wlug August 2017

wlug@list.waikato.ac.nz

9 participants
50 discussions

by Lawrence D'Oliveiro

"The laws of Australia prevail in Australia, I can assure you of that," [Malcolm Turnbull] said on Friday. "The laws of mathematics are very commendable, but the only law that applies in Australia is the law of Australia." <https://www.techdirt.com/articles/20170714/10385237789/aussie-prime-ministe…>

2 years, 10 months

An Ordinary User’s Adventures In Linux

by Lawrence D'Oliveiro

I helped an elderly friend set up his new PC yesterday. His previous machine, over a decade old, was running Windows XP. I had set up an Ubuntu dual-boot a few years back, and he liked playing the games. But then the Linux boot stopped working--there was a message to the effect “hd0 out of disk”, which sounded like a GRUB problem (“hd0” being a GRUB disk name, not a Linux disk name). I booted up SystemRescueCD, and found that disk space was ample. I did an fsck on the Linux volume, and found no filesystem problems. I ran a badblocks scan, and it reported several bad sectors, though oddly they only seemed to be in the Windows partition (if I interpreted the numbers correctly). Naturally I searched online, but the hits I found for that error message didn’t seem very helpful. Reinstalling GRUB didn’t help, so I concluded there were likely other hardware problems, so time for a new machine. He got an entry-level dual-core AMD box from PBTech--their own house build, in a CoolerMaster case--for well under a grand. Nothing fancy, but good enough for his needs--mainly Web browsing, e-mail, a little bit of word processing, and those games. The PBTech box came without an OS. He could have got Windows 10 for it, but considering he would be facing a learning curve coming from XP regardless, I suggested going 100% Linux for all his daily needs, to see if that would work. He could always spend the $160-odd extra on Windows later if need be. So I set it up with Linux Mint, since that seems to be everybody’s favourite :). He was already using Firefox on Windows, so moving all his Web bookmarks across was easy. The Mint install put an icon for Thunderbird on the desktop by default, so I decided to try that for e-mail. Getting his address book across from Outlook Express was fairly straightforward, once I figured out how to map the exported CSV field names correctly. The mail messages were slightly more fiddly, but I found this extension <https://addons.mozilla.org/en-US/thunderbird/addon/importexporttools/> which directly loads Microsoft’s .dbx files, and that seemed to work OK. Then he wanted to play CDs. When we put in an audio CD, it came up with options to run Banshee (media player) or Brasero (disc burner). The Banshee media player wouldn’t play the CD directly, it insisted on ripping it to the hard drive first. This was not really what he wanted. I had a look round, and found KsCD, which will indeed play audio CDs without trying to rip them to audio files first. As far as I know, this is the only GUI Linux app that can do so. So, day 1 ended on a reasonably successful note. He was already noticing how much faster the new machine was. So we’ll see how it goes from here...

3 years, 10 months

711 million email addresses ensnared in "largest" spambot

by Peter Reutemann

'A huge spambot ensnaring 711 million email accounts has been uncovered. A Paris-based security researcher, who goes by the pseudonymous handle Benkow, discovered an open and accessible web server hosted in the Netherlands, which stores dozens of text files containing a huge batch of email addresses, passwords, and email servers used to send spam. Those credentials are crucial for the spammer's large-scale malware operation to bypass spam filters by sending email through legitimate email servers.' -- source: http://www.zdnet.com/article/onliner-spambot-largest-ever-malware-campaign-… Cheers, Peter -- Peter Reutemann Dept. of Computer Science University of Waikato, NZ +64 (7) 858-5174 http://www.cms.waikato.ac.nz/~fracpete/ http://www.data-mining.co.nz/

3 years, 11 months

scrollbars: click to scroll

by Peter Reutemann

Hi everyone Here's one for us old-fogies that don't like the new fandangled behavior of scrollbars, moving to where you click instead of scrolling (drives me nuts when scrolling through posts). For GTK do the following: - Create ~/.config/gtk-3.0/settings.ini - add the following content [Settings] gtk-primary-button-warps-slider = false --source: https://unix.stackexchange.com/a/306340 For Firefox itself do this: - go to about:config - right-click and select "New" of type "Integer" - use "ui.scrollToClick" as name and enter value "0" -- source: https://unix.stackexchange.com/a/276016 And, if you want your top/bottom buttons on the scrollbar back, have a look here: https://linuxnorth.wordpress.com/2014/06/01/vertical-scroll-bars-in-linux-m… Cheers, Peter -- Peter Reutemann Dept. of Computer Science University of Waikato, NZ +64 (7) 858-5174 http://www.cms.waikato.ac.nz/~fracpete/ http://www.data-mining.co.nz/

3 years, 11 months

On Internet Privacy, Be Very Afraid

by Peter Reutemann

'Cybersecurity expert and Berkman Klein fellow Bruce Schneier talked to the Gazette about what consumers can do to protect themselves from government and corporate surveillance. From the interview: GAZETTE: After whistleblower Edward Snowden's revelations concerning the National Security Agency's (NSA) mass surveillance operation in 2013, how much has the government landscape in this field changed? SCHNEIER: Snowden's revelations made people aware of what was happening, but little changed as a result. The USA Freedom Act resulted in some minor changes in one particular government data-collection program. The NSA's data collection hasn't changed; the laws limiting what the NSA can do haven't changed; the technology that permits them to do it hasn't changed. It's pretty much the same. GAZETTE: Should consumers be alarmed by this? SCHNEIER: People should be alarmed, both as consumers and as citizens. But today, what we care about is very dependent on what is in the news at the moment, and right now surveillance is not in the news. It was not an issue in the 2016 election, and by and large isn't something that legislators are willing to make a stand on. Snowden told his story, Congress passed a new law in response, and people moved on. GAZETTE: What about corporate surveillance? How pervasive is it? SCHNEIER: Surveillance is the business model of the internet. Everyone is under constant surveillance by many companies, ranging from social networks like Facebook to cellphone providers. This data is collected, compiled, analyzed, and used to try to sell us stuff. Personalized advertising is how these companies make money, and is why so much of the internet is free to users. We're the product, not the customer.' -- source: https://yro.slashdot.org/story/17/08/29/1725246 Cheers, Peter -- Peter Reutemann Dept. of Computer Science University of Waikato, NZ +64 (7) 858-5174 http://www.cms.waikato.ac.nz/~fracpete/ http://www.data-mining.co.nz/

3 years, 11 months

New Ryzen Running Stable On Linux, Threadripper Builds Kernel In 36 Seconds

by Peter Reutemann

'After AMD confirmed the a "performance marginality problem" affecting some Ryzen Linux users, RMAs are being issued and replacement Ryzen processors arriving for affected opensource fans. Phoronix has been able to confirm that the new Ryzen CPUs are running stable without the segmentation fault problem that would occur under very heavy workloads. They have also been able to test now the Ryzen Threadripper 1950X. The Threadripper 1950X on Linux is unaffected by any issues unless you count the lack of a thermal reporting driver. With the 32 threads under Linux they have been able to build the Linux kernel in just about a half minute.' -- source: https://linux.slashdot.org/story/17/08/29/184243 Cheers, Peter -- Peter Reutemann Dept. of Computer Science University of Waikato, NZ +64 (7) 858-5174 http://www.cms.waikato.ac.nz/~fracpete/ http://www.data-mining.co.nz/

3 years, 11 months

Cryptocurrencies And Autonomous Weapons

by Lawrence D'Oliveiro

Al Jazeer’s “Counting The Cost” economics program this week <http://www.aljazeera.com/programmes/countingthecost/2017/08/cryptocurrencie…> talks, among other things, a bit about: * Cryptocurrencies (e.g. Bitcoin) -- is it too early to start regulating them? Start worrying about their use for illegal activities? Start investing in them? * Autonomous military weaponry -- should we start banning the creation of weapons that can take their own decision to shoot to kill? Or is more research needed? By the way, mentioned in passing in the latter segment is that Samsung-made autonomous guns are already deployed along South Korea’s border with its northern neighbour.

3 years, 11 months

Addendum to last night's presentation on RPi projects

by Peter Reutemann

Hi everyone This was the other sensor project that I came across, using multiple arduino sensors to monitor humidity/temperature, collecting them with a RF receiver (though I wouldn't use xively.com to collect the data): https://computers.tutsplus.com/tutorials/building-a-wireless-sensor-network… Cheers, Peter -- Peter Reutemann Dept. of Computer Science University of Waikato, NZ +64 (7) 858-5174 http://www.cms.waikato.ac.nz/~fracpete/ http://www.data-mining.co.nz/

3 years, 11 months

How the NSA Identified Satoshi Nakamoto

by Peter Reutemann

'The 'creator' of Bitcoin, Satoshi Nakamoto, is the world's most elusive billionaire. Very few people outside of the Department of Homeland Security know Satoshi's real name. In fact, DHS will not publicly confirm that even THEY know the billionaire's identity. Satoshi has taken great care to keep his identity secret employing the latest encryption and obfuscation methods in his communications. Despite these efforts (according to my source at the DHS) Satoshi Nakamoto gave investigators the only tool they needed to find him -- his own words. Using stylometry one is able to compare texts to determine authorship of a particular work. Throughout the years Satoshi wrote thousands of posts and emails and most of which are publicly available. According to my source, the NSA was able to the use the 'writer invariant' method of stylometry to compare Satoshi's 'known' writings with trillions of writing samples from people across the globe. By taking Satoshi's texts and finding the 50 most common words, the NSA was able to break down his text into 5,000 word chunks and analyse each to find the frequency of those 50 words. This would result in a unique 50-number identifier for each chunk. The NSA then placed each of these numbers into a 50-dimensional space and flatten them into a plane using principal components analysis. The result is a 'fingerprint' for anything written by Satoshi that could easily be compared to any other writing. The NSA then took bulk emails and texts collected from their mass surveillance efforts. First through PRISM and then through MUSCULAR, the NSA was able to place trillions of writings from more than a billion people in the same plane as Satoshi's writings to find his true identity. The effort took less than a month and resulted in positive match' -- source: https://tech.slashdot.org/story/17/08/28/1725232 Cheers, Peter -- Peter Reutemann Dept. of Computer Science University of Waikato, NZ +64 (7) 858-5174 http://www.cms.waikato.ac.nz/~fracpete/ http://www.data-mining.co.nz/

3 years, 11 months

A Year After Mirai: DVR Torture Chamber Test Shows Two Minutes Between Exploits

by Peter Reutemann

'Over two days, the Internet Storm Center connected a default configured DVR to the internet, and rebooted it every 5 minutes in order to allow as many bots as possible to infect it. They detected about one successful attack (using the correct password xc3511) every 2 minutes. Most of the attackers were well known vulnerable devices. A year later, what used to be known as the "Mirai" botnet has branched out into many different variants. But it looks like much hyped "destructive" variants like Brickerbot had little or no impact.' -- source: https://it.slashdot.org/story/17/08/28/1812242 Cheers, Peter -- Peter Reutemann Dept. of Computer Science University of Waikato, NZ +64 (7) 858-5174 http://www.cms.waikato.ac.nz/~fracpete/ http://www.data-mining.co.nz/

3 years, 11 months

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

2001

2000

1999

wlug August 2017