Skip to main content.

Episode 082: SSL in the Wild

2015-03-25

Direct Download:

Video | HD Video | MP3 Audio | OGG Audio | Torrent

This episode was brought to you by

iXsystems - Enterprise Servers and Storage for Open SourceDigitalOcean - Simple Cloud Hosting, Built for DevelopersTarsnap - Online Backups for the Truly Paranoid


Headlines

EuroBSDCon 2015 call for papers

  • The call for papers has been announced for the next EuroBSDCon, which is set to be held in Sweden this year
  • According to their site, the call for presentation proposals period will start on Monday the 23rd of March until Friday the 17th of April
  • If giving a full talk isn't your thing, there's also a call for tutorials - if you're comfortable teaching other people about something BSD-related, this could be a great thing too
  • You're not limited to one proposal - several speakers gave multiple in 2014 - so don't hesitate if you've got more than one thing you'd like to talk about
  • We'd like to see a more balanced conference schedule than BSDCan's having this year, but that requires effort on both sides - if you're doing anything cool with any BSD, we'd encourage you submit a proposal (or two)
  • Check the announcement for all the specific details and requirements
  • If your talk gets accepted, the conference even pays for your travel expenses

Making security sausage

  • Ted Unangst has a new blog post up, detailing his experiences with some recent security patches both in and out of OpenBSD
  • "Unfortunately, I wrote the tool used for signing patches which somehow turned into a responsibility for also creating the inputs to be signed. That was not the plan!"
  • The post first takes us through a few OpenBSD errata patches, explaining how some can get fixed very quickly, but others are more complicated and need a bit more review
  • It also covers security in upstream codebases, and how upstream projects sometimes treat security issues as any other bug
  • Following that, it leads to the topic of FreeType - and a much more complicated problem with backporting patches between versions
  • The recent OpenSSL vulnerabilities were also mentioned, with an interesting story to go along with them
  • Just 45 minutes before the agreed-upon announcement, OpenBSD devs found a problem with the patch OpenSSL planned to release - it had to be redone at the last minute
  • It was because of this that FreeBSD actually had to release a security update to their security update
  • He concludes with "My number one wish would be that every project provide small patches for security issues. Dropping enormous feature releases along with a note 'oh, and some security too' creates downstream mayhem."

Running FreeBSD on the server, a sysadmin speaks

  • More BSD content is appearing on mainstream technology sites, and, more importantly, BSD Now is being mentioned
  • ITWire recently did an interview with Allan about running FreeBSD on servers (possibly to go with their earlier interview with Kris about desktop usage)
  • They discuss some of the advantages BSD brings to the table for sysadmins that might be used to Linux or some other UNIX flavor
  • It also covers specific features like jails, ZFS, long-term support, automating tasks and even… what to name your computers
  • If you've been considering switching your servers over from Linux to FreeBSD, but maybe wanted to hear some first-hand experience, this is the article for you

NetBSD ported to Hardkernel ODROID-C1

  • In their never-ending quest to run on every new board that comes out, NetBSD has been ported to the Hardkernel ODROID-C1
  • This one features a quad-core ARMv7 CPU at 1.5GHz, has a gig of ram and gigabit ethernet... all for just $35
  • There's a special kernel config file for this board's hardware, available in both -current and the upcoming 7.0
  • More info can be found on their wiki page
  • After this was written, basic framebuffer console support was also committed, allowing a developer to run XFCE on the device

Interview - Bernard Spil - brnrd@freebsd.org / @sp1l

LibreSSL adoption in FreeBSD ports and the wider software ecosystem


News Roundup

Monitoring pf logs with Gource

  • If you're using pf on any of the BSDs, maybe you've gotten bored of grepping logs and want to do something more fancy
  • This article will show you how to get set up with Gource for a cinematic-like experience
  • If you've never heard of Gource, it's "an OpenGL-based 3D visualization tool intended for visualizing activity on source control repositories"
  • When you put all the tools together, you can end up with some pretty eye-catching animations of your firewall traffic
  • One of our listeners wrote in to say that he set this up and, almost immediately, noticed his girlfriend's phone had been compromised - graphical representations of traffic could be useful for detecting suspicious network activity

pkgng 1.5.0 alpha1 released

  • The development version of pkgng was updated to 1.4.99.14, or 1.5.0 alpha1
  • This update introduces support for provides/requires, something that we've been wanting for a long time
  • It will also now print which package is the reason for direct dependency change
  • Another interesting addition is the "pkg -r" switch, allowing cross installation of packages
  • Remember this isn't the stable version, so maybe don't upgrade to it just yet on any production systems
  • DragonFly will also likely pick up this update once it's marked stable

Welcome to OpenBSD

  • We mentioned last week that our listener Brian was giving a talk in the Troy, New York area
  • The slides from that talk are now online, and they've been generating quite a bit of discussion online
  • It's simply titled "Welcome to OpenBSD" and gives the reader an introduction to the OS (and how easy it is to get involved with contributing)
  • Topics include a quick history of the project, who the developers are and what they do, some proactive security techniques and finally how to get involved
  • As you may know, NetBSD has almost 60 supported platforms and their slogan is "of course it runs NetBSD" - Brian says, with 17 platforms over 13 CPU architectures, "it probably runs OpenBSD"
  • No matter which BSD you might be interested in, these slides are a great read, especially for any beginners looking to get their feet wet
  • Try to guess which font he used...

BSDTalk episode 252

  • And somehow Brian has snuck himself into another news item this week
  • He makes an appearance in the latest episode of BSD Talk, where he chats with Will about running a BSD-based shell provider
  • If that sounds familiar, it's probably because we did the same thing, albeit with a different member of their team
  • In this interview, they discuss what a shell provider does, hardware requirements and how to weed out the spammers in favor of real people
  • They also talk a bit about the community aspect of a shared server, as opposed to just running a virtual machine by yourself

Feedback/Questions


Mailing List Gold


  • Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv - don't be afraid to write about your experiences and send them to us, we'd love to read about what you guys are doing with BSD
  • If you're interested in OpenZFS discussion, they're looking to start up the office hours series again on April 2nd (with Justin Gibbs)
  • There's a new BSD users group starting up in the Vancouver, British Columbia area - VanBUG will be holding an event on April 8th

Latest News

Two Year Anniversary

2015-08-08

We're quickly approaching our two-year anniversary, which will be on episode 105. To celebrate, we've created a unique t-shirt design, available for purchase until the end of August. Shirts will be shipped out around September 1st. Most of the proceeds will support the show, and specifically allow us to buy...

New discussion segment

2015-01-17

We're thinking about adding a new segment to the show where we discuss a topic that the listeners suggest. It's meant to be informative like a tutorial, but more of a "free discussion" format. If you have any subjects you want us to explore, or even just a good name...

How did you get into BSD?

2014-11-26

We've got a fun idea for the holidays this year: just like we ask during the interviews, we want to hear how all the viewers and listeners first got into BSD. Email us your story, either written or a video version, and we'll read and play some of them for...

EuroBSDCon 2014

2014-09-18

As you might expect, both Allan and Kris will be at EuroBSDCon this year. They'll be busy hunting down various BSD developers and forcing them to do interviews, but don't hesitate to say hi if you're a listener!...


Episode 156: The Fresh BSD experience

2016-08-24

Direct Download:VideoHD VideoMP3 AudioOGG AudioTorrent This episode was brought to you by Headlines FreeBSD 11.0-RC1 Available FreeBSD is marching onwards to 11.0, and with it the first RC1 was released. In addition to the usual amd64 architectures, you may want to give it a whirl on your various ARM boards as well, as it...

Episode 155: Cabling up FreeBSD

2016-08-17

Direct Download:VideoHD VideoMP3 AudioOGG AudioTorrent< This episode was brought to you by Headlines My two year journey to becoming an OS Developer A blog post by Ryan Zezeski about how he ended doing OS Development instead of working on application We have featured his posts before, including The illumos SYSCALL Handler It started...

Episode 154: Myths, Pi’s & Features, oh my!

2016-08-10

Direct Download:Video | HD Video | MP3 Audio | OGG Audio | Torrent This episode was brought to you by Headlines broken features aren't used This post from TedU talks about the difficulty of removing features from an operating system “One of the difficulties in removing a feature is identifying all the potential users. A...

Episode 153: Big int trouble

2016-08-03

Direct Download: Video | HD Video | MP3 Audio | OGG Audio | Torrent This episode was brought to you by Headlines my int is too big “The NCC Group report describes the bugs, but not the history of the code.” “Several of them, as reported by NCC, involved similar integer truncation issues. Actually, they involved...