Skip to main content.

Episode 044: Base ISO 100

2014-07-02

Direct Download:

Video | HD Video | MP3 Audio | OGG Audio | Torrent

This episode was brought to you by

iXsystems - Enterprise servers and storage for open sourceTarsnap - online backups for the truly paranoid


Headlines

pfSense 2.1.4 released

  • The pfSense team has released 2.1.4, shortly after 2.1.3 - it's mainly a security release
  • Included within are eight security fixes, most of which are pfSense-specific
  • OpenSSL, the WebUI and some packages all need to be patched (and there are instructions on how to do so)
  • It also includes a large number of various other bug fixes
  • Update all your routers!

DragonflyBSD's pf gets SMP

  • While we're on the topic of pf...
  • Dragonfly patches their old[er than even FreeBSD's] pf to support multithreading in many areas
  • Stemming from a user's complaint, Matthew Dillon did his own work on pf to make it SMP-aware
  • Altering your configuration's ruleset can also help speed things up, he found
  • When will OpenBSD, the source of pf, finally do the same?

ChaCha usage and deployment

  • A while back, we talked to djm about some cryptography changes in OpenBSD 5.5 and OpenSSH 6.5
  • This article is sort of an interesting follow-up to that, showing which projects have adopted ChaCha20
  • OpenSSH offers it as a stream cipher now, OpenBSD uses it for it's random number generator, Google offers it in TLS for Chromium and some of their services and lots of other projects seem to be adopting it
  • Both Google's fork of OpenSSL and LibReSSL have upcoming implementations, while vanilla OpenSSL does not
  • Unfortunately, this article has one mistake: FreeBSD does not use it - they still use the broken RC4 algorithm

BSDMag June 2014 issue

  • The monthly online BSD magazine releases their newest issue
  • This one includes the following articles: TLS hardening, setting up a package cluster in MidnightBSD, more GIMP tutorials, "saving time and headaches using the robot framework for testing," an interview and an article about the increasing number of security vulnerabilities
  • The free pdf file is available for download as always

Interview - Craig Rodrigues - rodrigc@freebsd.org

FreeBSD's continuous testing infrastructure


Tutorial

Creating pre-patched OpenBSD ISOs


News Roundup

Preauthenticated decryption considered harmful

  • Responding to a post from Adam Langley, Ted Unangst talks a little more about how signify and pkg_add handle signatures
  • In the past, the OpenBSD installer would pipe the output of ftp straight to tar, but then verify the SHA256 at the end - this had the advantage of not requiring any extra disk space, but raised some security concerns
  • With signify, now everything is fully downloaded and verified before tar is even invoked
  • The pkg_add utility works a little bit differently, but it's also been improved in this area - details in the post
  • Be sure to also read the original post from Adam, lots of good information

FreeBSD 9.3-RC2 is out

  • As the -RELEASE inches closer, release candidate 2 is out and ready for testing
  • Since the last one, it's got some fixes for NIC drivers, the latest file and libmagic security fixes, some serial port workarounds and various other small things
  • The updated bsdconfig will use pkgng style packages now too
  • A lesser known fact: there are also premade virtual machine images you can use too

pkgsrcCon 2014 wrap-up

  • In what may be the first real pkgsrcCon article we've ever had!
  • Includes wrap-up discussion about the event, the talks, the speakers themselves, what they use pkgsrc for, the hackathon and basically the whole event
  • Unfortunately no recordings to be found...

PostgreSQL FreeBSD performance and scalability

  • FreeBSD developer kib@ writes a report on PostgreSQL on FreeBSD, and how it scales
  • On his monster 40-core box with 1TB of RAM, he runs lots of benchmarks and posts the findings
  • Lots of technical details if you're interested in getting the best performance out of your hardware
  • It also includes specific kernel options he used and the rest of the configuration
  • If you don't want to open the pdf file, you can use this link too

Feedback/Questions


  • All the tutorials are posted in their entirety at bsdnow.tv
  • There, you'll also find a link to Bob Beck's LibReSSL talk from the end of May - we finally found a recording!
  • Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv
  • If you want to come on for an interview or have a tutorial you'd like to see, let us know
  • Watch live Wednesdays at 2:00PM Eastern (18:00 UTC)
  • Next week Allan will be at BSDCam, so we'll have a prerecorded episode then

Latest News

How did you get into BSD?

2014-11-26

We've got a fun idea for the holidays this year: just like we ask during the interviews, we want to hear how all the viewers and listeners first got into BSD. Email us your story, either written or a video version, and we'll read and play some of them for...

EuroBSDCon 2014

2014-09-18

As you might expect, both Allan and Kris will be at EuroBSDCon this year. They'll be busy hunting down various BSD developers and forcing them to do interviews, but don't hesitate to say hi if you're a listener!...

BSDCan 2014

2014-04-30

We just wrapped up episode 35 after having some horrible audio issues. Sorry about the quality being lower than usual, we did the best we could given the circumstances. Next week we've got a normal episode, but the following week Allan and Kris will be at BSDCan. That week will...

AsiaBSDCon 2014

2014-03-05

Both Allan and Kris will be going to AsiaBSDCon this year, so episode 28 will be shorter than usual. We'll be back the following week with a huge episode. Hopefully they can get some interviews there!...


Episode 065: 8,000,000 Mogofoo-ops

2014-11-26

Direct Download: Video | HD Video | MP3 Audio | OGG Audio | Torrent This episode was brought to you by Headlines Even more BSD presentation videos More videos from this year's MeetBSD and OpenZFS devsummit were uploaded since last week Robert Ryan, At the Heart of the Digital Economy FreeNAS & ZFS, The Indestructible Duo -...

Episode 064: Rump Kernels Revisited

2014-11-19

Direct Download: Video | HD Video | MP3 Audio | OGG Audio | Torrent This episode was brought to you by Headlines EuroBSDCon 2014 talks and tutorials The 2014 EuroBSDCon videos have been online for over a month, but unannounced - keep in mind these links may be temporary (but we'll mention their new location...

Episode 063: A Man's man(1)

2014-11-12

Direct Download: Video | HD Video | MP3 Audio | OGG Audio | Torrent This episode was brought to you by Headlines Updates to FreeBSD's random(4) FreeBSD's random device, which presents itself as "/dev/random" to users, has gotten a fairly major overhaul in -CURRENT The CSPRNG (cryptographically secure pseudo-random number generator) algorithm, Yarrow, now has a...

Episode 062: Gift from the Sun

2014-11-05

Direct Download: Video | HD Video | MP3 Audio | OGG Audio | Torrent This episode was brought to you by Interview - Pawel Jakub Dawidek - pjd@freebsd.org Porting ZFS, GEOM, GELI, Capsicum, various topics All the tutorials are posted in their entirety at bsdnow.tv Send questions, comments, show ideas/topics, or stories you want mentioned on...