more!","content_html":"\u003cp\u003eWe crack open Vault 7 \u0026amp; are a little let down by what\u0026#39;s inside, give you one more reason you should already be using ZFS \u0026amp; just when you thought you could trust your phone again, we’ve got the story of preinstalled Android malware. Then it’s your feedback, a huge roundup \u0026amp; so much more!\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/OkH7iJQOcxY\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"We crack open Vault 7 \u0026 are let down by what's inside, give you one more reason you should already be using ZFS \u0026 you thought you could trust your phone again, we’ve got the story of preinstalled Android malware. Then it’s feedback, the roundup \u0026 more!","date_published":"2017-03-14T23:10:36.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/75707304-39d4-47ab-aecd-6de4615ce231.mp3","mime_type":"audio/mpeg","size_in_bytes":42239346,"duration_in_seconds":5269}]},{"id":"2A8C0656-0A25-4A2D-8363-E1AE2626091B","title":"Episode 309: Bad Boy Backups | TechSNAP 309","url":"https://techsnap.systems/309","content_text":"We’ve got the sad story of cloud-enabled toys leading to, you guessed it, leaking customer’s personal information! Plus a case of backups gone bad, but this time, it’s a good thing!\n\nThen it’s your feedback, a huge roundup, and so much more!","content_html":"\u003cp\u003eWe’ve got the sad story of cloud-enabled toys leading to, you guessed it, leaking customer’s personal information! Plus a case of backups gone bad, but this time, it’s a good thing!\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003eThen it’s your feedback, a huge roundup, and so much more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/6CdrVD0K7eo\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"We’ve got the sad story of cloud-enabled toys leading to, you guessed it, leaking customer’s personal information! Plus a case of backups gone bad, but this time, it’s a good thing!\n\nThen it’s your feedback, a huge roundup, and so much more!","date_published":"2017-03-07T21:48:59.000-08:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/d000e46e-a1a9-4306-9282-237d6f94c4ef.mp3","mime_type":"audio/mpeg","size_in_bytes":43536864,"duration_in_seconds":5431}]},{"id":"27A9FEB4-08B4-4175-A6A9-0A1A8D2BDE97","title":"Episode 308: Cloudy with a Chance of Leaks | TechSNAP 308","url":"https://techsnap.systems/308","content_text":"Google heard you like hashes so they broke SHA1, we've got the details.\n\nPlus we dive in to Cloudflare's data disaster, Dan shows us his rack, your feedback, a huge roundup \u0026amp; so much more!","content_html":"\u003cp\u003eGoogle heard you like hashes so they broke SHA1, we've got the details.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus we dive in to Cloudflare\u0026#39;s data disaster, Dan shows us his rack, your feedback, a huge roundup \u0026amp; so much more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/XXWrp_riJZY\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"Google heard you like hashes so they broke SHA1, we've got the details.\n\nPlus we dive in to Cloudflare's data disaster, Dan shows us his rack, your feedback, a huge roundup \u0026 so much more!","date_published":"2017-02-28T21:40:13.000-08:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/010af29a-b886-4afb-be35-d0398571a6b2.mp3","mime_type":"audio/mpeg","size_in_bytes":39325429,"duration_in_seconds":4905}]},{"id":"8ED56ED6-D8D5-47B9-B1CA-80D78DB58E4D","title":"Episode 307: State Sponsored Audiophiles | TechSNAP 307","url":"https://techsnap.systems/307","content_text":"The details on the latest WordPress vulnerability, then the surprising, or perhaps not so surprising takeover of a cybersecurity firms website \u0026amp; watch out, hacker's may be using your microphone to steal your data!\n\nPlus a packed roundup, your feedback \u0026amp; so much more!","content_html":"\u003cp\u003eThe details on the latest WordPress vulnerability, then the surprising, or perhaps not so surprising takeover of a cybersecurity firms website \u0026 watch out, hacker's may be using your microphone to steal your data!\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus a packed roundup, your feedback \u0026amp; so much more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/gzqsFNUd1PU\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"The details on the latest WordPress vulnerability, then the perhaps not so surprising takeover of a cybersecurity firms website \u0026 watch out, hacker's may be using your microphone to steal your data!\n\nPlus a packed roundup, your feedback \u0026 so much more!","date_published":"2017-02-21T21:44:00.000-08:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/a6b10259-5b4d-47e2-b0d5-28a0ea6b33ad.mp3","mime_type":"audio/mpeg","size_in_bytes":32273955,"duration_in_seconds":4023}]},{"id":"810F2BA3-6C7E-4C4D-A2DF-10C715D049D4","title":"Episode 306: Metadata Matters | TechSNAP 306","url":"https://techsnap.systems/306","content_text":"The latest on just who has access to your private email, Dan dives deep on the GitLab Postmortem \u0026amp; did you know that Transport for London has been tracking your wifi? We’ve got the details.\n\nPlus a packed roundup, your feedback \u0026amp; so much more!","content_html":"\u003cp\u003eThe latest on just who has access to your private email, Dan dives deep on the GitLab Postmortem \u0026 did you know that Transport for London has been tracking your wifi? We’ve got the details.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus a packed roundup, your feedback \u0026amp; so much more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/sKiDHtkBNsg\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"The latest on just who has access to your private email, Dan dives deep on the GitLab Postmortem \u0026 did you know that Transport for London has been tracking your wifi? We’ve got the details.\n\nPlus a packed roundup, your feedback \u0026 so much more!","date_published":"2017-02-15T00:11:40.000-08:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/6fe2feed-fb8e-4468-8ec5-aa050b2b874f.mp3","mime_type":"audio/mpeg","size_in_bytes":56553373,"duration_in_seconds":7058}]},{"id":"AA14B4E3-B9CF-44CD-AE65-1484B5282FC3","title":"Episode 305: Gambling with Code | TechSNAP 305","url":"https://techsnap.systems/305","content_text":"We’ve got the latest on GitLabs data disaster, a clever new method to cheat at the slots \u0026amp; a new Netgear exploit thats coming for your network!\n\nPlus your feedback, a giant roundup \u0026amp; much, much more!","content_html":"\u003cp\u003eWe’ve got the latest on GitLabs data disaster, a clever new method to cheat at the slots \u0026 a new Netgear exploit thats coming for your network!\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus your feedback, a giant roundup \u0026amp; much, much more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/UFQbYcvrekw\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"We’ve got the latest on GitLabs data disaster, a clever new method to cheat at the slots \u0026 a new Netgear exploit thats coming for your network!\n\nPlus your feedback, a giant roundup \u0026 much, much more!","date_published":"2017-02-07T23:52:21.000-08:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/d777f111-86c1-4b5b-8826-a0127e482037.mp3","mime_type":"audio/mpeg","size_in_bytes":50546588,"duration_in_seconds":6308}]},{"id":"FC4CA247-AA35-4B56-8318-3222EE557B66","title":"Episode 304: Three C's to Tweet By | TechSNAP 304","url":"https://techsnap.systems/304","content_text":"The guys cover Dropbox bugs that could be holding on to your deleted files, explain what the heck ATM ‘shimmers’ are \u0026amp; talk about how to keep your secret identity secret.\n\nPlus your feedback, a packed roundup \u0026amp; much more!","content_html":"\u003cp\u003eThe guys cover Dropbox bugs that could be holding on to your deleted files, explain what the heck ATM ‘shimmers’ are \u0026 talk about how to keep your secret identity secret.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus your feedback, a packed roundup \u0026amp; much more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/7b_TLwC3V2E\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"The guys cover Dropbox bugs that could be holding on to your deleted files, explain what the heck ATM ‘shimmers’ are \u0026 talk about how to keep your secret identity secret.\n\nPlus your feedback, a packed roundup \u0026 much more!","date_published":"2017-02-01T01:25:19.000-08:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/d52362fc-b08a-452b-80fe-a295c682ca03.mp3","mime_type":"audio/mpeg","size_in_bytes":47156362,"duration_in_seconds":5884}]},{"id":"B3675005-B84C-49B4-A7C2-3E0556691505","title":"Episode 303: DDos Mafia | TechSNAP 303","url":"https://techsnap.systems/303","content_text":"A remote vulnerability in Ansible has been patched, the latest updates on the Mirai botnet, our first TechSNAP challenge, your feedback, a gigantic roundup \u0026amp; so much more!","content_html":"\u003cp\u003eA remote vulnerability in Ansible has been patched, the latest updates on the Mirai botnet, our first TechSNAP challenge, your feedback, a gigantic roundup \u0026amp; so much more!\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/-FvSwTt-J7o\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"A remote vulnerability in Ansible has been patched, the latest updates on the Mirai botnet, our first TechSNAP challenge, your feedback, a gigantic roundup \u0026 so much more!","date_published":"2017-01-24T22:42:17.000-08:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/ef8bfa53-1847-47d1-9906-8c14333796e0.mp3","mime_type":"audio/mpeg","size_in_bytes":30552185,"duration_in_seconds":3808}]},{"id":"CEBCF7B1-3D39-43CF-AEAC-27C7ADC18B9D","title":"Episode 302: Internet of Voice Triggers | TechSNAP 302","url":"https://techsnap.systems/302","content_text":"The Github enterprise SQL scare, malware that lives in your browser, Dan’s mail server war story, your feedback, a righteous roundup \u0026amp; more!\n\nNote: This is a shorter episode because the hosts are new and the first recording was also a double episode recording, expect them to get longer as the guys get more comfortable!","content_html":"\u003cp\u003eThe Github enterprise SQL scare, malware that lives in your browser, Dan’s mail server war story, your feedback, a righteous roundup \u0026 more!\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003eNote: This is a shorter episode because the hosts are new and the first recording was also a double episode recording, expect them to get longer as the guys get more comfortable!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/bVyWnJe2DSk\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"The Github enterprise SQL scare, malware that lives in your browser, Dan’s mail server war story, your feedback, a righteous roundup \u0026 more!\n\nNote: Shorter episode because the guys are new and as also a double recording, expect longer episodes over time!","date_published":"2017-01-17T07:43:18.000-08:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/eadcb5fd-cbf8-4475-ba33-70a1ea2a2cca.mp3","mime_type":"audio/mpeg","size_in_bytes":18119560,"duration_in_seconds":2254}]},{"id":"2E9AD9A8-0001-45FE-8D87-0EE2A6097784","title":"Episode 301: The Next Generation | TechSNAP 301","url":"https://techsnap.systems/301","content_text":"Malware that evades blocking systems and getting into BSD for the first time.\n\nPlus a fresh round up, your questions \u0026amp; much, much more!","content_html":"\u003cp\u003eMalware that evades blocking systems and getting into BSD for the first time.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus a fresh round up, your questions \u0026amp; much, much more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/7olqcLTqpkw\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"Malware that evades blocking systems and getting into BSD for the first time.\n\nPlus a fresh round up, your questions \u0026 much, much more!","date_published":"2017-01-10T21:22:09.000-08:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/c10d0241-c1ad-4d6e-97c5-611cb2ba84f6.mp3","mime_type":"audio/mpeg","size_in_bytes":18788670,"duration_in_seconds":2338}]},{"id":"85B9FE8E-BBE5-4743-A6E4-DE1843D9C31F","title":"Episode 300: 2089 Days Uptime | TechSNAP 300","url":"https://techsnap.systems/300","content_text":"How the hack of DigiNotar changed the infrastructure of the Internet forever, changing the way we think about security \u0026amp; how to hide malware in a PNG.\n\nPlus a packed round up, great emails \u0026amp; more in a packed 300th episode!","content_html":"\u003cp\u003eHow the hack of DigiNotar changed the infrastructure of the Internet forever, changing the way we think about security \u0026 how to hide malware in a PNG.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus a packed round up, great emails \u0026amp; more in a packed 300th episode!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/50YQDo15-4k\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"How the hack of DigiNotar changed the infrastructure of the Internet forever, changing the way we think about security \u0026 how to hide malware in a PNG.\n\nPlus a packed round up, great emails \u0026 more in a packed 300th episode!","date_published":"2017-01-05T21:11:40.000-08:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/0b413021-7cb6-45c8-b72a-a64593348e29.mp3","mime_type":"audio/mpeg","size_in_bytes":63975032,"duration_in_seconds":7986}]},{"id":"B1B837EA-5074-42D0-A1D7-FBD3FF7BF2F6","title":"Episode 299: Fancy Bear Misfire.apk | TechSNAP 299","url":"https://techsnap.systems/299","content_text":"PHPMailer puts almost every PHP CMS at risk, the Fancy Bear Android Malware that has a complicated past \u0026amp; the new botnet that likes brag.\n\nPlus great questions, a packed round up \u0026amp; much, much more!","content_html":"\u003cp\u003ePHPMailer puts almost every PHP CMS at risk, the Fancy Bear Android Malware that has a complicated past \u0026 the new botnet that likes brag.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus great questions, a packed round up \u0026amp; much, much more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/8RMYiSLdDX8\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"PHPMailer puts almost every PHP CMS at risk, the Fancy Bear Android Malware that has a complicated past \u0026 the new botnet that likes brag.\n\nPlus great questions, a packed round up \u0026 much, much more!","date_published":"2016-12-29T18:44:14.000-08:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/000b4973-f9c1-499a-9a82-0c6571cd194f.mp3","mime_type":"audio/mpeg","size_in_bytes":44810103,"duration_in_seconds":5590}]},{"id":"E96BEA4A-083E-44F0-96C7-FC1902C25D99","title":"Episode 298: Best of 2016 | TechSNAP 298","url":"https://techsnap.systems/298","content_text":"We've given the Jupiter Broadcasting staff the holidays off, so lets take this moment to have a look back at some of the best moments of TechSNAP in 2016!","content_html":"\u003cp\u003eWe\u0026#39;ve given the Jupiter Broadcasting staff the holidays off, so lets take this moment to have a look back at some of the best moments of TechSNAP in 2016!\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/rSRfp3Bb8_I\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"We've given the Jupiter Broadcasting staff the holidays off, so lets take this moment to have a look back at some of the best moments of TechSNAP in 2016!","date_published":"2016-12-22T10:40:03.000-08:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/87f8753e-b618-46c1-ab70-5c64bb9e4632.mp3","mime_type":"audio/mpeg","size_in_bytes":43449539,"duration_in_seconds":5420}]},{"id":"C2DE5F02-1932-4829-BC76-B930758F70F7","title":"Episode 297: The Bourne Avalanche | TechSNAP 297","url":"https://techsnap.systems/297","content_text":"The Malvertising campaign that targets routers, script kiddies get a talking to \u0026amp; the Avalanche crime ringleader is on the run.\n\nPlus your questions, a packed round up \u0026amp; more!","content_html":"\u003cp\u003eThe Malvertising campaign that targets routers, script kiddies get a talking to \u0026 the Avalanche crime ringleader is on the run.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus your questions, a packed round up \u0026amp; more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/m8QbYtkLvIM\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"The Malvertising campaign that targets routers, script kiddies get a talking to \u0026 the Avalanche crime ringleader is on the run.\n\nPlus your questions, a packed round up \u0026 more!","date_published":"2016-12-15T20:19:25.000-08:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/f5d59960-8792-467b-97c3-49eed58a9eef.mp3","mime_type":"audio/mpeg","size_in_bytes":44759064,"duration_in_seconds":5584}]},{"id":"B8406FD7-9E08-4CE9-A436-7C5E48B1138C","title":"Episode 296: Schoolhouse Exploits | TechSNAP 296","url":"https://techsnap.systems/296","content_text":"Project Zero breaks the chain, we share stories from our mischievous past \u0026amp; malware as a service gets busted.\n\nPlus your great questions, a packed round up \u0026amp; much, much more!","content_html":"\u003cp\u003eProject Zero breaks the chain, we share stories from our mischievous past \u0026 malware as a service gets busted.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus your great questions, a packed round up \u0026amp; much, much more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/GnkJb1VF4wA\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"Project Zero breaks the chain, we share stories from our mischievous past \u0026 malware as a service gets busted.\n\nPlus your great questions, a packed round up \u0026 much, much more!","date_published":"2016-12-08T21:39:31.000-08:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/75f66db7-7b92-4db2-af05-54c81b9c4b49.mp3","mime_type":"audio/mpeg","size_in_bytes":48030637,"duration_in_seconds":5993}]},{"id":"3D6105CA-56B1-4CD4-A088-D8E76217DF08","title":"Episode 295: Shift+F10 and Done | TechSNAP 295","url":"https://techsnap.systems/295","content_text":"A researcher accidentally roots Microsoft Azure’s Red Hat Update Infrastructure, newly discovered router flaw in-the-wild \u0026amp; hacking Windows 10 by holding down the shift key.\n\nPlus your questions, our answers \u0026amp; a great round up!","content_html":"\u003cp\u003eA researcher accidentally roots Microsoft Azure’s Red Hat Update Infrastructure, newly discovered router flaw in-the-wild \u0026 hacking Windows 10 by holding down the shift key.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus your questions, our answers \u0026amp; a great round up!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/egMXU_fz1Qo\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"A researcher accidentally roots Microsoft Azure’s Red Hat Update Infrastructure, newly discovered router flaw in-the-wild \u0026 hacking Windows 10 by holding down the shift key.\n\nPlus your questions, our answers \u0026 a great round up!","date_published":"2016-12-01T19:58:57.000-08:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/71ce3ab2-0d69-4c70-bbaf-47cb1cc0d608.mp3","mime_type":"audio/mpeg","size_in_bytes":45382759,"duration_in_seconds":5662}]},{"id":"146347C0-20FF-47A2-9368-F6CF459DABEE","title":"Episode 294: Turkey.deb | TechSNAP 294","url":"https://techsnap.systems/294","content_text":"The Debian packaging flaw that exposes your server, we go over the state of the Internet... report that is \u0026amp; hacking 27% of the web.\n\nPlus some great questions, a fantastic round up \u0026amp; much, much more!","content_html":"\u003cp\u003eThe Debian packaging flaw that exposes your server, we go over the state of the Internet... report that is \u0026 hacking 27% of the web.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus some great questions, a fantastic round up \u0026amp; much, much more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/ngJNQ5IbVEY\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"The Debian packaging flaw that exposes your server, we go over the state of the Internet... report that is \u0026 hacking 27% of the web.\n\nPlus some great questions, a fantastic round up \u0026 much, much more!","date_published":"2016-11-24T18:37:07.000-08:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/5fb3382c-ad60-437f-82c1-ddbace1074dc.mp3","mime_type":"audio/mpeg","size_in_bytes":44537784,"duration_in_seconds":5556}]},{"id":"07088798-74D4-4F9C-8136-DF23448E2E5D","title":"Episode 293: Root in 70 Seconds | TechSNAP 293","url":"https://techsnap.systems/293","content_text":"Get a root shell by holding down enter, comprising a Linux desktop using an NES \u0026amp; PoisonTap, the impressive little hacking tool.\n\nPlus your great questions, a poppin’ round up \u0026amp; much, much more!","content_html":"\u003cp\u003eGet a root shell by holding down enter, comprising a Linux desktop using an NES \u0026 PoisonTap, the impressive little hacking tool.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus your great questions, a poppin’ round up \u0026amp; much, much more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/p8veB6CC7w0\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"Get a root shell by holding down enter, comprising a Linux desktop using an NES \u0026 PoisonTap, the impressive little hacking tool.\n\nPlus your great questions, a poppin’ round up \u0026 much, much more!","date_published":"2016-11-17T23:49:30.000-08:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/195ea0a0-25b5-467d-8d97-932b2e3dd06e.mp3","mime_type":"audio/mpeg","size_in_bytes":60528698,"duration_in_seconds":7555}]},{"id":"FA670FC3-699B-424D-955A-EB0EBA13FEE9","title":"Episode 292: Unix Security Trifecta | TechSNAP 292","url":"https://techsnap.systems/292","content_text":"It’s a trifecta of Unix vulnerabilities, our concerns with LessPass \u0026amp; a very valuable vulnerability.\n\nPlus your questions, our answers, a spicy round up \u0026amp; much, much more!","content_html":"\u003cp\u003eIt’s a trifecta of Unix vulnerabilities, our concerns with LessPass \u0026 a very valuable vulnerability.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus your questions, our answers, a spicy round up \u0026amp; much, much more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/_I_DipkuLGc\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"It’s a trifecta of Unix vulnerabilities, our concerns with LessPass \u0026 a very valuable vulnerability.\n\nPlus your questions, our answers, a spicy round up \u0026 much, much more!","date_published":"2016-11-10T08:51:06.000-08:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/5f49bd01-977e-4a91-870f-1a3570ce43ed.mp3","mime_type":"audio/mpeg","size_in_bytes":50189603,"duration_in_seconds":6263}]},{"id":"7B2E0A4F-4B49-4DD0-9E80-D71F28351AE1","title":"Episode 291: Nuclear IoT Toaster | TechSNAP 291","url":"https://techsnap.systems/291","content_text":"We go deep into sophisticated modular malware \u0026amp; meet the manufacturer who vows to recall their IoT devices used in recent attacks.\n\nPlus home server questions, a fun round-up \u0026amp; more!","content_html":"\u003cp\u003eWe go deep into sophisticated modular malware \u0026 meet the manufacturer who vows to recall their IoT devices used in recent attacks.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus home server questions, a fun round-up \u0026amp; more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/i_doq52TyS8\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"We go deep into sophisticated modular malware \u0026 meet the manufacturer who vows to recall their IoT devices used in recent attacks.\n\nPlus home server questions, a fun round-up \u0026 more!","date_published":"2016-11-03T01:50:19.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/214402db-7392-47db-8598-7b91a7d2faef.mp3","mime_type":"audio/mpeg","size_in_bytes":32873779,"duration_in_seconds":4098}]},{"id":"131ECEB0-9245-4405-83DA-CBF93D98035D","title":"Episode 290: Internet Snow Day | TechSNAP 290","url":"https://techsnap.systems/290","content_text":"A large managed DNS provider was taken down by a DDoS, we'll tell you all about Dyn’s big outage.\n\nThen we beat the dead dirty CoW, answer your questions, a breaking news round up \u0026amp; more!","content_html":"\u003cp\u003eA large managed DNS provider was taken down by a DDoS, we'll tell you all about Dyn’s big outage.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003eThen we beat the dead dirty CoW, answer your questions, a breaking news round up \u0026amp; more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/L1tpQJqXstE\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"A large managed DNS provider was taken down by a DDoS, we'll tell you all about Dyn’s big outage.\n\nThen we beat the dead dirty CoW, answer your questions, a breaking news round up \u0026 more!","date_published":"2016-10-27T17:27:33.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/c67ed847-bbcc-45f1-819c-cdddf2a31845.mp3","mime_type":"audio/mpeg","size_in_bytes":40029873,"duration_in_seconds":4993}]},{"id":"17E570EE-C1C8-4E65-AFAE-DA96F0F85F6A","title":"Episode 289: Long Broken SSL History | TechSNAP 289","url":"https://techsnap.systems/289","content_text":"Spreading the DDoS Disease \u0026amp; selling the cure, we have the audit results of TrueCrypt’s replacement \u0026amp; a comprehensive history of the most important events that shaped the SSL ecosystem.\n\nPlus your great questions, our answers \u0026amp; much... Much MORE!","content_html":"\u003cp\u003eSpreading the DDoS Disease \u0026 selling the cure, we have the audit results of TrueCrypt’s replacement \u0026 a comprehensive history of the most important events that shaped the SSL ecosystem.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus your great questions, our answers \u0026amp; much... Much MORE!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/sWxaUvK_hsA\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"Spreading the DDoS Disease \u0026 selling the cure, we have the audit results of TrueCrypt’s replacement \u0026 a comprehensive history of the most important events that shaped the SSL ecosystem.\n\nPlus your great questions, our answers \u0026 much... Much MORE!","date_published":"2016-10-21T00:25:01.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/da436282-775e-40a2-8dff-ceed7be7b30d.mp3","mime_type":"audio/mpeg","size_in_bytes":77671820,"duration_in_seconds":9698}]},{"id":"8316F4C4-F280-4102-82B7-BBF3DB55D833","title":"Episode 288: Internet of Default Passwords | TechSNAP 288","url":"https://techsnap.systems/288","content_text":"The Internet of Things is the Internet of Terrible, we’ll round up the week’s stories \u0026amp; submit the TechSNAP solution to you the audience. Plus the security cost of Android fragmentation, great questions \u0026amp; a packed round up!","content_html":"\u003cp\u003eThe Internet of Things is the Internet of Terrible, we’ll round up the week’s stories \u0026amp; submit the TechSNAP solution to you the audience. Plus the security cost of Android fragmentation, great questions \u0026amp; a packed round up!\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/VHEyuogMSVs\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"The Internet of Things is the Internet of Terrible, we’ll round up the week’s stories \u0026 submit the TechSNAP solution to you the audience. Plus the security cost of Android fragmentation, great questions \u0026 a packed round up!","date_published":"2016-10-14T01:48:55.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/afbf2e17-57f1-4414-9b75-04681da8af83.mp3","mime_type":"audio/mpeg","size_in_bytes":48110160,"duration_in_seconds":6003}]},{"id":"64B3770B-51AD-424A-9989-0395D94E62DF","title":"Episode 287: Open Source Botnet | TechSNAP 287","url":"https://techsnap.systems/287","content_text":"The Source code for a historic botnet has been released, the tale of a DNS packet \u0026amp; four ways to hack ATMs.\n\nPlus your hard questions, our answers, a rockin' roundup \u0026amp; more!","content_html":"\u003cp\u003eThe Source code for a historic botnet has been released, the tale of a DNS packet \u0026 four ways to hack ATMs.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus your hard questions, our answers, a rockin\u0026#39; roundup \u0026amp; more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/rLF3tNuCJKA\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"The Source code for a historic botnet has been released, the tale of a DNS packet \u0026 four ways to hack ATMs.\n\nPlus your hard questions, our answers, a rockin' roundup \u0026 more!","date_published":"2016-10-06T21:21:31.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/54c5e9ea-6fde-47ce-8378-d804df7e47d7.mp3","mime_type":"audio/mpeg","size_in_bytes":63906806,"duration_in_seconds":7978}]},{"id":"504CC113-DF48-4DEC-8367-866CAE58F9C0","title":"Episode 286: Botnet of Things | TechSNAP 286","url":"https://techsnap.systems/286","content_text":"Krebs is hit with DDoS attack \u0026amp; then gets kicked off of Akamai. We’ll tell you about the record breaking details, Firefox puts it foot down, picking NFS or Samba…\n\nYour questions, our answers, a packed Round Up \u0026amp; much more!","content_html":"\u003cp\u003eKrebs is hit with DDoS attack \u0026 then gets kicked off of Akamai. We’ll tell you about the record breaking details, Firefox puts it foot down, picking NFS or Samba…\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003eYour questions, our answers, a packed Round Up \u0026amp; much more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/aMoPTGlqitc\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"Krebs is hit with DDoS attack \u0026 then gets kicked off of Akamai. We’ll tell you about the record breaking details, Firefox puts it foot down, picking NFS or Samba…\n\nYour questions, our answers, a packed Round Up \u0026 much more!","date_published":"2016-09-29T20:15:58.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/dae4e55a-7301-4057-8508-645ef577673b.mp3","mime_type":"audio/mpeg","size_in_bytes":61021729,"duration_in_seconds":7617}]},{"id":"E99993BB-527A-4800-ADF4-668EDF08843F","title":"Episode 285: OpSec for Script Kiddies | TechSNAP 285","url":"https://techsnap.systems/285","content_text":"The FBI arrests the script kiddies that hacked the CIA director, how Dropbox hacks your Mac \u0026amp; the guys behind a DDoS for hire service get busted.\n\nPlus great questions, our answers, a rockin roundup \u0026amp; more!","content_html":"\u003cp\u003eThe FBI arrests the script kiddies that hacked the CIA director, how Dropbox hacks your Mac \u0026 the guys behind a DDoS for hire service get busted.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus great questions, our answers, a rockin roundup \u0026amp; more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/PFQcsff5ifc\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"The FBI arrests the script kiddies that hacked the CIA director, how Dropbox hacks your Mac \u0026 the guys behind a DDoS for hire service get busted.\n\nPlus great questions, our answers, a rockin roundup \u0026 more!","date_published":"2016-09-22T08:34:53.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/c056ed9b-cfb9-4a0a-93a2-9fad41f71682.mp3","mime_type":"audio/mpeg","size_in_bytes":29618766,"duration_in_seconds":3692}]},{"id":"310BA38B-1547-4377-894E-DB5C6447A330","title":"Episode 284: Buffalo Overflow | TechSNAP 284","url":"https://techsnap.systems/284","content_text":"Massive drive failures after a datacenter gas attack. A critical MySQL vulnerability you should know about \u0026amp; is Cisco responsible for the death of an MMO?\n\nPlus great questions, our answers \u0026amp; much more!","content_html":"\u003cp\u003eMassive drive failures after a datacenter gas attack. A critical MySQL vulnerability you should know about \u0026 is Cisco responsible for the death of an MMO?\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus great questions, our answers \u0026amp; much more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/AsHgjIOADPg\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"Massive drive failures after a datacenter gas attack. A critical MySQL vulnerability you should know about \u0026 is Cisco responsible for the death of an MMO?\n\nPlus great questions, our answers \u0026 much more!","date_published":"2016-09-15T17:28:09.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/880b4741-b8b6-4e48-b9af-ac6677e197a2.mp3","mime_type":"audio/mpeg","size_in_bytes":37459238,"duration_in_seconds":4672}]},{"id":"A80CEF4B-1B87-4630-9618-9F34AA0BBF98","title":"Episode 283: I Can't Believe It's Not Ethernet | TechSNAP 283","url":"https://techsnap.systems/283","content_text":"How a modified USB ethernet adapter can steal credentials, a new compression algorithm from Facebook that might be legit \u0026amp; the terrible terrible security of a consumer NAS.\n\nPlus great questions, our answers, a fun roundup \u0026amp; much, much more!","content_html":"\u003cp\u003eHow a modified USB ethernet adapter can steal credentials, a new compression algorithm from Facebook that might be legit \u0026 the terrible terrible security of a consumer NAS.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus great questions, our answers, a fun roundup \u0026amp; much, much more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/N3o48xyM7ZM\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"How a modified USB ethernet adapter can steal credentials, a new compression algorithm from Facebook that might be legit \u0026 the terrible terrible security of a consumer NAS.\n\nPlus great questions, our answers, a fun roundup \u0026 much, much more!","date_published":"2016-09-08T21:00:07.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/f2f85e73-bb14-4de4-a4b9-f40cef2caf32.mp3","mime_type":"audio/mpeg","size_in_bytes":40232092,"duration_in_seconds":5018}]},{"id":"981B5A0F-5B39-409C-8A61-959BB0CF6F24","title":"Episode 282: The Shadow Knows | TechSNAP 282","url":"https://techsnap.systems/282","content_text":"The ShadowBrokers release a batch of the NSA’s tools \u0026amp; we dive in. A Google login issue allows for credential theft \u0026amp; researchers map the Netflix content delivery network!\n\nPlus great feedback, follow up, a rockin' roundup \u0026amp; much, much more!","content_html":"\u003cp\u003eThe ShadowBrokers release a batch of the NSA’s tools \u0026 we dive in. A Google login issue allows for credential theft \u0026 researchers map the Netflix content delivery network!\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus great feedback, follow up, a rockin\u0026#39; roundup \u0026amp; much, much more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/sqXzykoGl5Q\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"The ShadowBrokers release a batch of the NSA’s tools \u0026 we dive in. A Google login issue allows for credential theft \u0026 researchers map the Netflix content delivery network!\n\nPlus great feedback, follow up, a rockin' roundup \u0026 much, much more!","date_published":"2016-09-01T19:21:35.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/f7afae7e-6313-43ce-b3e6-3c0eca4db385.mp3","mime_type":"audio/mpeg","size_in_bytes":45147885,"duration_in_seconds":5633}]},{"id":"E9A33A05-417E-4BB8-8573-653AA552C854","title":"Episode 281: iPhishing Expedition | TechSNAP 281","url":"https://techsnap.systems/281","content_text":"iOS targeted malware in the wild, the simple approach to hacking electronic safes \u0026amp; how digital forensics prove a journalist was framed.\n\nPlus your great questions, a packed round up \u0026amp; much more!","content_html":"\u003cp\u003eiOS targeted malware in the wild, the simple approach to hacking electronic safes \u0026 how digital forensics prove a journalist was framed.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus your great questions, a packed round up \u0026amp; much more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/9NNSFY59Rdo\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"iOS targeted malware in the wild, the simple approach to hacking electronic safes \u0026 how digital forensics prove a journalist was framed.\n\nPlus your great questions, a packed round up \u0026 much more!","date_published":"2016-08-25T19:49:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/ed68434f-b21d-4f40-8f91-1cf3c5e9ae43.mp3","mime_type":"audio/mpeg","size_in_bytes":39452271,"duration_in_seconds":4921}]},{"id":"6671BE33-52E3-4372-B532-074CAD41BBC7","title":"Episode 280: Microsoft’s Golden Ticket | TechSNAP 280","url":"https://techsnap.systems/280","content_text":"Microsoft leaks their golden key, allowing attackers to unlock secure boot systems, a security breach at Oracle exposes hundreds of companies \u0026amp; Linux has an embarrassing networking stack bug.\n\nPlus your questions, our answers \u0026amp; a packed round up!","content_html":"\u003cp\u003eMicrosoft leaks their golden key, allowing attackers to unlock secure boot systems, a security breach at Oracle exposes hundreds of companies \u0026 Linux has an embarrassing networking stack bug.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus your questions, our answers \u0026amp; a packed round up!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/IrksA-KJm_w\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"Microsoft leaks their golden key, allowing attackers to unlock secure boot systems, a security breach at Oracle exposes hundreds of companies \u0026 Linux has an embarrassing networking stack bug.\n\nPlus your questions, our answers \u0026 a packed round up!","date_published":"2016-08-18T09:03:59.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/b1d4ef63-b411-4307-9e66-12a3fc2616fb.mp3","mime_type":"audio/mpeg","size_in_bytes":47498724,"duration_in_seconds":5927}]},{"id":"F2B9AEB9-52B6-4C8D-AFAD-6A08771D4C9A","title":"Episode 279: The Internet is Dying | TechSNAP 279","url":"https://techsnap.systems/279","content_text":"Why the Internet needs it’s own version of cancer researchers, bypassing chip and pin protections \u0026amp; the 2016 Pwnie Awards from Blackhat!\n\nPlus your questions, our answers \u0026amp; much, much more!","content_html":"\u003cp\u003eWhy the Internet needs it’s own version of cancer researchers, bypassing chip and pin protections \u0026 the 2016 Pwnie Awards from Blackhat!\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus your questions, our answers \u0026amp; much, much more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/YFtXi_Y-1SY\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"Why the Internet needs it’s own version of cancer researchers, bypassing chip and pin protections \u0026 the 2016 Pwnie Awards from Blackhat!\n\nPlus your questions, our answers \u0026 much, much more!","date_published":"2016-08-11T07:08:50.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/25657849-a571-4385-9351-9bb5de15fb48.mp3","mime_type":"audio/mpeg","size_in_bytes":33138151,"duration_in_seconds":4131}]},{"id":"2EF103D3-0DDC-4F7D-8BFC-32BFAF344BE7","title":"Episode 278: Dangerous Dangling Quotes | TechSNAP 278","url":"https://techsnap.systems/278","content_text":"How to get an SSL certificate for other people's domains, how to decrypt HTTPS traffic with some javascript \u0026amp; the latest storage reliability report.\n\nPlus great questions \u0026amp; a rocking round up!","content_html":"\u003cp\u003eHow to get an SSL certificate for other people's domains, how to decrypt HTTPS traffic with some javascript \u0026 the latest storage reliability report.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus great questions \u0026amp; a rocking round up!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/P9JfZMZtbSs\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"How to get an SSL certificate for other people's domains, how to decrypt HTTPS traffic with some javascript \u0026 the latest storage reliability report.\n\nPlus great questions \u0026 a rocking round up!","date_published":"2016-08-04T18:48:29.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/f66cb2da-87d3-4a44-a2bb-b44076823342.mp3","mime_type":"audio/mpeg","size_in_bytes":44318992,"duration_in_seconds":5529}]},{"id":"1515255F-DBC6-42A1-97AB-B6334F511231","title":"Episode 277: Internet Power Struggle | TechSNAP 277","url":"https://techsnap.systems/277","content_text":"We’re in the middle of an epic battle for power in cyberspace \u0026amp; Bruce Schneier breaks it down. PHP gets broken, PornHub gets hacked \u0026amp; the disgruntled employee who wiped the router configs on his way out the door.\n\nPlus great emails, a packed round up \u0026amp; more!","content_html":"\u003cp\u003eWe’re in the middle of an epic battle for power in cyberspace \u0026 Bruce Schneier breaks it down. PHP gets broken, PornHub gets hacked \u0026 the disgruntled employee who wiped the router configs on his way out the door.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus great emails, a packed round up \u0026amp; more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/5DiTdvqg6qA\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"We’re in an epic battle for power in cyberspace \u0026 Bruce Schneier breaks it down. PHP gets broken, PornHub gets hacked \u0026 the disgruntled employee who wiped the router configs on his way out the door.\n\nPlus great emails, a packed round up \u0026 more!","date_published":"2016-07-28T22:55:15.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/d0d1b3e3-a991-4d7b-bfa6-02f8ad9fc14d.mp3","mime_type":"audio/mpeg","size_in_bytes":43019238,"duration_in_seconds":5367}]},{"id":"32E3D0F7-DEF0-4E86-9D5F-5DF6E23DE8B0","title":"Episode 276: Bitmap Pox | TechSNAP 276","url":"https://techsnap.systems/276","content_text":"A new vulnerability in many websites, Oracle's Outside In Technology, Turned Inside-Out \u0026amp; the value of a hacked company.\n\nPlus your questions, our answers, a really great round up \u0026amp; much more!","content_html":"\u003cp\u003eA new vulnerability in many websites, Oracle's Outside In Technology, Turned Inside-Out \u0026 the value of a hacked company.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus your questions, our answers, a really great round up \u0026amp; much more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/q2fnAtpS65Y\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"A new vulnerability in many websites, Oracle's Outside In Technology, Turned Inside-Out \u0026 the value of a hacked company.\n\nPlus your questions, our answers, a really great round up \u0026 much more!","date_published":"2016-07-21T19:19:58.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/199db873-e7d4-463a-a55c-287601c9b538.mp3","mime_type":"audio/mpeg","size_in_bytes":38132330,"duration_in_seconds":4756}]},{"id":"7F664503-9ED3-499A-8F47-20DE45676ED9","title":"Episode 275: Ending Ransomware | TechSNAP 275","url":"https://techsnap.systems/275","content_text":"A potential solution to Ransomware, the 15 year bug that cost CitiGroup $7 Million dollars, Dropbox’s new middle out compression \u0026amp; another flaw that affects all versions of Windows.\n\nPlus your questions, our answers, a packed roundup \u0026amp; more!","content_html":"\u003cp\u003eA potential solution to Ransomware, the 15 year bug that cost CitiGroup $7 Million dollars, Dropbox’s new middle out compression \u0026 another flaw that affects all versions of Windows.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus your questions, our answers, a packed roundup \u0026amp; more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/vke_RJWBk3U\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"A potential solution to Ransomware, the 15 year bug that cost CitiGroup $7 Million dollars, Dropbox’s new middle out compression \u0026 another flaw that affects all versions of Windows.\n\nPlus your questions, our answers, a packed roundup \u0026 more!","date_published":"2016-07-14T18:41:22.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/c352ec81-d674-4c95-b102-2464a88fdb52.mp3","mime_type":"audio/mpeg","size_in_bytes":41213219,"duration_in_seconds":5141}]},{"id":"99DB924C-A14B-48BF-887B-2FF3B2864735","title":"Episode 274: Windows Exploit Edition | TechSNAP 274","url":"https://techsnap.systems/274","content_text":"On this weeks episode we cover a UEFI firmware bug that is affecting computers including ThinkPads, tell you how your windows box can be totally pwned even if it's fully encrypted \u0026amp; talk about the shortcomings of the MD5 checksum. Plus the feedback, the roundup \u0026amp; more!","content_html":"\u003cp\u003eOn this weeks episode we cover a UEFI firmware bug that is affecting computers including ThinkPads, tell you how your windows box can be totally pwned even if it\u0026#39;s fully encrypted \u0026amp; talk about the shortcomings of the MD5 checksum. Plus the feedback, the roundup \u0026amp; more!\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/wyXDJVs_xtg\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"On this weeks episode we cover a UEFI firmware bug that is affecting computers including ThinkPads, tell you how your windows box can be totally pwned even if it's encrypted \u0026 talk about the shortcomings of the MD5 checksum. Plus the feedback \u0026 more!","date_published":"2016-07-07T20:30:19.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/cee6f7d5-a84c-4b8c-b1ba-b4d646a9471c.mp3","mime_type":"audio/mpeg","size_in_bytes":42439541,"duration_in_seconds":5294}]},{"id":"A96CC29F-51EC-446F-9782-415E40F5C0E2","title":"Episode 273: Make Ads GIF Again | TechSNAP 273","url":"https://techsnap.systems/273","content_text":"Project Zero lays into Symantec's enterprise products, the botnet you’ll never find \u0026amp; the poor security of HTML5 video ads.\n\nPlus your questions, our answers \u0026amp; much more!","content_html":"\u003cp\u003eProject Zero lays into Symantec's enterprise products, the botnet you’ll never find \u0026 the poor security of HTML5 video ads.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus your questions, our answers \u0026amp; much more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/jUypkOtzMxM\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"Project Zero lays into Symantec's enterprise products, the botnet you’ll never find \u0026 the poor security of HTML5 video ads.\n\nPlus your questions, our answers \u0026 much more!","date_published":"2016-06-30T18:49:48.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/0173d61f-1509-47a5-8331-1763d8497cae.mp3","mime_type":"audio/mpeg","size_in_bytes":46947688,"duration_in_seconds":5858}]},{"id":"83050093-9410-487D-B6F9-D980D028C6E8","title":"Episode 272: Game of File Systems | TechSNAP 272","url":"https://techsnap.systems/272","content_text":"What’s got Windows admins in a Panic? Total chaos my friends, we’ll tell you why. Extensive coverage of Apple’s new filesystem, Ransomware that might just impress you…\n\nYour great questions, our answers, a packed round up \u0026amp; much, much more!","content_html":"\u003cp\u003eWhat’s got Windows admins in a Panic? Total chaos my friends, we’ll tell you why. Extensive coverage of Apple’s new filesystem, Ransomware that might just impress you…\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003eYour great questions, our answers, a packed round up \u0026amp; much, much more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/ncw0GEw4gxs\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"What’s got Windows admins in a Panic? Total chaos my friends, we’ll tell you why. Extensive coverage of Apple’s new filesystem, Ransomware that might just impress you…\n\nYour great questions, our answers, a packed round up \u0026 much, much more!","date_published":"2016-06-23T19:58:09.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/1941d3bf-ad6c-4fd3-8034-7df29cc7da95.mp3","mime_type":"audio/mpeg","size_in_bytes":61284041,"duration_in_seconds":7650}]},{"id":"617BF5EE-4D50-4FB3-9A41-644F49D3B307","title":"Episode 271: Apple Pretend Filesystem | TechSNAP 271","url":"https://techsnap.systems/271","content_text":"Why didn’t Apple choose ZFS for its new filesystem? We journey through the long history of ZFS at Apple. Plus how the BadTunnel bug can hijack traffic from all versions of Windows \u0026amp; should we worry about Intel’s management tech? \n\nPlus great questions, a huge round up \u0026amp; much more!","content_html":"\u003cp\u003eWhy didn’t Apple choose ZFS for its new filesystem? We journey through the long history of ZFS at Apple. Plus how the BadTunnel bug can hijack traffic from all versions of Windows \u0026 should we worry about Intel’s management tech? \u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus great questions, a huge round up \u0026amp; much more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/ao8y9rYIvyU\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"Why didn’t Apple choose ZFS for its new filesystem? We journey through the long history of ZFS at Apple. Plus how the BadTunnel bug can hijack traffic from all versions of Windows \u0026 should we worry about Intel’s management tech \u0026 much more!","date_published":"2016-06-16T19:51:16.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/67be0b13-ba5a-43f6-b148-96eb1c39b246.mp3","mime_type":"audio/mpeg","size_in_bytes":56925779,"duration_in_seconds":7105}]},{"id":"3790A480-1C1F-459D-9EA7-CDCC79790AA8","title":"Episode 270: Signature Bloatware Updates | TechSNAP 270","url":"https://techsnap.systems/270","content_text":"The bloatware shipping on those new computers is way, way worse than you probably thought, Internet exposed printers \u0026amp; the thrilling story of reverse engineering an ATM skimmer. Yes that’s really a thing.\n\nPlus great questions, our answers \u0026amp; more!","content_html":"\u003cp\u003eThe bloatware shipping on those new computers is way, way worse than you probably thought, Internet exposed printers \u0026 the thrilling story of reverse engineering an ATM skimmer. Yes that’s really a thing.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus great questions, our answers \u0026amp; more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/qj9wk_RloiY\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"The bloatware shipping on those new computers is way, way worse than you probably thought, Internet exposed printers \u0026 the thrilling story of reverse engineering an ATM skimmer. Yes that’s really a thing.\n\nPlus great questions, our answers \u0026 more!","date_published":"2016-06-09T11:18:02.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/da2b1d51-8425-4ca1-afda-8512a0007296.mp3","mime_type":"audio/mpeg","size_in_bytes":36538586,"duration_in_seconds":4557}]},{"id":"73E04878-85C4-4346-A675-A90A29838B55","title":"Episode 269: 10,000 Cables Under the Sea | TechSNAP 269","url":"https://techsnap.systems/269","content_text":"Windows exploits for sale at a great price, how the Internet works, yes, seriously \u0026amp; it's awesome!\n\nPlus we solve some of your problems, a great roundup \u0026amp; more!","content_html":"\u003cp\u003eWindows exploits for sale at a great price, how the Internet works, yes, seriously \u0026 it's awesome!\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus we solve some of your problems, a great roundup \u0026amp; more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/BZHz-juFw2E\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"Windows exploits for sale at a great price, how the Internet works, yes, seriously \u0026 it's awesome!\n\nPlus we solve some of your problems, a great roundup \u0026 more!","date_published":"2016-06-02T17:24:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/f809cb97-9b6f-4119-9348-d92366f174b6.mp3","mime_type":"audio/mpeg","size_in_bytes":48783989,"duration_in_seconds":6087}]},{"id":"A0D6D0E6-D044-4B91-A73C-4ECCD11D7BB8","title":"Episode 268: PIS Poor DNS | TechSNAP 268","url":"https://techsnap.systems/268","content_text":"Is the “Dark Cloud” hype, or a real technology? Using DNS tunneling for remote command and control \u0026amp; the big problem with 1-Day exploits.\n\nPlus your great question, our answers, a breaking news roundup \u0026amp; more!","content_html":"\u003cp\u003eIs the “Dark Cloud” hype, or a real technology? Using DNS tunneling for remote command and control \u0026 the big problem with 1-Day exploits.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus your great question, our answers, a breaking news roundup \u0026amp; more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/O_Clp1-n7dY\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"Is the “Dark Cloud” hype, or a real technology? Using DNS tunneling for remote command and control \u0026 the big problem with 1-Day exploits.\n\nPlus your great question, our answers, a breaking news roundup \u0026 more!","date_published":"2016-05-26T18:38:08.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/bb294ced-f223-49fd-9bef-d85dc78f74b3.mp3","mime_type":"audio/mpeg","size_in_bytes":43158327,"duration_in_seconds":5384}]},{"id":"F63253DD-6474-4C81-9CBE-EB2BDD719375","title":"Episode 267: My Kingdom for a VLAN | TechSNAP 267","url":"https://techsnap.systems/267","content_text":"A typo stops a billion dollar bank hack, a vulnerability in 7zip that might surprise you \u0026amp; the best solutions for secure remote network access.\n\nYour great questions, our answers, a packed round up \u0026amp; more!","content_html":"\u003cp\u003eA typo stops a billion dollar bank hack, a vulnerability in 7zip that might surprise you \u0026 the best solutions for secure remote network access.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003eYour great questions, our answers, a packed round up \u0026amp; more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/2-F6KR6RsXQ\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"A typo stops a billion dollar bank hack, a vulnerability in 7zip that might surprise you \u0026 the best solutions for secure remote network access.\n\nYour great questions, our answers, a packed round up \u0026 more!","date_published":"2016-05-19T18:39:53.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/aa2de3c8-d6a5-4213-a0f1-555288d4a045.mp3","mime_type":"audio/mpeg","size_in_bytes":40294063,"duration_in_seconds":5026}]},{"id":"37628685-AD03-4409-915D-7FAD714FE782","title":"Episode 266: Curl Sleeper Agent | TechSNAP 266","url":"https://techsnap.systems/266","content_text":"Zero-day exploits striking over 100 systems, if you think copying links to bash scripts from the internet is okay, maybe you shouldn't be root \u0026amp; the day Google automated itself off the internet.\n\nPlus your questions, our answers, a huge round up \u0026amp; more!","content_html":"\u003cp\u003eZero-day exploits striking over 100 systems, if you think copying links to bash scripts from the internet is okay, maybe you shouldn't be root \u0026 the day Google automated itself off the internet.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus your questions, our answers, a huge round up \u0026amp; more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/Zy_66AaErw8\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"Zero-day exploits striking over 100 systems, if you think copying links to bash scripts from the internet is okay, maybe you shouldn't be root \u0026 the day Google automated itself off the internet.\n\nPlus your questions, our answers, a huge round up \u0026 more!","date_published":"2016-05-12T20:40:46.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/4006a4fe-a1bf-47f8-9f3f-efcdf74604e0.mp3","mime_type":"audio/mpeg","size_in_bytes":48276546,"duration_in_seconds":6024}]},{"id":"96932968-2804-4AD4-96C6-C4B0EAC596BD","title":"Episode 265: Insecure Socket Layer | TechSNAP 265","url":"https://techsnap.systems/265","content_text":"A critical flaw in that bit of software tucked far far away that you never think about… Until now, we explain why ImageTragick is a pain. More OpenSSL flaws \u0026amp; fraudsters stealing tax data from the motherload. \n\nPlus great questions, our answers, a packed Round up \u0026amp; more!","content_html":"\u003cp\u003eA critical flaw in that bit of software tucked far far away that you never think about… Until now, we explain why ImageTragick is a pain. More OpenSSL flaws \u0026 fraudsters stealing tax data from the motherload. \u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus great questions, our answers, a packed Round up \u0026amp; more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/h2t23myNWw8\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"A critical flaw in that bit of software tucked far far away that you never think about… We explain why ImageTragick is a pain. More OpenSSL flaws \u0026 fraudsters stealing tax data from the motherload. \n\nPlus your questions, our answers, the roundup \u0026 more!","date_published":"2016-05-05T21:37:50.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/514dc90a-0af3-4d68-b75c-93406c435520.mp3","mime_type":"audio/mpeg","size_in_bytes":41251494,"duration_in_seconds":5146}]},{"id":"EBDB5A6E-41E3-4DA4-84CC-37D4CCF8336E","title":"Episode 264: On Target | TechSNAP 264","url":"https://techsnap.systems/264","content_text":"This week, Chris \u0026amp; allan are both out of town at different shenanigans, but they recorded a sneaky episode for you in which they recap the Target breach, from when the news broke to the lessons learned and everything in between!","content_html":"\u003cp\u003eThis week, Chris \u0026amp; allan are both out of town at different shenanigans, but they recorded a sneaky episode for you in which they recap the Target breach, from when the news broke to the lessons learned and everything in between!\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/px7j_2KYSkw\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"This week, Chris \u0026 allan are both out of town at different shenanigans, but they recorded a sneaky episode for you in which they recap the Target breach, from when the news broke to the lessons learned and everything in between!","date_published":"2016-04-28T06:58:28.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/d7e1310d-9898-4905-9346-779ad3cda15e.mp3","mime_type":"audio/mpeg","size_in_bytes":41487985,"duration_in_seconds":5175}]},{"id":"0638D7DB-515E-449C-AF1B-B584DC5595F7","title":"Episode 263: One Key to Rule Them All | TechSNAP 263","url":"https://techsnap.systems/263","content_text":"This week, the FBI says APT6 has pawned the government for the last 5 years, Unaoil: a company that's bribing the world \u0026amp; Researchers find a flaw in the visa database.\n\nAll that plus a packed feedback, roundup \u0026amp; more!","content_html":"\u003cp\u003eThis week, the FBI says APT6 has pawned the government for the last 5 years, Unaoil: a company that's bribing the world \u0026 Researchers find a flaw in the visa database.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003eAll that plus a packed feedback, roundup \u0026amp; more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/Wm_FBMQWBlY\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"This week, the FBI says APT6 has pawned the government for the last 5 years, Unaoil: a company that's bribing the world \u0026 Researchers find a flaw in the visa database.\n\nAll that plus a packed feedback, roundup \u0026 more!","date_published":"2016-04-21T11:44:47.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/99b44268-e42b-4368-a39c-5689e358d319.mp3","mime_type":"audio/mpeg","size_in_bytes":33977893,"duration_in_seconds":4236}]},{"id":"AC85D9F6-AFB1-40D1-BABB-F98206303C36","title":"Episode 262: rm -rf $ALLTHETHINGS/ | TechSNAP 262","url":"https://techsnap.systems/262","content_text":"Find out why everyone's just a little disappointed in Badlock, the bad security that could be connected to the Panama Papers leak \u0026amp; the story of a simple delete command that took out an entire hosting provider.\n\nPlus your batch of networking questions, our answers \u0026amp; a packed round up!","content_html":"\u003cp\u003eFind out why everyone's just a little disappointed in Badlock, the bad security that could be connected to the Panama Papers leak \u0026 the story of a simple delete command that took out an entire hosting provider.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus your batch of networking questions, our answers \u0026amp; a packed round up!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/h9MFm88IOPs\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"Find out why everyone's disappointed in Badlock, the bad security that could be connected to the Panama Papers leak \u0026 a simple delete command that took out an entire hosting provider.\n\nPlus your batch of networking questions, a packed round up \u0026 more!","date_published":"2016-04-14T19:38:34.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/2a9000b6-76d2-4030-8ddd-c973a1bed71e.mp3","mime_type":"audio/mpeg","size_in_bytes":46450693,"duration_in_seconds":5796}]},{"id":"03421C0F-687D-4656-8E8C-0705E6374D57","title":"Episode 261: Holding Hospitals Hostage | TechSNAP 261","url":"https://techsnap.systems/261","content_text":"Find out about another hospital that accidentally took advantage of free encryption, researchers turn up a DDoS on the root DNS servers \u0026amp; the password test you never want to take.\n\nPlus your batch of networking questions, our answers \u0026amp; a packed round up!","content_html":"\u003cp\u003eFind out about another hospital that accidentally took advantage of free encryption, researchers turn up a DDoS on the root DNS servers \u0026 the password test you never want to take.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus your batch of networking questions, our answers \u0026amp; a packed round up!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/qRhbOMHUk1g\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"Find out about another hospital that accidentally took advantage of free encryption, researchers turn up a DDoS on the root DNS servers \u0026 the password test you never want to take.\n\nPlus your batch of networking questions, our answers \u0026 a packed round up!","date_published":"2016-04-07T09:51:27.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/ac87143e-5fd9-4090-bcf1-74101005a626.mp3","mime_type":"audio/mpeg","size_in_bytes":35523582,"duration_in_seconds":4430}]},{"id":"8DA3642C-1DEC-4279-873D-2B2F3BA8273F","title":"Episode 260: Pay to Boot | TechSNAP 260","url":"https://techsnap.systems/260","content_text":"New Ransomware locks your bootloader \u0026amp; makes you pay to boot. Malware with built in DRM? We’ll share the story of this clever hack.\n\nPlus some great questions, our answers, a packed round up \u0026amp; more!","content_html":"\u003cp\u003eNew Ransomware locks your bootloader \u0026 makes you pay to boot. Malware with built in DRM? We’ll share the story of this clever hack.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus some great questions, our answers, a packed round up \u0026amp; more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/aH9Eab73uN8\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"New Ransomware locks your bootloader \u0026 makes you pay to boot. Malware with built in DRM? We’ll share the story of this clever hack.\n\nPlus some great questions, our answers, a packed round up \u0026 more!","date_published":"2016-03-31T16:03:26.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/498e4a43-ff85-4503-bfdd-9eef572e071a.mp3","mime_type":"audio/mpeg","size_in_bytes":35225647,"duration_in_seconds":4392}]},{"id":"2F7CB58D-906F-4E8C-872C-7A9C53FF64F6","title":"Episode 259: Can You Hack Me Now? | TechSNAP 259","url":"https://techsnap.systems/259","content_text":"Verizon Enterprise gets breached \u0026amp; the irony is strong with this one, details on the NPM fiasco \u0026amp; why the SAMSAM is holding up the doctor.\n\nPlus some great questions, a packed round up \u0026amp; much, much more!","content_html":"\u003cp\u003eVerizon Enterprise gets breached \u0026 the irony is strong with this one, details on the NPM fiasco \u0026 why the SAMSAM is holding up the doctor.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus some great questions, a packed round up \u0026amp; much, much more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/c695e4HAvuY\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"Verizon Enterprise gets breached \u0026 the irony is strong with this one, details on the NPM fiasco \u0026 why the SAMSAM is holding up the doctor.\n\nPlus some great questions, a packed round up \u0026 much, much more!","date_published":"2016-03-24T18:54:15.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/8cc140f2-9090-4a02-9faa-9a0366498df1.mp3","mime_type":"audio/mpeg","size_in_bytes":43613697,"duration_in_seconds":5441}]},{"id":"242A017F-88D2-441B-B766-98C31E6DF940","title":"Episode 258: Metaphorically Exploited | TechSNAP 258","url":"https://techsnap.systems/258","content_text":"The theoretical Android flaw becomes reality, a simple phishing scam hits some major companies \u0026amp; why your PIN has already been leaked.\n\nPlus great questions, our answers, a rocking round up \u0026amp; much, much more!","content_html":"\u003cp\u003eThe theoretical Android flaw becomes reality, a simple phishing scam hits some major companies \u0026 why your PIN has already been leaked.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus great questions, our answers, a rocking round up \u0026amp; much, much more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/HLIbzg1E0yU\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"The theoretical Android flaw becomes reality, a simple phishing scam hits some major companies \u0026 why your PIN has already been leaked.\n\nPlus great questions, our answers, a rocking round up \u0026 much, much more!","date_published":"2016-03-17T18:11:45.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/ad7109d7-c297-4213-97e8-3085af86c2d9.mp3","mime_type":"audio/mpeg","size_in_bytes":35129980,"duration_in_seconds":4380}]},{"id":"34553705-77CE-4E4D-B335-C78B5D2C301F","title":"Episode 257: Fixing the Barn Door | TechSNAP 257","url":"https://techsnap.systems/257","content_text":"We’ll tell you about the real world pirates that hacked a shipping company, the open source libraries from Mars Rover found being used in malware \u0026amp; Microsoft’s solution for that after-hack hangover.\n\nPlus great questions, a packed round up \u0026amp; much more!","content_html":"\u003cp\u003eWe’ll tell you about the real world pirates that hacked a shipping company, the open source libraries from Mars Rover found being used in malware \u0026 Microsoft’s solution for that after-hack hangover.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus great questions, a packed round up \u0026amp; much more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/NCirm5W92pc\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"We’ll tell you about the real world pirates that hacked a shipping company, the open source libraries from Mars Rover found being used in malware \u0026 Microsoft’s solution for that after-hack hangover.\n\nPlus great questions, a packed round up \u0026 much more!","date_published":"2016-03-10T10:04:14.000-08:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/a98f46c2-0583-4d52-b69b-ea4636eda88f.mp3","mime_type":"audio/mpeg","size_in_bytes":38866406,"duration_in_seconds":4848}]},{"id":"4D9C42DA-4C75-4595-9DF6-FBF9272371C0","title":"Episode 256: Open Server Sadness Layer | TechSNAP 256","url":"https://techsnap.systems/256","content_text":"OpenSSL issues a major security advisory, we break down the important details, then go in depth on the real world impact of these flaws.\n\nPlus some great storage and networking question, a packed round up \u0026amp; much, much more!","content_html":"\u003cp\u003eOpenSSL issues a major security advisory, we break down the important details, then go in depth on the real world impact of these flaws.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus some great storage and networking question, a packed round up \u0026amp; much, much more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/jDXUGw4LqTE\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"OpenSSL issues a major security advisory, we break down the important details, then go in depth on the real world impact of these flaws.\n\nPlus some great storage and networking question, a packed round up \u0026amp; much, much more!","date_published":"2016-03-03T17:22:59.000-08:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/01337593-5430-420c-893c-9e5de86a3711.mp3","mime_type":"audio/mpeg","size_in_bytes":52971026,"duration_in_seconds":6611}]},{"id":"07CB06D7-4A48-4B84-8C8E-FFD91E007F59","title":"Episode 255: Dip the Chip | TechSNAP 255","url":"https://techsnap.systems/255","content_text":"What’s taking the states so long to catch up to the rest of the civilized world and dip the chip? Turns out it's really complicated, we explain. Plus keeping a Hospital secure is much more than following HIPAA, and an analysis of Keybase malware.\n\nPlus great questions, our answers, and much much more!","content_html":"\u003cp\u003eWhat’s taking the states so long to catch up to the rest of the civilized world and dip the chip? Turns out it's really complicated, we explain. Plus keeping a Hospital secure is much more than following HIPAA, and an analysis of Keybase malware.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus great questions, our answers, and much much more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/64quK-ElMJg\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"What’s taking the states so long to catch up to the rest of the civilized world and dip the chip? Turns out it's really complicated, we explain. Plus keeping a Hospital secure is much more than following HIPAA, and an analysis of Keybase malware.","date_published":"2016-02-25T17:50:44.000-08:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/6b87b385-f5be-433b-ab0a-f7a230103494.mp3","mime_type":"audio/mpeg","size_in_bytes":47358264,"duration_in_seconds":5909}]},{"id":"2E261630-4906-47E5-BD8B-F8BA29ED527C","title":"Episode 254: Weaponized Comic Sans | TechSNAP 254","url":"https://techsnap.systems/254","content_text":"A common vulnerability is impacting Firefox, LibreOffice, and others, the 7 problems with ATM security, and the Enterprise grade protection defeated with a batch script.\n\nPlus some great questions, our answers, a rockin roundup, and much much more!","content_html":"\u003cp\u003eA common vulnerability is impacting Firefox, LibreOffice, and others, the 7 problems with ATM security, and the Enterprise grade protection defeated with a batch script.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus some great questions, our answers, a rockin roundup, and much much more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/u9ObBaGwdRQ\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"A common vulnerability is impacting Firefox, LibreOffice, and others, the 7 problems with ATM security, and the Enterprise grade protection defeated with a batch script.\n\nPlus some great questions, our answers, a rockin roundup, and much much more!","date_published":"2016-02-18T19:02:46.000-08:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/398771bf-8d51-4ce8-82ba-9129315e6b12.mp3","mime_type":"audio/mpeg","size_in_bytes":46763321,"duration_in_seconds":5835}]},{"id":"7758EAAC-E8E4-449E-8361-3ACCC4FBC90F","title":"Episode 253: Cisco's Perfect 10 | TechSNAP 253","url":"https://techsnap.systems/253","content_text":"Cisco has a wormable vulnerability in its Firewall appliances, crimeware that allows unlimited ATM withdrawals \u0026amp; the big problem with the Java installer.\n\nPlus great questions, a rocking round up \u0026amp; much, much more!","content_html":"\u003cp\u003eCisco has a wormable vulnerability in its Firewall appliances, crimeware that allows unlimited ATM withdrawals \u0026 the big problem with the Java installer.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus great questions, a rocking round up \u0026amp; much, much more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/Y2GCwhROG6w\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"Cisco has a wormable vulnerability in its Firewall appliances, crimeware that allows unlimited ATM withdrawals \u0026 the big problem with the Java installer.\n\nPlus great questions, a rocking round up \u0026 much, much more! ","date_published":"2016-02-11T17:56:40.000-08:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/bee74e6f-8694-41f4-a205-073fc2c60849.mp3","mime_type":"audio/mpeg","size_in_bytes":32126109,"duration_in_seconds":4005}]},{"id":"D0D47725-5DA5-493A-A860-136E779FB14B","title":"Episode 252: Hot Norse Potato | TechSNAP 252","url":"https://techsnap.systems/252","content_text":"A new openSSL exploit, cyber security firm Norse implodes \u0026amp; the Windows Hot Potato flaw that’s been around for over a decade.\n\nPlus great questions, our answers, a rockin round up \u0026amp; much, much more!","content_html":"\u003cp\u003eA new openSSL exploit, cyber security firm Norse implodes \u0026 the Windows Hot Potato flaw that’s been around for over a decade.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus great questions, our answers, a rockin round up \u0026amp; much, much more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/1W49KPqdE6U\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"A new openSSL exploit, cyber security firm Norse implodes \u0026 the Windows Hot Potato flaw that’s been around for over a decade.\n\nPlus great questions, our answers, a rockin round up \u0026 much, much more!","date_published":"2016-02-04T18:41:29.000-08:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/274fa5bf-e79e-4bd0-ae4b-6fbeba3481cc.mp3","mime_type":"audio/mpeg","size_in_bytes":50390888,"duration_in_seconds":6288}]},{"id":"6F986195-83BB-4135-9F4A-AE4814155B8D","title":"Episode 251: A Look Back On Feedback | TechSNAP 251","url":"https://techsnap.systems/251","content_text":"Since Allan is off being fancy at FOSDEM, we decided that now would be a good time to celebrate the audience \u0026amp; feature some of the best feedback we've had over the years!","content_html":"\u003cp\u003eSince Allan is off being fancy at FOSDEM, we decided that now would be a good time to celebrate the audience \u0026amp; feature some of the best feedback we\u0026#39;ve had over the years!\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/e2--FgT9-D8\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"Since Allan is off being fancy at FOSDEM, we decided that now would be a good time to celebrate the audience \u0026 feature some of the best feedback we've had over the years!","date_published":"2016-01-28T08:10:18.000-08:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/2751020a-b76c-411f-ac7a-aa12b81099b7.mp3","mime_type":"audio/mpeg","size_in_bytes":38742950,"duration_in_seconds":4832}]},{"id":"ED2E54C4-4762-4C5B-8A34-0D52D895DF46","title":"Episode 250: Lights out Management | TechSNAP 250","url":"https://techsnap.systems/250","content_text":"The bizarre saga of Juniper maybe finally be coming to a conclusion, details about SLOTH, the latest SSL vulnerability that also affects IPSec and SSH \u0026amp; the attack on the Ukrainian power grid made possible by malware.\n\nPlus your questions with a special theme, a rockin roundup \u0026amp; much more!","content_html":"\u003cp\u003eThe bizarre saga of Juniper maybe finally be coming to a conclusion, details about SLOTH, the latest SSL vulnerability that also affects IPSec and SSH \u0026 the attack on the Ukrainian power grid made possible by malware.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus your questions with a special theme, a rockin roundup \u0026amp; much more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/4d313fFp7mw\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"The bizarre saga of Juniper maybe finally be coming to a conclusion, details about SLOTH, the latest SSL vulnerability that also affects IPSec and SSH \u0026 the attack on the Ukrainian power grid made possible by malware \u0026 much more!","date_published":"2016-01-21T10:10:51.000-08:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/4e8f96ec-0b5b-489d-83eb-165bc17e1577.mp3","mime_type":"audio/mpeg","size_in_bytes":35373686,"duration_in_seconds":4411}]},{"id":"C60A273A-A92E-4359-A0CB-6CE5BF7C914D","title":"Episode 249: Internet of Threats | TechSNAP 249","url":"https://techsnap.systems/249","content_text":"A Critical OpenSSH flaw can expose your private keys, a new WiFi spec for IoT devices, that has all the classic issues \u0026amp; Intel’s SkyLake bug.\n\nPlus your feedback, our answers, a rockin’ round up \u0026amp; so much more!","content_html":"\u003cp\u003eA Critical OpenSSH flaw can expose your private keys, a new WiFi spec for IoT devices, that has all the classic issues \u0026 Intel’s SkyLake bug.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus your feedback, our answers, a rockin’ round up \u0026amp; so much more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/j50svP2xKf8\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"A Critical OpenSSH flaw can expose your private keys, a new WiFi spec for IoT devices, that has all the classic issues \u0026 Intel’s SkyLake bug.\n\nPlus your feedback, our answers, a rockin’ round up \u0026 so much more!","date_published":"2016-01-14T17:03:30.000-08:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/f218ddee-c523-4358-8492-70919a0b8d43.mp3","mime_type":"audio/mpeg","size_in_bytes":43753099,"duration_in_seconds":5458}]},{"id":"2741557E-BB94-4D1B-B064-44185D0FFD3F","title":"Episode 248: Virtual Private Surveillance | TechSNAP 248","url":"https://techsnap.systems/248","content_text":"We break down the Bicycle attack against SSL, the story of Brian Krebs’s PayPal account getting backed \u0026amp; the scoop on the Juniper Saga.\n\nPlus some great questions, our answers, a news breaking round up \u0026amp; much more!","content_html":"\u003cp\u003eWe break down the Bicycle attack against SSL, the story of Brian Krebs’s PayPal account getting backed \u0026 the scoop on the Juniper Saga.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus some great questions, our answers, a news breaking round up \u0026amp; much more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/OBPncsWMCao\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"We break down the Bicycle attack against SSL, the story of Brian Krebs’s PayPal account getting backed \u0026 the scoop on the Juniper Saga.\n\nPlus some great questions, our answers, a news breaking round up \u0026 much more!","date_published":"2016-01-07T19:23:36.000-08:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/a1ae4f2b-06b9-461d-b940-1b7b931860ee.mp3","mime_type":"audio/mpeg","size_in_bytes":46580619,"duration_in_seconds":5812}]},{"id":"A79A834F-8C9D-48E2-AB06-448686D45C3C","title":"Episode 247: Snappy New Year! | TechSNAP 247","url":"https://techsnap.systems/247","content_text":"We take a look back at some of the big stories of 2015, at least, as we see it.\n\nPlus the round up \u0026amp; more!","content_html":"\u003cp\u003eWe take a look back at some of the big stories of 2015, at least, as we see it.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus the round up \u0026amp; more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/ACN-V1nEZm8\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"We take a look back at some of the big stories of 2015, at least, as we see it.\n\nPlus the round up \u0026 more!","date_published":"2015-12-31T08:13:45.000-08:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/870e2aca-18e0-4c06-acb4-769955042276.mp3","mime_type":"audio/mpeg","size_in_bytes":64074478,"duration_in_seconds":7999}]},{"id":"DE0B8F21-D537-4F02-823A-5BD062EFB8CE","title":"Episode 246: Allan's Favorite Things | TechSNAP 246","url":"https://techsnap.systems/246","content_text":"It’s a collection of Allan’s favorite moments from TechSNAP past. Plus the week’s new stories in the roundup \u0026amp; much more!","content_html":"\u003cp\u003eIt’s a collection of Allan’s favorite moments from TechSNAP past. Plus the week’s new stories in the roundup \u0026amp; much more!\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/3IFH0EvecWU\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"It’s a collection of Allan’s favorite moments from TechSNAP past. Plus the week’s new stories in the roundup \u0026 much more!","date_published":"2015-12-24T09:44:37.000-08:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/35d53b5b-c16a-4f3c-8266-813259a24684.mp3","mime_type":"audio/mpeg","size_in_bytes":62101546,"duration_in_seconds":7752}]},{"id":"E62AD877-751A-4C40-A2BC-500ABEB5483B","title":"Episode 245: Insecurity Appliance | TechSNAP 245","url":"https://techsnap.systems/245","content_text":"Meet BOOTTRASH the Malware that executes before your OS does, the hard questions you need to ask when buying a security appliance, Project Zero finds flaws in Fireeye hardware.\n\nPlus some great audience questions, a big round up \u0026amp; much, much more!","content_html":"\u003cp\u003eMeet BOOTTRASH the Malware that executes before your OS does, the hard questions you need to ask when buying a security appliance, Project Zero finds flaws in Fireeye hardware.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus some great audience questions, a big round up \u0026amp; much, much more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/hevMV26a97o\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"Meet BOOTTRASH the Malware that executes before your OS does, the hard questions you need to ask when buying a security appliance, Project Zero finds flaws in Fireeye hardware.\n\nPlus some great audience questions, a big round up \u0026 much, much more!","date_published":"2015-12-17T19:49:21.000-08:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/bcba0e31-f0b5-4946-ad42-f154d305d9e6.mp3","mime_type":"audio/mpeg","size_in_bytes":49230321,"duration_in_seconds":6143}]},{"id":"75758C04-1396-473F-B390-9583356891C8","title":"Episode 244: Finding Nakamoto | TechSNAP 244","url":"https://techsnap.systems/244","content_text":"Bitcoin’s creator has been found again, we’ll cover what the media thinks they’ve figured out \u0026amp; what we really know.\n\nThen, 'In Patches We Trust: Why Security Updates have to get better', a great batch of questions, a huge round up \u0026amp; much more!","content_html":"\u003cp\u003eBitcoin’s creator has been found again, we’ll cover what the media thinks they’ve figured out \u0026 what we really know.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003eThen, \u0026#39;In Patches We Trust: Why Security Updates have to get better\u0026#39;, a great batch of questions, a huge round up \u0026amp; much more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/EJhIw41VRAE\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"Bitcoin’s creator has been found again, we’ll cover what the media thinks they’ve figured out \u0026 what we really know.\n\nThen, 'In Patches We Trust: Why Security Updates have to get better', a great batch of questions, a huge round up \u0026 much more!","date_published":"2015-12-10T20:00:22.000-08:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/67b582c6-3c3b-4211-86a3-9bc8bde8e3fd.mp3","mime_type":"audio/mpeg","size_in_bytes":55744410,"duration_in_seconds":6957}]},{"id":"8D0ED3B6-C20B-428C-A8F3-DD6AEF209938","title":"Episode 243: SpyFi Barbie | TechSNAP 243","url":"https://techsnap.systems/243","content_text":"The US Government is offering free penetration tests, with a catch, we break down the VTech Breakin \u0026amp; the only sure way to protect your credit online.\n\nPlus great questions, a big round up with breaking news \u0026amp; much more!","content_html":"\u003cp\u003eThe US Government is offering free penetration tests, with a catch, we break down the VTech Breakin \u0026 the only sure way to protect your credit online.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus great questions, a big round up with breaking news \u0026amp; much more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/213RrR1u5DA\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"The US Government is offering free penetration tests, with a catch, we break down the VTech Breakin \u0026 the only sure way to protect your credit online.\n\nPlus great questions, a big round up with breaking news \u0026 much more!","date_published":"2015-12-03T18:50:21.000-08:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/bc2625cd-5bac-425c-ab0e-15b605dc447e.mp3","mime_type":"audio/mpeg","size_in_bytes":46132755,"duration_in_seconds":5756}]},{"id":"9C3CCEE5-FB23-4CF7-BA69-4FE3A769DAD0","title":"Episode 242: A Keyboard Walks into a Barcode | TechSNAP 242","url":"https://techsnap.systems/242","content_text":"A research team finds various ways to attack LastPass, how to use a cocktail of current Android exploits to own a device \u0026amp; hacking a point of sale system using poisoned barcodes!\n\nPlus some great questions, our answers, a rockin roundup \u0026amp; much, much more!","content_html":"\u003cp\u003eA research team finds various ways to attack LastPass, how to use a cocktail of current Android exploits to own a device \u0026 hacking a point of sale system using poisoned barcodes!\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus some great questions, our answers, a rockin roundup \u0026amp; much, much more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/ri4ZPsUa8gk\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"A research team finds various ways to attack LastPass, how to use a cocktail of current Android exploits to own a device \u0026 hacking a point of sale system using poisoned barcodes!\n\nPlus some great questions, our answers, a rockin roundup \u0026 much, much more!","date_published":"2015-11-26T08:56:23.000-08:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/9f1386b1-0d41-46cf-82f4-52f3344a3130.mp3","mime_type":"audio/mpeg","size_in_bytes":38487136,"duration_in_seconds":4800}]},{"id":"F523090D-1ED4-4AF8-A255-86A476B48AA0","title":"Episode 241: Double ROT-13 | TechSNAP 241","url":"https://techsnap.systems/241","content_text":"Encryption \u0026amp; privacy took quite a beating this week in the wake of the Paris attacks. We come to its defense. Your ISP heard you like backdoors, so they put a backdoor in your backdoor, the story of the social RAT \u0026amp; more!","content_html":"\u003cp\u003eEncryption \u0026amp; privacy took quite a beating this week in the wake of the Paris attacks. We come to its defense. Your ISP heard you like backdoors, so they put a backdoor in your backdoor, the story of the social RAT \u0026amp; more!\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/oho7WKbwUS0\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"Encryption \u0026 privacy took quite a beating this week in the wake of the Paris attacks. We come to its defense. Your ISP heard you like backdoors, so they put a backdoor in your backdoor, the story of the social RAT \u0026 more!","date_published":"2015-11-19T17:05:59.000-08:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/c842c280-551c-4e0b-8a38-57ac510e83b5.mp3","mime_type":"audio/mpeg","size_in_bytes":41798941,"duration_in_seconds":5214}]},{"id":"70C2B0BD-072A-4B74-AC91-7FA2156D91B1","title":"Episode 240: Zero-Days Of Our Lives | TechSNAP 240","url":"https://techsnap.systems/240","content_text":"The first remote administration trojan that targets Android, Linux, Mac and Windows. Joomla and vBulletin have major flaws \u0026amp; tips for protecting your online privacy from some very motivated public figures.\n\nPlus some great questions, a rockin' roundup \u0026amp; much, much more!","content_html":"\u003cp\u003eThe first remote administration trojan that targets Android, Linux, Mac and Windows. Joomla and vBulletin have major flaws \u0026 tips for protecting your online privacy from some very motivated public figures.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus some great questions, a rockin\u0026#39; roundup \u0026amp; much, much more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/IoJXr5hiyUQ\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"The first remote administration trojan that targets Android, Linux, Mac and Windows. Joomla and vBulletin have major flaws \u0026 tips for protecting your online privacy from some very motivated public figures.\n\nPlus great questions, a rockin' roundup \u0026 more!","date_published":"2015-11-12T10:19:53.000-08:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/7279d0d8-64c9-4c45-9573-0b987a693537.mp3","mime_type":"audio/mpeg","size_in_bytes":41073447,"duration_in_seconds":5123}]},{"id":"C9434831-1151-4E4D-9694-7F9A094AD735","title":"Episode 239: PLAID Falls Out of Fashion | TechSNAP 239","url":"https://techsnap.systems/239","content_text":"CISA provides no solutions, just new excuses. The new Australian smartcard system is a total disaster \u0026amp; why Google’s URLs are so crazy. \n\nPlus some great questions, our answers, a rockin' round up \u0026amp; much, much more!","content_html":"\u003cp\u003eCISA provides no solutions, just new excuses. The new Australian smartcard system is a total disaster \u0026 why Google’s URLs are so crazy. \u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus some great questions, our answers, a rockin\u0026#39; round up \u0026amp; much, much more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/qMizG8dhJL8\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"CISA provides no solutions, just new excuses. The new Australian smartcard system is a total disaster \u0026 why Google’s URLs are so crazy. \n\nPlus some great questions, our answers, a rockin' round up \u0026 much, much more!","date_published":"2015-11-05T07:51:13.000-08:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/8c47f4e1-f44d-46f4-832e-03933a04e812.mp3","mime_type":"audio/mpeg","size_in_bytes":32233123,"duration_in_seconds":4018}]},{"id":"B595569D-9167-44D0-BA58-97C5589D8D43","title":"Episode 238: Certifiable Authority | TechSNAP 238","url":"https://techsnap.systems/238","content_text":"TalkTalk gets compromised, Hackers make cars safer \u0026amp; Google plays hardball with Symantec.\n\nPlus a great batch of your questions, a rocking round up \u0026amp; much, much more!","content_html":"\u003cp\u003eTalkTalk gets compromised, Hackers make cars safer \u0026 Google plays hardball with Symantec.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus a great batch of your questions, a rocking round up \u0026amp; much, much more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/h6dUfpHI9lg\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"TalkTalk gets compromised, Hackers make cars safer \u0026 Google plays hardball with Symantec.\n\nPlus a great batch of your questions, a rocking round up \u0026 much, much more!","date_published":"2015-10-29T15:42:53.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/85cd0aae-e6d1-400e-9f74-84de0b4826e0.mp3","mime_type":"audio/mpeg","size_in_bytes":37847461,"duration_in_seconds":4720}]},{"id":"ACC8B0E9-AFC0-408B-A791-93299836F904","title":"Episode 237: A Rip in NTP | TechSNAP 237","url":"https://techsnap.systems/237","content_text":"The OpenZFS summit just wrapped up and Allan shares the exciting new features coming to the file system, researchers warn about flaws in NTP \u0026amp; of course we've got some critical patches.\n\nPlus a great batch of questions, a rockin' round up \u0026amp; much, much more!","content_html":"\u003cp\u003eThe OpenZFS summit just wrapped up and Allan shares the exciting new features coming to the file system, researchers warn about flaws in NTP \u0026 of course we've got some critical patches.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus a great batch of questions, a rockin\u0026#39; round up \u0026amp; much, much more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/gONiosdIHHw\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"The OpenZFS summit just wrapped up and Allan shares the exciting new features coming to the file system, researchers warn about flaws in NTP \u0026 of course we've got some critical patches.\n\nPlus a great batch of questions, a rockin' round up \u0026 much more!","date_published":"2015-10-22T19:34:12.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/2627b9fb-cc1b-4f8b-8e84-0a738bf46faa.mp3","mime_type":"audio/mpeg","size_in_bytes":60425141,"duration_in_seconds":7542}]},{"id":"785D8E9F-CBA3-4703-B5FD-E5E808071A3F","title":"Episode 236: National Security Breaking Agency | TechSNAP 236","url":"https://techsnap.systems/236","content_text":"How the NSA might be breaking Crypto, fresh zero day exploit against Flash with a twist \u0026amp; Keylogging before computers.\n\nPlus a great batch of your questions, a rocking round-up \u0026amp; much more!","content_html":"\u003cp\u003eHow the NSA might be breaking Crypto, fresh zero day exploit against Flash with a twist \u0026 Keylogging before computers.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus a great batch of your questions, a rocking round-up \u0026amp; much more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/unjordjpII8\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"How the NSA might be breaking Crypto, fresh zero day exploit against Flash with a twist \u0026 Keylogging before computers.\n\nPlus a great batch of your questions, a rocking round-up \u0026 much more!","date_published":"2015-10-15T19:15:36.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/f0eac454-333f-4c1a-ac8e-31c43fb2ec4e.mp3","mime_type":"audio/mpeg","size_in_bytes":53382028,"duration_in_seconds":6662}]},{"id":"35E1A760-928E-43E4-B4E1-CAB4DA2AB054","title":"Episode 235: Catching the Angler | TechSNAP 235","url":"https://techsnap.systems/235","content_text":"Debug mode exposes sensitive data, Cisco’s Talos group exposes the Angler exploit kit \u0026amp; how a Microsoft exposed Conficker with an egg hunt.\n\nPlus some great feedback, a huge round up \u0026amp; much, much more!","content_html":"\u003cp\u003eDebug mode exposes sensitive data, Cisco’s Talos group exposes the Angler exploit kit \u0026 how a Microsoft exposed Conficker with an egg hunt.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus some great feedback, a huge round up \u0026amp; much, much more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/bfCpnPEMvz0\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"Debug mode exposes sensitive data, Cisco’s Talos group exposes the Angler exploit kit \u0026 how a Microsoft exposed Conficker with an egg hunt.\n\nPlus some great feedback, a huge round up \u0026 much, much more!","date_published":"2015-10-08T19:32:14.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/739e8a6f-e68c-41fd-b2eb-9a214570cd58.mp3","mime_type":"audio/mpeg","size_in_bytes":54095272,"duration_in_seconds":6751}]},{"id":"EE711BF8-CE59-4841-A3F5-F6EC21BDBA27","title":"Episode 234: Key Flaw With GPL | TechSNAP 234","url":"https://techsnap.systems/234","content_text":"D-Link publishes its private code signing keys, exploiting Windows Symbolic Links \u0026amp; why encryption is not sufficient protection.\n\nPlus some great questions, our answers, a rockin roundup \u0026amp; much, much more!","content_html":"\u003cp\u003eD-Link publishes its private code signing keys, exploiting Windows Symbolic Links \u0026 why encryption is not sufficient protection.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus some great questions, our answers, a rockin roundup \u0026amp; much, much more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/sGncp3xDBOs\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"D-Link publishes its private code signing keys, exploiting Windows Symbolic Links \u0026 why encryption is not sufficient protection.\n\nPlus some great questions, our answers, a rockin roundup \u0026 much, much more!","date_published":"2015-10-01T10:38:52.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/1808d109-14d5-4e14-8487-453986f27c4d.mp3","mime_type":"audio/mpeg","size_in_bytes":32154299,"duration_in_seconds":4009}]},{"id":"7975021C-3D24-48B7-ABFE-63FE082F2383","title":"Episode 233: Dukes of Cyber Hazard | TechSNAP 233","url":"https://techsnap.systems/233","content_text":"Let’s Encrypt hits a major milestone, F-Secure publishes their investigation into “The Dukes” \u0026amp; we dig into Tarsnap’s email confirmation bypass.\n\nPlus a great batch of your questions, a rocking round up \u0026amp; much, much more!","content_html":"\u003cp\u003eLet’s Encrypt hits a major milestone, F-Secure publishes their investigation into “The Dukes” \u0026 we dig into Tarsnap’s email confirmation bypass.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus a great batch of your questions, a rocking round up \u0026amp; much, much more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/Pu6TaZGbywM\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"Let’s Encrypt hits a major milestone, F-Secure publishes their investigation into “The Dukes” \u0026 we dig into Tarsnap’s email confirmation bypass.\n\nPlus a great batch of your questions, a rocking round up \u0026 much, much more!","date_published":"2015-09-24T08:18:04.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/18d96a2b-4f72-445d-83aa-e38c67cab19f.mp3","mime_type":"audio/mpeg","size_in_bytes":36716573,"duration_in_seconds":4579}]},{"id":"A204DDBC-E33E-46D7-8799-76F32C14BFA1","title":"Episode 232: Hardware Insecurity Module | TechSNAP 232","url":"https://techsnap.systems/232","content_text":"How Groupon made the switch to FreeBSD \u0026amp; why. Researches extract keys from a hardware module \u0026amp; Intel’s new CPU backed malware protection.\n\nPlus your questions, a great roundup \u0026amp; more!","content_html":"\u003cp\u003eHow Groupon made the switch to FreeBSD \u0026 why. Researches extract keys from a hardware module \u0026 Intel’s new CPU backed malware protection.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus your questions, a great roundup \u0026amp; more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/V2Rhn4h6FHM\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"How Groupon made the switch to FreeBSD \u0026 why. Researches extract keys from a hardware module \u0026 Intel’s new CPU backed malware protection.\n\nPlus your questions, a great roundup \u0026 more!","date_published":"2015-09-17T12:31:57.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/e56574e3-da3a-40fd-91d8-5fbb6b03cb5e.mp3","mime_type":"audio/mpeg","size_in_bytes":31145111,"duration_in_seconds":3882}]},{"id":"50C2D538-4638-4703-B1C6-2AEB3E05EF8D","title":"Episode 231: Leaky RSA Keys | TechSNAP 231","url":"https://techsnap.systems/231","content_text":"Red Hat highlights how leaky many open source RSA implementations are, Netflix releases Sleepy Puppy \u0026amp; the Mac is definitely under attack.\n\nPlus some quick feedback, a rockin' roundup \u0026amp; much, much more!","content_html":"\u003cp\u003eRed Hat highlights how leaky many open source RSA implementations are, Netflix releases Sleepy Puppy \u0026 the Mac is definitely under attack.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus some quick feedback, a rockin\u0026#39; roundup \u0026amp; much, much more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/CQx4b8NIyHM\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"Red Hat highlights how leaky many open source RSA implementations are, Netflix releases Sleepy Puppy \u0026 the Mac is definitely under attack.\n\nPlus some quick feedback, a rockin' roundup \u0026 much, much more!","date_published":"2015-09-10T06:05:44.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/80363104-f4e3-4d0f-ad08-4cedde9cf2a0.mp3","mime_type":"audio/mpeg","size_in_bytes":36696250,"duration_in_seconds":4576}]},{"id":"BF9F8574-2B50-4F1A-BD7E-82BD9BFC1455","title":"Episode 230: Trojan Family Ties | TechSNAP 230","url":"https://techsnap.systems/230","content_text":"Rooting your Android device might be more dangerous than you realize, why the insurance industry will take over InfoSec \u0026amp; the NSA prepares for Quantum encryption.\n\nPlus some great questions, a fantastic roundup \u0026amp; more!","content_html":"\u003cp\u003eRooting your Android device might be more dangerous than you realize, why the insurance industry will take over InfoSec \u0026 the NSA prepares for Quantum encryption.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus some great questions, a fantastic roundup \u0026amp; more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/kkrz9S1rc0o\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"Rooting your Android device might be more dangerous than you realize, why the insurance industry will take over InfoSec \u0026 the NSA prepares for Quantum encryption.\n\nPlus some great questions, a fantastic roundup \u0026 more!","date_published":"2015-09-03T07:37:57.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/7b1c45b5-2d6f-48eb-b787-25ec0860d52e.mp3","mime_type":"audio/mpeg","size_in_bytes":33603392,"duration_in_seconds":4190}]},{"id":"ADCC8AAF-B246-48DC-AB8A-8392C83E4D55","title":"Episode 229: Extortion Startups | TechSNAP 229","url":"https://techsnap.systems/229","content_text":"The real fallout from the Ashley Madison hack gets personal. The Android StageFright patch that doesn’t cover all of the holes, and turning a KVM into a spying appliance.\n\nPlus a great batch of questions, our answers, and a rocking round up.\n\nAll that and a heck of a lot more on this week’s TechSNAP!","content_html":"\u003cp\u003eThe real fallout from the Ashley Madison hack gets personal. The Android StageFright patch that doesn’t cover all of the holes, and turning a KVM into a spying appliance.\u003c/p\u003e\n\n\u003cp\u003ePlus a great batch of questions, our answers, and a rocking round up.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003eAll that and a heck of a lot more on this week’s TechSNAP!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/3EOE4DyoxfM\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"The real fallout from the Ashley Madison hack gets personal. The Android StageFright patch that doesn’t cover all of the holes, and turning a KVM into a spying appliance.\n\nPlus a great batch of questions, our answers, a rocking round up \u0026 more!","date_published":"2015-08-27T20:24:30.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/ce0ebe49-2ab7-47a4-b9e3-0f5dd756c6b5.mp3","mime_type":"audio/mpeg","size_in_bytes":50199558,"duration_in_seconds":6264}]},{"id":"777466F2-F0F3-4569-9BF9-E8D3DA64DBD0","title":"Episode 228: Export Grade Vulnerabilities | TechSNAP 228","url":"https://techsnap.systems/228","content_text":"Lenovo \u0026amp; HP are caught injecting malware even after you format the drive, Ubiquiti Networks is socially engineered out of 46 million \u0026amp; are we entering the era of Security Research Prohibition? We debate.\n\nPlus a great batch of your questions, our answers, a rocking round up \u0026amp; much much more!","content_html":"\u003cp\u003eLenovo \u0026 HP are caught injecting malware even after you format the drive, Ubiquiti Networks is socially engineered out of 46 million \u0026 are we entering the era of Security Research Prohibition? We debate.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus a great batch of your questions, our answers, a rocking round up \u0026amp; much much more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/34jKXDo3P9w\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"Lenovo \u0026 HP are caught injecting malware even after you format the drive, Ubiquiti Networks is socially engineered out of 46 million \u0026 are we entering the era of Security Research Prohibition? We debate. Plus your questions, the roundup \u0026 much, much more!","date_published":"2015-08-20T10:03:43.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/e0b3cb92-adb4-4dfd-9809-0ba8c36f2952.mp3","mime_type":"audio/mpeg","size_in_bytes":34864469,"duration_in_seconds":4347}]},{"id":"9969434A-E5A8-492A-B076-5E0EB6A994C0","title":"Episode 227: Oracle's EULAgy #oraclefanfic | TechSNAP 227","url":"https://techsnap.systems/227","content_text":"Oracle really doesn’t want you to reverse engineer their products but they may have just released the Kraken, we’ll explain.\n\nA massive drop of 35 fixes in one day, great feedback and follow up, a rockin roundup \u0026amp; much, much more!","content_html":"\u003cp\u003eOracle really doesn’t want you to reverse engineer their products but they may have just released the Kraken, we’ll explain.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003eA massive drop of 35 fixes in one day, great feedback and follow up, a rockin roundup \u0026amp; much, much more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/MfyUNCvSnhk\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"Oracle really doesn’t want you to reverse engineer their products but they may have just released the Kraken, we’ll explain.\n\nA massive drop of 35 fixes in one day, great feedback and follow up, a rockin roundup \u0026 much, much more!","date_published":"2015-08-13T15:46:04.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/e8b067d7-d3a7-4ff1-89d9-527a78d57226.mp3","mime_type":"audio/mpeg","size_in_bytes":35536081,"duration_in_seconds":4431}]},{"id":"CCE10EB8-58A2-4459-A8E4-55D0454233A4","title":"Episode 226: Solving the Flash Plague | TechSNAP 226","url":"https://techsnap.systems/226","content_text":"Adobe is making changes to Flash to mitigate 0day exploits, with help from Google. Chrysler recalls 1.4M vehicles due to a software flaw, we go inside the “Business Club” cyber crime gang.\n\nPlus a great batch of questions, the roundup \u0026amp; more!","content_html":"\u003cp\u003eAdobe is making changes to Flash to mitigate 0day exploits, with help from Google. Chrysler recalls 1.4M vehicles due to a software flaw, we go inside the “Business Club” cyber crime gang.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus a great batch of questions, the roundup \u0026amp; more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/vQ7afhrIvv4\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"Adobe is making changes to Flash to mitigate 0day exploits, with help from Google. Chrysler recalls 1.4M vehicles due to a software flaw, we go inside the “Business Club” cyber crime gang.\n\nPlus a great batch of questions, the roundup \u0026 more!","date_published":"2015-08-07T08:37:15.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/8ad23c03-9579-4ade-b56f-3d1640b51b23.mp3","mime_type":"audio/mpeg","size_in_bytes":40266766,"duration_in_seconds":5023}]},{"id":"F56BF4E3-994E-411D-B81E-3D71CCB83E95","title":"Episode 225: SourceForge's Downfall | TechSNAP 225","url":"https://techsnap.systems/225","content_text":"SourceForge sees downtime, and we examine their infrastructure, a new pervasive hackgroup has been exposed and their track record is fascinating.\n\nPlus a Hacking Team Round up, a wide variety of audience questions, our answers \u0026amp; much, much more!","content_html":"\u003cp\u003eSourceForge sees downtime, and we examine their infrastructure, a new pervasive hackgroup has been exposed and their track record is fascinating.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus a Hacking Team Round up, a wide variety of audience questions, our answers \u0026amp; much, much more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/GyLVt0Iw0Ns\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"SourceForge sees downtime, and we examine their infrastructure, a new pervasive hackgroup has been exposed and their track record is fascinating.\n\nPlus a Hacking Team Round up, a wide variety of audience questions, our answers \u0026 much, much more!","date_published":"2015-07-30T18:07:22.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/bd2bbd31-e5b6-4605-86fc-09eb899e892f.mp3","mime_type":"audio/mpeg","size_in_bytes":31166125,"duration_in_seconds":3885}]},{"id":"9C8DEB20-F4DC-4950-9C20-A6AF63FF5CCB","title":"Episode 224: Butterflies \u0026 Backronyms | TechSNAP 224","url":"https://techsnap.systems/224","content_text":"The Backronym vulnerability hits MySQL right in the SSL protection, we’ll share the details. The hacker Group that hit Apple \u0026amp; Microsoft intensifies their attacks \u0026amp; a survey shows many core Linux tools are at risk. \n\nPlus some great questions, a rockin' roundup \u0026amp; much much more!","content_html":"\u003cp\u003eThe Backronym vulnerability hits MySQL right in the SSL protection, we’ll share the details. The hacker Group that hit Apple \u0026 Microsoft intensifies their attacks \u0026 a survey shows many core Linux tools are at risk. \u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus some great questions, a rockin\u0026#39; roundup \u0026amp; much much more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/Hrx_6xBWkXo\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"The Backronym vulnerability hits MySQL right in the SSL protection, we’ll share the details. The hacker Group that hit Apple \u0026 Microsoft intensifies their attacks, a survey shows many core Linux tools are at risk \u0026 much, much more!","date_published":"2015-07-23T10:47:37.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/9aaed61f-df6a-45c3-b90c-214ccb5bb5f2.mp3","mime_type":"audio/mpeg","size_in_bytes":33882836,"duration_in_seconds":4225}]},{"id":"A847AE0A-F23C-4A84-AFE0-5D3C68BF1500","title":"Episode 223: A Bias to Insecurity | TechSNAP 223","url":"https://techsnap.systems/223","content_text":"The Hacking Team fallout continues with more zero day patches you need to install, a new attack against RC4 might finally kill it \u0026amp; how to save yourself from a DDoS attack.\n\nPlus a great batch of your questions, our answers \u0026amp; much, much more!","content_html":"\u003cp\u003eThe Hacking Team fallout continues with more zero day patches you need to install, a new attack against RC4 might finally kill it \u0026 how to save yourself from a DDoS attack.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus a great batch of your questions, our answers \u0026amp; much, much more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/AP8VAxHIq08\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"The Hacking Team fallout continues with more zero day patches you need to install, a new attack against RC4 might finally kill it \u0026 how to save yourself from a DDoS attack.\n\nPlus a great batch of your questions, our answers \u0026 much, much more!","date_published":"2015-07-16T16:57:24.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/d36113ee-0e02-4504-b37d-19126f76db6c.mp3","mime_type":"audio/mpeg","size_in_bytes":39543062,"duration_in_seconds":4932}]},{"id":"E59BB705-094E-4413-85A0-50E9772A0E4E","title":"Episode 222: ZFS does not prevent Stupidity | TechSNAP 222","url":"https://techsnap.systems/222","content_text":"From hacking to hacked, hacking team gets owned \u0026amp; what gets leaked is the best part, we’ll share the details.\n\nPlus, a new OpenSSL vulnerability revealed, Apple tweaks their two factor authentication.. Your questions, our answers \u0026amp; much much more!","content_html":"\u003cp\u003eFrom hacking to hacked, hacking team gets owned \u0026 what gets leaked is the best part, we’ll share the details.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus, a new OpenSSL vulnerability revealed, Apple tweaks their two factor authentication.. Your questions, our answers \u0026amp; much much more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/VYHnZ8ZCXL0\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"From hacking to hacked, hacking team gets owned \u0026 what gets leaked is the best part, we’ll share the details.\n\nPlus, a new OpenSSL vulnerability revealed, Apple tweaks their two factor authentication.. Your questions, our answers \u0026 much much more!","date_published":"2015-07-09T17:49:51.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/01ba6875-9e15-4a78-ab4b-d203d087abe6.mp3","mime_type":"audio/mpeg","size_in_bytes":39864712,"duration_in_seconds":4972}]},{"id":"7281412A-3455-45D5-B9E1-674BD871F50E","title":"Episode 221: Ripping me a new Protocol | TechSNAP 221","url":"https://techsnap.systems/221","content_text":"Amazon has a new TLS implementation \u0026amp; the details look great, we’ll share them with you. The technology that powers the NSA’s XKEYSCORE you could have deployed yourself.\n\nSome fantastic questions, a big round up \u0026amp; much, much more!","content_html":"\u003cp\u003eAmazon has a new TLS implementation \u0026 the details look great, we’ll share them with you. The technology that powers the NSA’s XKEYSCORE you could have deployed yourself.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003eSome fantastic questions, a big round up \u0026amp; much, much more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/g0CCsqAPVtU\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"Amazon has a new TLS implementation \u0026 the details look great, we’ll share them with you. The technology that powers the NSA’s XKEYSCORE you could have deployed yourself.\n\nSome fantastic questions, a big round up \u0026 much, much more!","date_published":"2015-07-02T20:08:21.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/5b1e1382-c21a-4f4b-9bd6-c3c15a89e159.mp3","mime_type":"audio/mpeg","size_in_bytes":52159355,"duration_in_seconds":6509}]},{"id":"AF7A9CEA-0104-4361-877C-E889EB8284D0","title":"Episode 220: Homeland Insecurity | TechSNAP 220","url":"https://techsnap.systems/220","content_text":"Google’s datacenter secrets are finally being revealed \u0026amp; we’ll share the best bits. Why The US Government is in no position to teach anyone about Cyber Security, how you can still get hacked offline, A batch of great questions, a huge round up \u0026amp; much, much more!","content_html":"\u003cp\u003eGoogle’s datacenter secrets are finally being revealed \u0026amp; we’ll share the best bits. Why The US Government is in no position to teach anyone about Cyber Security, how you can still get hacked offline, A batch of great questions, a huge round up \u0026amp; much, much more!\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/aV6B6-DrUaA\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"Google’s datacenter secrets are finally being revealed \u0026 we’ll share the best bits. Why The US Government is in no position to teach anyone about Cyber Security, how you can still get hacked offline, Great questions, a huge round up \u0026 much, much more!","date_published":"2015-06-25T19:05:38.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/76e1cb0a-bb27-4d9a-8b85-7be015e3c263.mp3","mime_type":"audio/mpeg","size_in_bytes":42359496,"duration_in_seconds":5284}]},{"id":"87540137-B9F2-4A78-8C29-754E71985A77","title":"Episode 219: OPM Data too Valuable to Sell | TechSNAP 219","url":"https://techsnap.systems/219","content_text":"Kaspersky labs has been hacked, we’ll tell you why it looks like a nation state was the attacker, why OPM data is too valuable sell \u0026amp; the real situation with LastPass.\n\nPlus some great questions, our answers \u0026amp; a rocking round up.\n\nAll that and much, much more on this week’s TechSNAP!","content_html":"\u003cp\u003eKaspersky labs has been hacked, we’ll tell you why it looks like a nation state was the attacker, why OPM data is too valuable sell \u0026 the real situation with LastPass.\u003c/p\u003e\n\n\u003cp\u003ePlus some great questions, our answers \u0026 a rocking round up.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003eAll that and much, much more on this week’s TechSNAP!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/UF2nfgGlX7k\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"Kaspersky labs has been hacked, we’ll tell you why it looks like a nation state was the attacker, why OPM data is too valuable sell \u0026 the real situation with LastPass.\n\nPlus some great questions, our answers \u0026 a rocking round up.","date_published":"2015-06-18T19:14:26.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/87b01a51-c3f0-45bb-bda8-c97d50673ffa.mp3","mime_type":"audio/mpeg","size_in_bytes":50060579,"duration_in_seconds":6247}]},{"id":"1AFD7D92-CFB1-4741-94F0-05C95E2F6F65","title":"Episode 218: Hacking Henchmen for Hire | TechSNAP 218","url":"https://techsnap.systems/218","content_text":"This week, how hard lessons learned in 1982 could be apply to 2015’s security breaches, hacking for hire goes big \u0026amp; a savage sentient car that needs better programming.\n\nPlus some fantastic questions, a rocking round-up \u0026amp; much more!","content_html":"\u003cp\u003eThis week, how hard lessons learned in 1982 could be apply to 2015’s security breaches, hacking for hire goes big \u0026 a savage sentient car that needs better programming.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus some fantastic questions, a rocking round-up \u0026amp; much more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/wBQBjDerxFM\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"This week, how hard lessons learned in 1982 could be apply to 2015’s security breaches, hacking for hire goes big \u0026 a savage sentient car that needs better programming.\n\nPlus some fantastic questions, a rocking round-up \u0026 much more!","date_published":"2015-06-11T11:22:54.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/f925aa59-8511-4521-acfb-2c8824fbf01e.mp3","mime_type":"audio/mpeg","size_in_bytes":40161423,"duration_in_seconds":5009}]},{"id":"7EAB3C29-10F8-4647-9517-1CD0C36D8235","title":"Episode 217: An Encryptioner's Conscience | TechSNAP 217","url":"https://techsnap.systems/217","content_text":"The sad state of SMTP encryption, a new huge round of flaws has been found in consumer routers \u0026amp; the reviews of Intel’s new Broadwell desktop processors are in!\n\nPlus some great questions, a huge round-up \u0026amp; much, much more!","content_html":"\u003cp\u003eThe sad state of SMTP encryption, a new huge round of flaws has been found in consumer routers \u0026 the reviews of Intel’s new Broadwell desktop processors are in!\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus some great questions, a huge round-up \u0026amp; much, much more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/O4M6XkSP6EI\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"The sad state of SMTP encryption, a new huge round of flaws has been found in consumer routers \u0026 the reviews of Intel’s new Broadwell desktop processors are in!\n\nPlus some great questions, a huge round-up \u0026 much, much more!","date_published":"2015-06-04T18:41:58.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/b82f7ab5-9b6a-48b8-a84b-d1dd9a6c82c3.mp3","mime_type":"audio/mpeg","size_in_bytes":50455536,"duration_in_seconds":6296}]},{"id":"E470238B-072B-4EED-B85D-6F1CE396B535","title":"Episode 216: Spy vs MSpy | TechSNAP 216","url":"https://techsnap.systems/216","content_text":"Spyware creator mSpy hacked, find out why this breach is particularly egregious, what’s wrong with pcap \u0026amp; why RSA’s death has been greatly exaggerated. \n\nPlus a great batch of questions, a rocking round up \u0026amp; much, much more!","content_html":"\u003cp\u003eSpyware creator mSpy hacked, find out why this breach is particularly egregious, what’s wrong with pcap \u0026 why RSA’s death has been greatly exaggerated. \u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus a great batch of questions, a rocking round up \u0026amp; much, much more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/3icrmXkAx2o\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"Spyware creator mSpy hacked, find out why this breach is particularly egregious, what’s wrong with pcap \u0026 why RSA’s death has been greatly exaggerated. \n\nPlus a great batch of questions, a rocking round up \u0026 much, much more!","date_published":"2015-05-28T09:37:04.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/ce2ecd6e-3f6b-4595-951d-496967ed9007.mp3","mime_type":"audio/mpeg","size_in_bytes":40912242,"duration_in_seconds":5103}]},{"id":"3E1A0E82-9540-4C50-8C8E-F6D9D1B4A2BC","title":"Episode 215: EXTenuating Circumstances | TechSNAP 215","url":"https://techsnap.systems/215","content_text":"Researches have uncovered a weakness in almost all Internet encryption. We’ll explain what LogJam is, how to protect yourself \u0026amp; what the cause is.\n\nLinux gets bit by a filesystem corruption bug, passport id thieves, a great batch of questions \u0026amp; much, much more!","content_html":"\u003cp\u003eResearches have uncovered a weakness in almost all Internet encryption. We’ll explain what LogJam is, how to protect yourself \u0026 what the cause is.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003eLinux gets bit by a filesystem corruption bug, passport id thieves, a great batch of questions \u0026amp; much, much more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/V0RvTBpQPIs\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"Researches have uncovered a weakness in almost all Internet encryption. We’ll explain what LogJam is, how to protect yourself \u0026 what the cause is.\n\nPlus Linux gets bit by a filesystem corruption bug, passport id thieves, a great batch of questions \u0026 more!","date_published":"2015-05-21T16:52:08.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/463a864b-8391-4910-aff4-c4b5d6808978.mp3","mime_type":"audio/mpeg","size_in_bytes":41756610,"duration_in_seconds":5209}]},{"id":"E04ADA41-CC10-4363-8A68-8D9CB863D482","title":"Episode 214: Venomous Floppy Legacy | TechSNAP 214","url":"https://techsnap.systems/214","content_text":"We explain the Venom vulnerability, what the impact is \u0026amp; the steps major providers are taking to protect themselves. \n\nPlus strategies to mitigate Cyber Intrusions, a truly genius spammer, great questions, a huge round up \u0026amp; more!","content_html":"\u003cp\u003eWe explain the Venom vulnerability, what the impact is \u0026 the steps major providers are taking to protect themselves. \u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus strategies to mitigate Cyber Intrusions, a truly genius spammer, great questions, a huge round up \u0026amp; more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/ljfLPZ6-cqc\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"We explain the Venom vulnerability, what the impact is \u0026 the steps major providers are taking to protect themselves. \n\nPlus strategies to mitigate Cyber Intrusions, a truly genius spammer, great questions, a huge round up \u0026 more!","date_published":"2015-05-14T19:51:07.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/3a29dded-44a7-4558-a66e-c52cb90a03b2.mp3","mime_type":"audio/mpeg","size_in_bytes":53093695,"duration_in_seconds":6626}]},{"id":"8966B174-71FB-4B0E-8A28-B8070A65D063","title":"Episode 213: Blame as a Service | TechSNAP 213","url":"https://techsnap.systems/213","content_text":"Why a stolen healthcare record is harder to track than you might think, Security pros name their must have tools \u0026amp; blame as a service, the new Cybersecurity hot product.\n\nPlus great questions, a huge Round Up \u0026amp; much, much more!","content_html":"\u003cp\u003eWhy a stolen healthcare record is harder to track than you might think, Security pros name their must have tools \u0026 blame as a service, the new Cybersecurity hot product.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus great questions, a huge Round Up \u0026amp; much, much more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/-x_Ec2dxHh8\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"Why a stolen healthcare record is harder to track than you might think, Security pros name their must have tools \u0026 blame as a service, the new Cybersecurity hot product.\n\nPlus great questions, a huge Round Up \u0026 much, much more!","date_published":"2015-05-07T18:45:37.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/1eb9fdb3-51df-4e51-8839-dcbcb74d5da7.mp3","mime_type":"audio/mpeg","size_in_bytes":47257301,"duration_in_seconds":5896}]},{"id":"FAED937D-50A8-49CE-AC43-FE5E6E3C3CA2","title":"Episode 212: Dormant Docker Disasters | TechSNAP 212","url":"https://techsnap.systems/212","content_text":"The man who broke the music business, the major downsides to the container culture \u0026amp; yes, they really are trying to sell you Security Snake Oil.\n\nPlus your great questions, our answers \u0026amp; much, much more!","content_html":"\u003cp\u003eThe man who broke the music business, the major downsides to the container culture \u0026 yes, they really are trying to sell you Security Snake Oil.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus your great questions, our answers \u0026amp; much, much more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/xXGslY169Mk\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"The man who broke the music business, the major downsides to the container culture \u0026 yes, they really are trying to sell you Security Snake Oil.\n\nPlus your great questions, our answers \u0026 much, much more!","date_published":"2015-04-30T11:36:22.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/a938e7e4-7ed4-4909-9232-fdd80e587921.mp3","mime_type":"audio/mpeg","size_in_bytes":45005301,"duration_in_seconds":5615}]},{"id":"EF12EFC5-45DB-4913-9272-B299CA2CA4A9","title":"Episode 211: The French Disconnection | TechSNAP 211","url":"https://techsnap.systems/211","content_text":"What’s really the key to detecting a breach before its become much too late? We’ll share some key insights, plus a technical breakdown of China’s great cannon \u0026amp; the new New French Surveillance Law that should be a warning to us all.\n\nPlus a great round up, fantastic questions, our answers \u0026amp; much, much more!","content_html":"\u003cp\u003eWhat’s really the key to detecting a breach before its become much too late? We’ll share some key insights, plus a technical breakdown of China’s great cannon \u0026 the new New French Surveillance Law that should be a warning to us all.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus a great round up, fantastic questions, our answers \u0026amp; much, much more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/a-5XpvEKp1k\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"What’s really the key to detecting a breach before its become much too late? We’ll share some key insights, plus a technical breakdown of China’s great cannon \u0026 the new New French Surveillance Law that should be a warning to us all \u0026 much, much more!","date_published":"2015-04-24T02:17:34.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/6e696ab6-d57a-483d-be67-ba5f7c6ed3e0.mp3","mime_type":"audio/mpeg","size_in_bytes":51446563,"duration_in_seconds":6420}]},{"id":"69AEB932-C1E9-449A-8D0E-2B26B6F0684F","title":"Episode 210: SMBTrapped in Microsoft | TechSNAP 210","url":"https://techsnap.systems/210","content_text":"Researches find an 18 year old bug in Windows thats rather nasty, we’ve got the details. A new perspective on the bug bounty arms race \u0026amp; the security impact of Wifi on a plane.\n\nPlus great feedback, a bursting round up \u0026amp; much much more!","content_html":"\u003cp\u003eResearches find an 18 year old bug in Windows thats rather nasty, we’ve got the details. A new perspective on the bug bounty arms race \u0026 the security impact of Wifi on a plane.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus great feedback, a bursting round up \u0026amp; much much more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/LFrmboZeXQE\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"Researches find an 18 year old bug in Windows thats rather nasty, we’ve got the details. A new perspective on the bug bounty arms race \u0026 the security impact of Wifi on a plane.\n\nPlus great feedback, a bursting round up \u0026 much much more!","date_published":"2015-04-16T20:03:17.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/0f5bce19-2bb8-4ea3-a31b-63ab1c00354d.mp3","mime_type":"audio/mpeg","size_in_bytes":40347000,"duration_in_seconds":5033}]},{"id":"3D433430-44B6-441E-B4E5-397784A99DE9","title":"Episode 209: Day-0 of an InfoSec Career | TechSNAP 209","url":"https://techsnap.systems/209","content_text":"Is it possible to make a truly private phone call anymore? The answer might surprise you. Cisco and Level 3 battle a huge SSH botnet \u0026amp; how to Build a successful Information Security career.\n\nPlus a great batch of your questions, a rocking round up, and much, much more!","content_html":"\u003cp\u003eIs it possible to make a truly private phone call anymore? The answer might surprise you. Cisco and Level 3 battle a huge SSH botnet \u0026 how to Build a successful Information Security career.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus a great batch of your questions, a rocking round up, and much, much more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/gNedGQdUAbE\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"Is it possible to make a truly private phone call anymore? The answer might surprise you. Cisco and Level 3 battle a huge SSH botnet \u0026 how to Build a successful Information Security career \u0026 much, much more!","date_published":"2015-04-09T21:03:21.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/f143c139-6513-4469-a652-6b91c6dec53c.mp3","mime_type":"audio/mpeg","size_in_bytes":62189704,"duration_in_seconds":7763}]},{"id":"9BB34B95-1EA5-4B32-9B61-5D919EDC03D7","title":"Episode 208: Any Cert Will Do | TechSNAP 208","url":"https://techsnap.systems/208","content_text":"Why boring technology might be the better choice, Google revokes \u0026amp; China chokes, why you want to create an account at irs.gov before crooks do it for you.\n\nPlus your great IT questions, a rocking round up \u0026amp; much, much more!","content_html":"\u003cp\u003eWhy boring technology might be the better choice, Google revokes \u0026 China chokes, why you want to create an account at irs.gov before crooks do it for you.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus your great IT questions, a rocking round up \u0026amp; much, much more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/Z3PMI8E_iSE\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"Why boring technology might be the better choice, Google revokes \u0026 China chokes, why you want to create an account at irs.gov before crooks do it for you.\n\nPlus your great IT questions, a rocking round up \u0026 much, much more!","date_published":"2015-04-02T17:53:44.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/e051cd6d-15cf-429c-be2d-dd17593b2afd.mp3","mime_type":"audio/mpeg","size_in_bytes":40031192,"duration_in_seconds":4993}]},{"id":"B2F3CC53-6940-412C-A3F0-2F592AC736E1","title":"Episode 207: Lunch Lady Lockdown | TechSNAP 207","url":"https://techsnap.systems/207","content_text":"Reverse Engineering Incentives to Improve Security. New Jersey school district computers held for ransom \u0026amp; the flash bug that lives on from 2011 with a twist!\n\nPlus some great networking questions, drone powered Internet \u0026amp; more!","content_html":"\u003cp\u003eReverse Engineering Incentives to Improve Security. New Jersey school district computers held for ransom \u0026 the flash bug that lives on from 2011 with a twist!\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus some great networking questions, drone powered Internet \u0026amp; more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/Sxc9Mj3zTdM\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"Reverse Engineering Incentives to Improve Security. New Jersey school district computers held for ransom \u0026 the flash bug that lives on from 2011 with a twist!\n\nPlus some great networking questions, drone powered Internet \u0026 more!","date_published":"2015-03-26T19:40:35.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/349a866e-d433-4335-bae9-f24067327d4d.mp3","mime_type":"audio/mpeg","size_in_bytes":41620289,"duration_in_seconds":5192}]},{"id":"0D0A04E1-44D7-4D42-A8F6-1A42ECC8D70C","title":"Episode 206: Two Factor Falsification | TechSNAP 206","url":"https://techsnap.systems/206","content_text":"Microsoft takes 4 years to fix a nasty bug, how to bypass 2 factor authentication in the popular ‘Authy’ app.\n\nHijacking a domain with photoshop, hardware vs software RAID revisited, tons of great questions, our answers \u0026amp; much much more!","content_html":"\u003cp\u003eMicrosoft takes 4 years to fix a nasty bug, how to bypass 2 factor authentication in the popular ‘Authy’ app.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003eHijacking a domain with photoshop, hardware vs software RAID revisited, tons of great questions, our answers \u0026amp; much much more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/nnzO3_kGt-o\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"Microsoft takes 4 years to fix a nasty bug, how to bypass 2 factor authentication in the popular ‘Authy’ app.\n\nHijacking a domain with photoshop, hardware vs software RAID revisited, tons of great questions, our answers \u0026 much much more!","date_published":"2015-03-19T20:02:12.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/a0f66d21-4e69-4a8e-ab0b-953aec824c51.mp3","mime_type":"audio/mpeg","size_in_bytes":47846237,"duration_in_seconds":5970}]},{"id":"E91A0B80-BB82-4953-A9D4-5C0A9BF9952D","title":"Episode 205: An Uber Mess | TechSNAP 205","url":"https://techsnap.systems/205","content_text":"Using encryption is a good thing, but its just the start, we’ll explain. Plus how one developer totally owned the Uber app.\n\nThen it’s a great batch of your questions \u0026amp; our answers!","content_html":"\u003cp\u003eUsing encryption is a good thing, but its just the start, we’ll explain. Plus how one developer totally owned the Uber app.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003eThen it’s a great batch of your questions \u0026amp; our answers!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/GNdOxEm27pc\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"Using encryption is a good thing, but its just the start, we’ll explain. Plus how one developer totally owned the Uber app.\n\nThen it’s a great batch of your questions \u0026 our answers!","date_published":"2015-03-12T09:56:00.000-07:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/bb0af44b-0f57-4cfa-95ff-71d1cd4b2cea.mp3","mime_type":"audio/mpeg","size_in_bytes":30706849,"duration_in_seconds":3828}]},{"id":"410EB629-FB86-4CDC-B8C0-3250F19E0E97","title":"Episode 204: Ghost of Crypto Past | TechSNAP 204","url":"https://techsnap.systems/204","content_text":"We’ll break down the technical baggage that led to the new FREAK SSL flaw \u0026amp; the security ramifications of top executives using personal email accounts…\n\nPlus why just need to stop hiding file extensions. Plus some great feedback \u0026amp; much, much more!","content_html":"\u003cp\u003eWe’ll break down the technical baggage that led to the new FREAK SSL flaw \u0026 the security ramifications of top executives using personal email accounts…\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus why just need to stop hiding file extensions. Plus some great feedback \u0026amp; much, much more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/WcDYHGVeInw\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"We’ll break down the technical baggage that led to the new FREAK SSL flaw \u0026 the security ramifications of top executives using personal email accounts…\n\nPlus why just need to stop hiding file extensions. Plus some great feedback \u0026 much, much more!","date_published":"2015-03-05T17:54:51.000-08:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/52e3dc07-8982-4b9b-8ef3-8f8c6b6213cb.mp3","mime_type":"audio/mpeg","size_in_bytes":47215549,"duration_in_seconds":5891}]},{"id":"DBEF5DB6-48D5-438E-980B-297C84CE813F","title":"Episode 203: TurboHax | TechSNAP 203","url":"https://techsnap.systems/203","content_text":"Lenovo \u0026amp; Google are victims of DNS hijacking, we’ll share the details, Everyone wants you to secure your data, just not from them \u0026amp; how Turbotax profits from Cyber tax fraud!\n\nPlus a great batch of your questions, a fantastic round up \u0026amp; much, much more!","content_html":"\u003cp\u003eLenovo \u0026 Google are victims of DNS hijacking, we’ll share the details, Everyone wants you to secure your data, just not from them \u0026 how Turbotax profits from Cyber tax fraud!\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus a great batch of your questions, a fantastic round up \u0026amp; much, much more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/sAKAKnOtB4A\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"Lenovo \u0026 Google are victims of DNS hijacking, we’ll share the details, Everyone wants you to secure your data, just not from them \u0026 how Turbotax profits from Cyber tax fraud!\n\nPlus a great batch of your questions, a fantastic round up \u0026 much, much more!","date_published":"2015-02-26T21:15:28.000-08:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/1fe4023e-0701-4950-8ebf-a59c466df37f.mp3","mime_type":"audio/mpeg","size_in_bytes":51583210,"duration_in_seconds":6437}]},{"id":"5C937351-557D-46C3-9620-5BFCC6A6964D","title":"Episode 202: SuperFishy Mistake | TechSNAP 202","url":"https://techsnap.systems/202","content_text":"Lenovo PCs ship with man-in-the-middle adware that breaks HTTPS connections, we’ll break down how this is possible, the danger that still exists \u0026amp; more.\n\nPlus the story of a billion dollar cyber heist anyone could pull off, the Equation group, your questions, our answers \u0026amp; much much more!","content_html":"\u003cp\u003eLenovo PCs ship with man-in-the-middle adware that breaks HTTPS connections, we’ll break down how this is possible, the danger that still exists \u0026 more.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus the story of a billion dollar cyber heist anyone could pull off, the Equation group, your questions, our answers \u0026amp; much much more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/ver-RlX7V3A\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"Lenovo PCs ship with man-in-the-middle adware that breaks HTTPS connections, we’ll break down how this is possible, the danger that still exists \u0026 more.\n\nPlus the story of a billion dollar cyber heist anyone could pull off, the Equation group \u0026 much more!","date_published":"2015-02-19T17:29:15.000-08:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/eb8189e6-2c4f-4865-8b9e-e189887ca9c9.mp3","mime_type":"audio/mpeg","size_in_bytes":34619734,"duration_in_seconds":4317}]},{"id":"833C5608-467C-4F68-BADF-E288D6BD7DB1","title":"Episode 201: Group Problemcy | TechSNAP 201","url":"https://techsnap.systems/201","content_text":"A 20 year old design flaw in Windows has just been patched \u0026amp; it requires some major re-working of the software. Attackers compromise Forbes.com \u0026amp; why Facebook’s new ThreatExchange platform could be a great idea.\n\nPlus a great batch of feedback, our answers \u0026amp; much much more!","content_html":"\u003cp\u003eA 20 year old design flaw in Windows has just been patched \u0026 it requires some major re-working of the software. Attackers compromise Forbes.com \u0026 why Facebook’s new ThreatExchange platform could be a great idea.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus a great batch of feedback, our answers \u0026amp; much much more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/r9Uc6ICSZNg\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"A 20 year old design flaw in Windows has just been patched \u0026 it requires some major re-working of the software. Attackers compromise Forbes.com \u0026 why Facebook’s new ThreatExchange platform could be a great idea.","date_published":"2015-02-12T19:07:53.000-08:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/4b421e87-f826-418a-9a44-b8b70c266346.mp3","mime_type":"audio/mpeg","size_in_bytes":45252103,"duration_in_seconds":5646}]},{"id":"E4F74996-8A43-4FA0-A278-3129AAC2A67F","title":"Episode 200: Your TechSNAP Story | TechSNAP 200","url":"https://techsnap.systems/200","content_text":"A new major security breach at a large health insurance firm could expose 10s of millions, a phone phishing scam anyone could fall for \u0026amp; we celebrate our 200th episode with your TechSNAP stories.\n\nThen its a storage spectacular Q\u0026amp;A \u0026amp; much, much more!","content_html":"\u003cp\u003eA new major security breach at a large health insurance firm could expose 10s of millions, a phone phishing scam anyone could fall for \u0026 we celebrate our 200th episode with your TechSNAP stories.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003eThen its a storage spectacular Q\u0026amp;A \u0026amp; much, much more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/9TlzU9ufgQA\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"A new major security breach at a large health insurance firm could expose 10s of millions, a phone phishing scam anyone could fall for \u0026 we celebrate our 200th episode with your TechSNAP stories.\n\nThen its a storage spectacular Q\u0026A \u0026 much, much more!","date_published":"2015-02-05T19:51:18.000-08:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/0af1dc27-57ce-4749-9d0a-c49dc7f7fc00.mp3","mime_type":"audio/mpeg","size_in_bytes":47802994,"duration_in_seconds":5965}]},{"id":"F42D877B-E652-45C4-A06E-D526EB3BAEB0","title":"Episode 199: Internet of Problems | TechSNAP 199","url":"https://techsnap.systems/199","content_text":"The internet of dangerous things is arriving but what about taking care of the devices we already have? We’ll discuss! \n\nPlus details on critical updates from Adobe, the surprising number of Gas Stations vulnerable to exploitation via the internet, your questions, our answers \u0026amp; much, much more!","content_html":"\u003cp\u003eThe internet of dangerous things is arriving but what about taking care of the devices we already have? We’ll discuss! \u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus details on critical updates from Adobe, the surprising number of Gas Stations vulnerable to exploitation via the internet, your questions, our answers \u0026amp; much, much more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/nLAj-eNHY3M\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"The internet of dangerous things is arriving but what about taking care of the devices we already have?\n\nPlus details on critical updates from Adobe, the surprising number of Gas Stations vulnerable to exploitation via the internet \u0026 much, much more!","date_published":"2015-01-29T18:56:32.000-08:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/f724bdff-bbbb-4797-ae9a-416ba8ead3c2.mp3","mime_type":"audio/mpeg","size_in_bytes":40678250,"duration_in_seconds":5074}]},{"id":"FF3C8952-6100-4E18-B6BD-27E24BC80B69","title":"Episode 198: Dude Where's My Card? | TechSNAP 198","url":"https://techsnap.systems/198","content_text":"Adobe has a bad week, with exploits in the wild \u0026amp; no patch. We’ll share the details. Had your credit card stolen? We’ll tell you how.\n\nPlus the harsh reality for IT departments, a great batch of questions, our answers \u0026amp; much much more!","content_html":"\u003cp\u003eAdobe has a bad week, with exploits in the wild \u0026 no patch. We’ll share the details. Had your credit card stolen? We’ll tell you how.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus the harsh reality for IT departments, a great batch of questions, our answers \u0026amp; much much more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/Dv0qRXGN-qo\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"Adobe has a bad week, with exploits in the wild \u0026 no patch. We’ll share the details. Had your credit card stolen? We’ll tell you how.\n\nPlus the harsh reality for IT departments, a great batch of questions, our answers \u0026 much much more!","date_published":"2015-01-22T21:17:32.000-08:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/7d79340e-2a04-4b2f-a6b8-706723ecde02.mp3","mime_type":"audio/mpeg","size_in_bytes":50455750,"duration_in_seconds":6296}]},{"id":"9B822D20-CBBF-4C25-990C-C1A039BBFCC6","title":"Episode 197: Patch and Notify | TechSNAP 197","url":"https://techsnap.systems/197","content_text":"Been putting off that patch? This week we’ll cover how an out of date Joomla install led to a massive breach, Microsoft and Google spar over patch disclosures \u0026amp; picking the right security question...\n\nPlus a great batch of your feedback, a rocking round up \u0026amp; much, much more!","content_html":"\u003cp\u003eBeen putting off that patch? This week we’ll cover how an out of date Joomla install led to a massive breach, Microsoft and Google spar over patch disclosures \u0026 picking the right security question...\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus a great batch of your feedback, a rocking round up \u0026amp; much, much more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/dHYD0LW8hqU\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"Been putting off that patch? This week we’ll cover how an out of date Joomla install led to a massive breach, Microsoft and Google spar over patch disclosures, picking the right security question \u0026 more!","date_published":"2015-01-15T22:26:51.000-08:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/fc2ad917-93aa-4622-b7e1-db5e390964c8.mp3","mime_type":"audio/mpeg","size_in_bytes":58221567,"duration_in_seconds":7267}]},{"id":"220FD560-AB34-42B7-81E3-537B194A74C9","title":"Episode 196: Sony’s Hard Lessons | TechSNAP 196","url":"https://techsnap.systems/196","content_text":"We reflect on the lessons learned from the Sony Hack \u0026amp; discuss some of the tools used to own their network.\n\nPlus a overview of what makes up a filesystem, a run down of the Bacula backup system \u0026amp; much more!","content_html":"\u003cp\u003eWe reflect on the lessons learned from the Sony Hack \u0026 discuss some of the tools used to own their network.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus a overview of what makes up a filesystem, a run down of the Bacula backup system \u0026amp; much more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/OoAeMNjNtZw\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"We reflect on the lessons learned from the Sony Hack \u0026 discuss some of the tools used to own their network.\n\nPlus a overview of what makes up a filesystem, a run down of the Bacula backup system \u0026 much more!\n","date_published":"2015-01-08T19:45:48.000-08:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/bcc7a763-d6cb-47e4-bb03-849811dda4bb.mp3","mime_type":"audio/mpeg","size_in_bytes":50893087,"duration_in_seconds":6351}]},{"id":"03BE94A1-C43D-4CE3-B534-683C04B8A916","title":"Episode 195: Cloudy With a Chance of SSL | TechSNAP 195","url":"https://techsnap.systems/195","content_text":"We go inside the epic takedown of SpamHaus, then we break down why CloudFlare’s Flexible SSL is the opposite of security.\n\nFollowed by a great batch of questions, our answers \u0026amp; much much more!","content_html":"\u003cp\u003eWe go inside the epic takedown of SpamHaus, then we break down why CloudFlare’s Flexible SSL is the opposite of security.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003eFollowed by a great batch of questions, our answers \u0026amp; much much more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/arhcRuIverk\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"We go inside the epic takedown of SpamHaus, then we break down why CloudFlare’s Flexible SSL is the opposite of security.\n\nFollowed by a great batch of questions, our answers \u0026 much much more!","date_published":"2015-01-01T11:54:47.000-08:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/9bd61c7c-8de5-4a7e-9929-947535c8bb55.mp3","mime_type":"audio/mpeg","size_in_bytes":33364280,"duration_in_seconds":4160}]},{"id":"F58A0515-A7D0-457C-832E-D41086DF0B45","title":"Episode 194: Best Of TechSNAP 2014 | TechSNAP 194","url":"https://techsnap.systems/194","content_text":"We look back at this year in TechSNAP. Allan shares his war stories, TrueCrypt shuts down, Heartbleed happens \u0026amp; more!","content_html":"\u003cp\u003eWe look back at this year in TechSNAP. Allan shares his war stories, TrueCrypt shuts down, Heartbleed happens \u0026amp; more!\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/tOwDWNQZlfI\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":"We look back at this year in TechSNAP. Allan shares his war stories, TrueCrypt shuts down, Heartbleed happens \u0026 more!","date_published":"2014-12-25T13:39:47.000-08:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/6cc01f73-1780-4a48-8fdf-5d45f195d712.mp3","mime_type":"audio/mpeg","size_in_bytes":48504899,"duration_in_seconds":6052}]},{"id":"7D37360F-5254-4895-8E17-D106879873C3","title":"Episode 193: Don’t Fire IT | TechSNAP 193","url":"https://techsnap.systems/193","content_text":"More and more data breaches are leading to blackmail but the stats don’t tell the whole story. We’ll explain.\n\nPlus the latest in the Sony hack, and the wider reaction. Plus a great batch of emails \u0026amp; much, much more!","content_html":"\u003cp\u003eMore and more data breaches are leading to blackmail but the stats don’t tell the whole story. We’ll explain.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus the latest in the Sony hack, and the wider reaction. Plus a great batch of emails \u0026amp; much, much more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/UnRwTZONlG0\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":" More and more data breaches are leading to blackmail but the stats don’t tell the whole story. We’ll explain. Plus the latest in the Sony hack, and the wider reaction. Plus a great batch of emails \u0026 much, much more!","date_published":"2014-12-18T18:54:47.000-08:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/86d3f11a-e460-4018-a3cf-52baf153c71b.mp3","mime_type":"audio/mpeg","size_in_bytes":44806769,"duration_in_seconds":5590}]},{"id":"868A8960-FD9B-40BE-8923-918EC18F496F","title":"Episode 192: Signed by Sony | TechSNAP 192","url":"https://techsnap.systems/192","content_text":"If we could rebuild the Internet from scratch, what would we change? It’s more than just a thought experiment. We’ll share the details about real world research being done today!\n\nPlus we dig through the Sony hack, answer a ton of great question \u0026amp; a rocking roundup!","content_html":"\u003cp\u003eIf we could rebuild the Internet from scratch, what would we change? It’s more than just a thought experiment. We’ll share the details about real world research being done today!\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus we dig through the Sony hack, answer a ton of great question \u0026amp; a rocking roundup!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/us-o1R21euI\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":" If we could rebuild the Internet from scratch, what would we change? It’s more than just a thought experiment. We’ll share the details about real world research being done today! Plus we dig through the Sony hack, answer a ton of great question \u0026 a rocki","date_published":"2014-12-11T18:52:43.000-08:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/279eff02-4485-460a-90d4-fe83da13cac3.mp3","mime_type":"audio/mpeg","size_in_bytes":49055822,"duration_in_seconds":6121}]},{"id":"AABF9C60-DD0D-414E-BA28-2FA568A0DE16","title":"Episode 191: Celebrity Bugs | TechSNAP 191","url":"https://techsnap.systems/191","content_text":"2014 has been the year of the celebrity bugs, we take a look at the new trend of giving security vulnerabilities names \u0026amp; logos \u0026amp; ask who it truly benefits.\n\nPlus practical way to protect yourself from ATM Skimmers, how they work \u0026amp; much more!","content_html":"\u003cp\u003e2014 has been the year of the celebrity bugs, we take a look at the new trend of giving security vulnerabilities names \u0026 logos \u0026 ask who it truly benefits.\u003c/p\u003e\n\n\u003cp\u003e\u003cp\u003ePlus practical way to protect yourself from ATM Skimmers, how they work \u0026amp; much more!\u003c/p\u003e\u003cimg src=\"http://feeds.feedburner.com/~r/techsnapmp3/~4/kFqn5TlUzqk\" height=\"1\" width=\"1\" alt=\"\"/\u003e\u003c/p\u003e","summary":" 2014 has been the year of the celebrity bugs, we take a look at the new trend of giving security vulnerabilities names \u0026 logos \u0026 ask who it truly benefits. Plus practical way to protect yourself from ATM Skimmers, how they work \u0026 much more!","date_published":"2014-12-04T20:58:59.000-08:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/e5eff07a-a29d-402e-bec7-1b1cba31809f.mp3","mime_type":"audio/mpeg","size_in_bytes":55025714,"duration_in_seconds":6867}]}]}