Skip to main content.

Episode 141: BSD Likes Ike!

2016-05-11

Direct Download:

Video | HD Video | MP3 Audio | OGG Audio | Torrent

This episode was brought to you by

iXsystems - Enterprise Servers and Storage for Open SourceDigitalOcean - Simple Cloud Hosting, Built for DevelopersTarsnap - Online Backups for the Truly Paranoid


Headlines

Regarding Embargoes

  • Our buddy TedU has a great thought piece today on the idea of “embargoes” for security advisories.
  • This all stemmed from a recent incident with LibreSSL patches from embargoed OpenSSL vulns, that accidentally got committed too early.
  • Ted makes a pretty good case on the difficulties of having embargos, and maybe the reason there shouldn’t be. Couple of quotes to give you a taste:

“There are several difficulties maintaining embargoes. Keeping secrets is against human nature. I don’t want to be the one who leaks, but if I see something that looks like the secret is out, it’s a relief to be able to speak freely. There is a bias towards recognizing such signs where they may not really exist. (Exacerbated by broad embargoes where some parts leak but other parts don’t. It’s actually very hard to tell what’s not publicly known when you know everything.)

The most thorough embargo and release timeline reconstruction is the heartbleed timeline. It’s another great case study. Who exactly decided who were the haves and have nots? Was it determined by who needed to know or who you needed to know? Eventually the dam started to crack.”

“When Cloudflare brags that they get advance notice of vulnerabilities, attracting more customers, and therefore requiring even more early access, how are smaller players to compete? What happens if you’re not big enough to prenotify?

Sometimes vulnerabilities are announced unplanned. Zero day cyber missiles are part of our reality, which means end users don’t really have the luxury of only patching on Tuesday. They need to apply patches when they appear. If applying patches at inconvenient times is a problem, make it not a problem. Not really a gripe about embargoes per se, but the scheduled timing of coordinated release at the end of the embargo is catering to a problem that shouldn’t exist.”

  • I will admit that CloudFlare bragging around Heartbleed was upsetting
  • The biggest issue here is the difficulty with coordinating so many open source projects, which are often done by volunteers, in different countries and time zones
  • The other issue is determining when the secret is “out of the bag”

MAJOR ABI BREAK: csu, ld.so, libc, libpthread update

  • OpenBSD warns those following the -current (development) branch to be careful as they upgrade because of a major ABI break that will result in applications not working
  • “Handling of single-threaded programs is now closer to multi-threaded, with ld.so and libc.a doing thread information base (TIB) allocation. Threaded programs from before the 2016/03/19 csu and ld.so update will no longer run. An updated ld.so must be built and installed before running make build.”
  • A special note for those on PowerPC: “PowerPC has been updated to offset the TIB from the hardware register. As a result, all threaded programs are broken until they have been rebuilt with the new libc and libpthread. perl must be built after building the libraries and before building the rest of base.”
  • “The definitions of environ and __progname for dynamically linked programs have been moved from the C startup code to ld.so(1). An updated ld.so must be built and installed before running make build.”
  • The link provides instructions on how to update your system properly

How to install FreeBSD 10.3 on VMWare Workstation 12 Pro

  • This tutorial starts at the very basics, running through the FreeBSD installer
  • But then it goes on to configuring the machine specifically for VMWare
  • After the system has been booted, the tutorial walks through installing the VMWare tools
  • Then networking is configured in both VMWare and FreeBSD
  • A small hack is required to make the VMWare tools startup script wait until the network is up
  • A very nice tutorial for people using VMWare
  • I am working on a patch to bsdinstall to ensure that the swap partition is put before the main partition, so it can more easily be resized if you later decide you need more space in your VM
  • the camcontrol reprobe subcommand has been added ,
  • “This makes it possible to manually force updating capacity data after the disk got resized. Without it it might be necessary to reboot before FreeBSD notices updated disk size under eg VMWare.”

BSD Router project releases v1.59

  • We’ve talked about the BSD Router project a bit in the past, but today we have a brand new release to bring to you.
  • For those who don’t remember, the BSDrp is a router aimed at replacing more of your big-commercial type systems.
  • First up in the new hotness, we have it based upon recently released FreeBSD 10.3!
  • In addition, there is a new package: New package: mlvpn (aggregated network links in order to benefit from the bandwidth of multiple links)
  • Other packages have gotten a bump with this release as well:

    • bsnmp-ucd to 0.4.2
    • dma to 0.11
    • dmidecode to 3.0
    • exabgp to 3.4.15
    • iperf3 to 3.1.2
    • monit to 5.17
    • mpd5 to 5.8
    • openvpn to 2.3.10
    • python to 2.7.11
    • quagga to 1.0.20160315
    • strongswan to 5.4.0
  • What are you waiting for? Amd64 and i386 images are ready for you to download now.


Interview - Isaac (.Ike) Levy -


News Roundup

Tredly - Prebuilt containers on FreeBSD

  • Discussion regarding its GPLv3 licensing
  • A new “container” solution called “Trendly” has started making some news around various tech sites.
  • In particular, this new project uses FreeBSD as its base OS and jail functionality in the backend.
  • Their solution seems based around the idea of shipping containers as manifests, such as lists of packages to install and configuration knobs.
  • The project is still rather new, and we’ll be keeping an eye on it for the future.
  • One notable change already though, it was (for some reason) released under GPLv3. Understandably this caused quite a ruckus with various folks in the community, since it’s built specifically on BSD. Since this, the code has been re-licensed as MIT, which is far more in the spirit of a traditional BSD license.

NVMe driver added to NetBSD - ported from OpenBSD

  • NetBSD has gained support for Non-Volatile Memory Express, the new standard for PCIe attached Flash Memory
  • The change of interface from SATA to NVMe offers a number of advantages, mostly, it doesn’t require the device to pretend to be a spinning disk
  • One of the biggest advantages is that it supports completing multiple operations at once, with the Intel hardware I have tested, 63 I/Os can happen concurrently, so a very large queue depth is required to keep the device busy. The 64th I/O channel is reserved for administrative commands, to keep them from being delayed by the large queue depth
  • The device I tested could read at 3800 MB/s, and write 1700MB/s, something that wouldn’t be possible with a normal SSD
  • It is interesting that NetBSD took the NVMe support from OpenBSD, whereas the FreeBSD implementation was contributed directly by Intel
  • This may have to do with that fact that OpenBSD’s device model is closer to that of NetBSD
  • Commit Log

New BSDNow T-Shirts


PC-BSD 11-CURRENT with Package Base

  • Looking for a way to play with the new FreeBSD base package system?
  • This month’s PC-BSD -CURRENT image now used packages for base system installation, and is asking for testers to help find bugs.
  • Known issues so far:
    • setuid binaries (Fix in works)
    • Missing tzone files
    • Distrib packages
  • If all that doesn’t scare you away, then give it a whirl! Upgrades for previous APRIL images are now online also.

BeastieBits


Feedback/Questions


  • Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv

Latest News

New announcement

2017-05-25

We understand that Michael Dexter, Brad Davis, and George Rosamond think there should be more real news....

Two Year Anniversary

2015-08-08

We're quickly approaching our two-year anniversary, which will be on episode 105. To celebrate, we've created a unique t-shirt design, available for purchase until the end of August. Shirts will be shipped out around September 1st. Most of the proceeds will support the show, and specifically allow us to buy...

New discussion segment

2015-01-17

We're thinking about adding a new segment to the show where we discuss a topic that the listeners suggest. It's meant to be informative like a tutorial, but more of a "free discussion" format. If you have any subjects you want us to explore, or even just a good name...

How did you get into BSD?

2014-11-26

We've got a fun idea for the holidays this year: just like we ask during the interviews, we want to hear how all the viewers and listeners first got into BSD. Email us your story, either written or a video version, and we'll read and play some of them for...


Episode 261: FreeBSDcon flashback

2018-08-29

Direct Download:MP3 AudioVideo This episode was brought to you by Headlines An Insight into the Future of TrueOS BSD and Project Trident Last month, TrueOS announced that they would be spinning off their desktop offering. The team behind the new project, named Project Trident, have been working furiously towards their first release....

Episode 260: Hacking Tour of Europe

2018-08-22

Direct Download:MP3 AudioVideo This episode was brought to you by Headlines Essen Hackathon & BSDCam 2018 trip report Allan and Benedict met at FRA airport and then headed to the Air Rail terminal for our train to Essen where the Hackathon would happen over the weekend of Aug 10 - 12, 2018. Once there,...

Episode 259: Long Live Unix

2018-08-15

Direct Download:MP3 AudioVideo This episode was brought to you by Picking the contest winner 1) Vincent 2) Bostjan 3) Andrew 4) Klaus-Hendrik 5) Will 6) Toby 7) Johnny 8) David 9) manfrom 10) Niclas 11) Gary 12) Eddy 13) Bruce 14) Lizz 15) Jim Random number generator Headlines The Strange Birth and Long Life of Unix They say that when one door closes on you, another opens. People generally...

Episode 258: OS Foundations

2018-08-08

Direct Download:MP3 AudioVideo This episode was brought to you by Headlines FreeBSD Foundation Update, July 2018 MESSAGE FROM THE EXECUTIVE DIRECTOR We’re in the middle of summer here, in Boulder, CO. While the days are typically hot, they can also be quite unpredictable. Thanks to the Rocky Mountains, waking up to 50-degree (~10...