Does Wi-Fi Security Really Matter?
by Lawrence D'Oliveiro
Seems the Wi-Fi Alliance is having yet another crack at coming up with
a really secure protocol, this time to be called WPA3
<http://www.theregister.co.uk/2018/01/09/wi_fi_wpa3/>.
Does anybody care? Remember that on the Internet, security is
implemented between the endpoints, the protocols are designed not to
care that everything in-between might be pawed through by
eavesdroppers, or even active attackers trying to inject fake data.
1 year, 1 month
Booting a Raspberry-Pi 3B without using a SD-Card
by Ian Stewart
Hi,
If you have a Raspberry Pi Model 3B, then you may be able use it with no micro SD-Card and have it boot Raspbian off a USB flash drive stick.
I have found this possible with an Apacer AH356 64GB USB 3.1 Flash Drive<https://www.pbtech.co.nz/product/MEMAPC11464/Apacer-AH356-64GB-USB-31-Fla...> stick that I bought from PB-Tech a couple of weeks ago for $21.85.
Admittedly you can buy a micro SD-card like the Apacer 64GB microSDXC UHS-I Class10<https://www.pbtech.co.nz/product/MEMAPC81064/Apacer-64GB-microSDXC-UHS-I-...> from PB-Tech for $28.75 and put Raspbian onto it. So using the USB flash drive stick only saves a few dollars.
However, there may be other advantages over using a USB flash drive vs. a micro SD-Card for the Raspbian OS. For example, you can shutdown the Raspberry Pi and remove the USB stick, take it to another computer, and backup your data.
I also installed the Raspbian distro onto WD Elements Portable 2TB 2.5" USB 3.0 External HDD<https://www.pbtech.co.nz/product/HDDWDX2621/WD-Elements-Portable-2TB-25-U...> which PB-Tech sell for $129. The R-Pi (with no SD-Card) would not boot this drive. Possibly because the USB drive is too slow to initialize after power on???
I also found that the R-Pi would not boot up Raspbian on an old 8GB Kingston USB flash drive. Maybe its too slow to initialize???
All the above tests were done using the current latest Raspbian release which is dated 2018_10_09.
FYI: Below are details on how to install the Raspbian distro image onto a USB flash drive stick.
cheers,
Ian.
Installing the Raspbian distro onto USB flash drive...
Download the latest 1.4GB Raspbian distribution file: 2018-10-09-raspbian-stretch.zip
Unzip the file to create a 4.1GB image file: 2018-10-09-raspbian-stretch.img
Copy the 4.1GB image to a USB flash drive stick...
$ sudo dd bs=4M if=2018-10-09-raspbian-stretch.img of=/dev/sdX status=progress conv=fsync
Note: For the device /dev/sdX replace the X with the drive letter of your USB flash drive stick. e.g. /dev/sdc
Insert the USB flash drive stick into the R-Pi model 3B. Remove any SD-Card that may be installed in the Raspberry Pi.
Power on the R-Pi. After about 10 seconds the colourful POST display will appear, and the USB stick will commence its first boot. It will detect that it is a 4.1GB partition, expand to being a partition that fills the whole of the USB flash drive stick and reboot. The second reboot will be slow and takes about one minute. I assume it is expanding the squashed file system??? Subsequent reboots are faster.
1 year, 7 months
IBM To Buy Red Hat, the Top Linux Distributor, For $34 Billion
by Peter Reutemann
'International Business Machines (IBM) is acquiring software maker Red
Hat in a deal valued at $34 billion, the companies said Sunday. From a
report:
The purchase, announced on Sunday afternoon, is the latest competitive
step among large business software companies to gain an edge in the
fast-growing market for Internet-style cloud computing. In June,
Microsoft acquired GitHub, a major code-sharing platform for software
developers, for $7.5 billion. IBM said its acquisition of Red Hat was
a move to open up software development on computer clouds, in which
software developers write applications that run on remote data
centers.
>From a press release:
This acquisition brings together the best-in-class hybrid cloud
providers and will enable companies to securely move all business
applications to the cloud. Companies today are already using multiple
clouds. However, research shows that 80 percent of business workloads
have yet to move to the cloud, held back by the proprietary nature of
today's cloud market. This prevents portability of data and
applications across multiple clouds, data security in a multi-cloud
environment and consistent cloud management.
IBM and Red Hat will be strongly positioned to address this issue and
accelerate hybrid multi-cloud adoption. Together, they will help
clients create cloud-native business applications faster, drive
greater portability and security of data and applications across
multiple public and private clouds, all with consistent cloud
management. In doing so, they will draw on their shared leadership in
key technologies, such as Linux, containers, Kubernetes, multi-cloud
management, and cloud management and automation. IBM's and Red Hat's
partnership has spanned 20 years, with IBM serving as an early
supporter of Linux, collaborating with Red Hat to help develop and
grow enterprise-grade Linux and more recently to bring enterprise
Kubernetes and hybrid cloud solutions to customers. These innovations
have become core technologies within IBM's $19 billion hybrid cloud
business. Between them, IBM and Red Hat have contributed more to the
open source community than any other organization.'
-- source: https://linux.slashdot.org/story/18/10/28/1859245
That completely flew under the radar! I still remember from my Unix
sysadmin course at uni back in the days (using IBM's AIX), when an IBM
guy came in for some guest lectures and mentioned that they are
ramping up their investment in Linux and also offer Linux next to
their own AIX Unix systems. Well, Linux has definitely come a long
way!
Cheers, Peter
--
Peter Reutemann
Dept. of Computer Science
University of Waikato, NZ
+64 (7) 858-5174
http://www.cms.waikato.ac.nz/~fracpete/
http://www.data-mining.co.nz/
1 year, 7 months
'Open Source Creators: Red Hat Got $34 Billion and You Got $0. Here's Why.'
by Peter Reutemann
'Donald Fischer, who served as a product manager for Red Hat
Enterprise Linux during its creation and early years of growth,
writes:
Red Hat saw, earlier than most, that the ascendance of open source
made the need to pay for code go away, but the need for support and
maintenance grew larger than ever. Thus Red Hat was never in the
business of selling software, rather it was in the business of
addressing the practical challenges that have always come along for
the ride with software. [...] As an open source developer, you created
that software. You can keep your package secure, legally documented,
and maintained; who could possibly do it better? So why does Red Hat
make the fat profits, and not you? Unfortunately, doing business with
large companies requires a lot of bureaucratic toil. That's doubly
true for organizations that require security, legal, and operational
standards for every product they bring in the door. Working with these
organizations requires a sales and marketing team, a customer support
organization, a finance back-office, and lots of other "business
stuff" in addition to technology. Red Hat has had that stuff, but you
haven't.
And just like you don't have time to sell to large companies, they
don't have time to buy from you alongside a thousand other open source
creators, one at a time. Sure, big companies know how to install and
use your software. (And good news! They already do.) But they can't
afford to put each of 1100 npm packages through a procurement process
that costs $20k per iteration. Red Hat solved this problem for one
corner of open source by collecting 2,000+ open source projects
together, adding assurances on top, and selling it as one subscription
product. That worked for them, to the tune of billions. But did you
get paid for your contributions?'
-- source: https://linux.slashdot.org/story/18/10/31/1520256
Cheers, Peter
--
Peter Reutemann
Dept. of Computer Science
University of Waikato, NZ
+64 (7) 858-5174
http://www.cms.waikato.ac.nz/~fracpete/
http://www.data-mining.co.nz/
1 year, 7 months
The CAP Theorem Strikes Again
by Lawrence D'Oliveiro
There is a fundamental rule with distributed databases: you can pick
any two of:
* Maintaining data Consistency across the entire network
* Maintaining data Availability across the entire network
* Being able to deal with a Partitioning of the network into two or
more disconnected pieces
but you can never have all three.
An example of this is the outage at GitHub earlier this month
<https://www.theregister.co.uk/2018/10/31/github_lost_a_network_link_for_4...>.
A link broke between the east-coast and west-coast halves of their
network, and in an effort to maintain ongoing service availability on
both sides of the partition, they ended up sacrificing consistency of
the data. Which came back to bite them when the link was
re-established, and the inconsistency could not easily be resolved.
1 year, 7 months
The DNS Encryption Controversy
by Lawrence D'Oliveiro
There is a rather acrimonious argument currently going on among the
Internet technorati over two different competing protocols for
implementing encryption of domain name (DNS) queries
<https://www.theregister.co.uk/2018/10/30/doh-contorversy/>. One of
them is called “DNS-over-TLS” and the other is “DNS-over-HTTPS”. The
former passes the DNS queries over its own TLS-encrypted connection,
while the latter piggybacks on good old HTTP, using the latter’s TLS
capability instead.
The former is clearly simpler, and one might say “purer”, but the latter
is deliberately designed to make it hard to tell what DNS queries a user
might be making, since they become indistinguishable from regular HTTPS
connections.
So the question becomes, do you see this obfuscation as a good thing or
a bad thing? It is intended to prevent snoops (both Governmental and
non-Governmental) from invading the privacy of users, but it also blocks
“legitimate” analysis of traffic by network admins trying to manage
their systems as well.
Clearly, you can’t do one without the other. So is the price worth
paying?
1 year, 7 months
Fedora 29 Released
by Peter Reutemann
'Fedora 29 is released today. Among the new features are the ability
to allow parallel installation of packages such as Node.js.
Fedora 29 also supports ZRAM (formerly called compcache) for ARMv7 and
v8. In addition to the more efficient use of RAM, it also increases
the lifespan of microSD cards on the Raspberry Pi as well as other
SBCs.
"Additionally, UEFI for ARMv7 is now supported in Fedora 29, which
also benefits Raspberry Pi users," reports TechRepublic. "Fedora
already supported UEFI on 64-bit ARM devices."'
-- source: https://linux.slashdot.org/story/18/10/30/229249
Cheers, Peter
--
Peter Reutemann
Dept. of Computer Science
University of Waikato, NZ
+64 (7) 858-5174
http://www.cms.waikato.ac.nz/~fracpete/
http://www.data-mining.co.nz/
1 year, 7 months
You Can Play Over 2, 600 Windows Games on Linux Via Steam Play
by Peter Reutemann
'At the end of August, Valve announced a new version of Steam Play for
Linux that included Proton, a WINE fork that made many Windows games,
including more recent ones ,such as Witcher 3, Dark Souls 3 and
Dishonored, playable on Linux. Just two months later, ProtonDB says
there are over 2,600 Windows games that users can play on Linux, and
the number is rapidly growing daily. From a report:
When Valve Software launched Steam Play with Proton, it made it easier
for gamers to play Windows games that hadn't yet been ported to Linux
with the click of a button. Not all games may run perfectly on Linux,
but that's also often the case with Windows 10, which can not play
older games as well as previous versions of Windows did, even under
Compatibility Mode. In only two months, the database of games that
work with Proton has increased to over 2,600 -- more than half of the
5,000 Linux-native games that can be obtained through the Steam
store.'
-- source: https://linux.slashdot.org/story/18/10/29/1721258
Cheers, Peter
--
Peter Reutemann
Dept. of Computer Science
University of Waikato, NZ
+64 (7) 858-5174
http://www.cms.waikato.ac.nz/~fracpete/
http://www.data-mining.co.nz/
1 year, 7 months