Another example of the downsides of abstraction, whether AI can ever be truly “open source”, and the security benefits and drawbacks of different types of VPN. Plug Support us on patreon and get an ad-free RSS feed with early episodes sometimes News/discussion Hackers infect ISPs with malware that steals customers’ credentials Debate over “open sou…

AMD will patch some old Ryzens against SinkClose now, but their benchmarking methods for newer CPUs didn’t live up to everyday reality. Plus Bcachefs devs annoy Linus Torvalds, the US government sues a college over compliance issues, and Jim disappoints a patron. Plug Support us on patreon and get an ad-free RSS feed with early episodes sometimes N…

Insecure SSH implementations and a weak key that let a researcher control 200 MW of electrical capacity reignites the debate about versioned protocols vs pluggable protocols, follow-up on sharing files from your LAN with people on the Internet, and the pros and cons of encrypted backups. Plug Support us on patreon and get an ad-free RSS feed with e…

Forcing Windows to undo updates and a separate IPv6 vulnerability, hardware bugs in AMD and Intel CPUs, and using Samba on Linux with Active Directory. Plug Support us on patreon and get an ad-free RSS feed with early episodes sometimes News Your victim’s Windows PC fully patched? Just force undo its updates and exploit away CVE-2024-38063 – Securi…

Secure boot is compromised on hundreds of devices, Amazon’s desperate attempt to make money from Alexa, and how to decide which open source software on GitHub to trust. Plug Support us on patreon and get an ad-free RSS feed with early episodes sometimes News/discussion Secure Boot is completely broken on 200+ models from 5 big device makers old and…

How and why the recent huge Windows outage was caused by a bad CrowdStrike update and how it could have been avoided, a hilariously dumb ESXi vulnerability, and using SAS drives with a PCIe card. Plug Support us on patreon and get an ad-free RSS feed with early episodes sometimes News A closer look at what caused the CrowdStrike Windows crashes Ran…

How a Bitcoin mine made life in a Texas town absolutely miserable, why paying for extended support for end of life Windows versions is just doubling down on technical debt, and the best way to manage router redundancy. Plug Support us on patreon and get an ad-free RSS feed with early episodes sometimes News/discussion Inside the ‘Nightmare’ Health …

A widely-used login system is still using MD5 which is bad news, miscreants took over some domains when they moved from Google to Squarespace, Linksys’ sloppy app isn’t a huge problem but is a bad sign, and why backing up an Android phone in one go is pretty much impossible without root. Plug Support us on patreon and get an ad-free RSS feed with e…

We didn’t get to all of your questions for our Episode 200 free consulting special so here is another full episode of your questions and our answers. Our thoughts on a new UK smart devices law, backing up 30TB off-site, how to learn ZFS, SMB vs other ways to share files, and backing up secrets. Smart devices: new law helps citizens to choose secure…

Why we didn’t mention pocket fluff when we talked about USB-C charging issues, Microsoft abandons its promising underwater data center experiment and didn’t monitor it’s SSL certs, why you should be careful which WordPress plugins and themes you install,an Australian ISP’s tech debt comes due, and remoting into desktop Linux. Plug Support us on pat…

Vulnerabilities in Asus hardware make us think there should be some regulations about what can be sold as a router, a VPN feature that we hadn’t heard of is removed from Windows, and why we don’t believe that Microsoft will ever take security as seriously as they claim. Plug Support us on patreon and get an ad-free RSS feed with early episodes some…

It’s our episode 200 free consulting special. Jim and Allan answer your questions about hard drive availability, USB-C robustness, ZFS performance on a VPS, cold storage with a 2.5″ form factor, how we gained our level of knowledge, disk enclosure issues, and monitoring Windows servers. Tailscale Tailscale is an easy to deploy, zero-config, no-fuss…

How to prepare for your loved ones to have the access they need if the worst unexpectedly happens, Joe’s weird issues with wireless access points, and dealing with email accounts that shouldn’t exist. Plug Support us on patreon and get an ad-free RSS feed with early episodes sometimes News/discussion After you die, your Steam games will be stuck in…

Microsoft is tightening up SMB security in Windows which might break access to your old NAS, a Cogent root-server mysteriously goes out of sync without them spotting it, and protecting hard drives from electromagnetic pulses. Plug Support us on patreon and get an ad-free RSS feed with early episodes sometimes News Installing Windows 11 24H2 might m…

Linux kernel developers were infected with malware for 2 years, another nail in the coffin of proper federated email as Exchange Server moves to a subscription model, followup on zfsbootmenu and IPv6, and learning unfamiliar topics. Plug Support us on patreon and get an ad-free RSS feed with early episodes sometimes News/discussion Linux maintainer…

Microsoft’s new Copilot+ feature will record everything you are doing on your computer for some reason, but it will only work on new Arm hardware for now. Plus Apple’s weird iOS bug that restored deleted files and photos, and sharing files over the Internet from a NAS on your LAN. Plugs Support us on patreon and get an ad-free RSS feed with early e…

Why Windows 10 might be gaining users at Windows 11’s expense, an old DHCP option is a potential risk for VPN users, we should probably say “renting” rather than “buying”domains, and avoiding tracking when using IPv6. Plugs Support us on patreon and get an ad-free RSS feed with early episodes sometimes Jim was on Late Night Linux again News Has Win…

Mastodon’s link previews are causing downtime for web servers without properly configured caching, locking down DNS inside Windows networks, why using write-once backup media is a bad idea, and increasing the performance of a Microsoft SQL Server with SSDs and ZFS. Plugs Support us on patreon and get an ad-free RSS feed with early episodes sometime…

How a smart TV broke a Windows machine on the same network by pretending to be hundreds of different TVs, Jim’s alarming theory about AI malware, and encrypting offsite backups. Plug Support us on patreon and get an ad-free RSS feed with early episodes sometimes News/discussion Is your PC having trouble? Your smart TV might be to blame Free Consult…

ZFS on root is back in the Ubuntu installer but there’s a better way to do it, next-generation hard drives are proving to be reliable but prices are going up thanks to storage-hungry AI, why getting started with ZFS is really easy, and the best filesystem for a single SSD (take a guess). Plugs Support us on patreon and get an ad-free RSS feed with …

Why updating iPhones in their sealed boxes might have some downsides, Amazon’s “AI” turned out to just be people, LLMs hallucinating imaginary dependencies is potentially a security risk, Aruba backs up its government data to the Internet Archive, and disk queue schedulers in Linux. Plug Support us on patreon and get an ad-free RSS feed with early …

A backdoor has been found in xz-utils, OpenZFS improves ZVOL performance on Linux, Twitter devs fail at regex, and adding SATA ports to a home NAS. Plug Support us on patreon and get an ad-free RSS feed with early episodes sometimes Hybrid Cloud Show is a new show that’s part of the Late Night Linux Family! News backdoor in upstream xz/liblzma lead…

Glassdoor seemingly doesn’t understand its raison d’etre, Telegram wants to cheap out on sending verification codes, law enforcement makes YouTube give them details of everyone who watched certain videos, and tuning a low end VPS to host a blog. Plug Support us on patreon and get an ad-free RSS feed with early episodes sometimes News/discussion Use…

The FreeBSD version of TrueNAS is going away, a major Apple antitrust case begins, encrypted LLM chat responses are relatively easy to read, and scaling a fleet of FreeBSD hosts with jails. Plug Support us on patreon and get an ad-free RSS feed with early episodes sometimes News TrueNAS CORE 13 is the end of the FreeBSD version zVault Apple’s antit…

Prison officials took away inmate student laptops for no good reason, Warner Bros. ruined gamers’ experiences, Google’s terrible office WiFi, and managing gold images. Plug Support us on patreon and get an ad-free RSS feed with early episodes sometimes News/discussion An engineer bought a prison laptop on eBay. Then 1,200 incarcerated students lost…

Roku stops its users watching TV until they accept a new ToS, the line between journalism and computer fraud and abuse, and when using jumbo frames on a network makes sense. Plug Support us on patreon and get an ad-free RSS feed with early episodes sometimes News Roku disables players and TVs with attempt to coerce arbitration agreement Over 15,000…

The boss of Nvidia says kids don’t need to code because they can just use AI, companies sell their users’ data to train models, and why 2.5Gbps networking probably isn’t worth bothering with. Plug Support us on patreon and get an ad-free RSS feed with early episodes sometimes News/discussion Jensen Huang says kids shouldn’t learn to code — they sho…

More cameras leak footage, Avast is fined for selling user data, a vending machine quietly scans students’ faces, using a small NVMe drive with ZFS, and taking snapshots of VMs. Plug Support us on patreon and get an ad-free RSS feed with early episodes sometimes News “So violated”: Wyze cameras leak footage to strangers for 2nd time in 5 months Ava…

Why it’s not a great idea to install Windows 11 on unsupported hardware, quantum computing hype has been replaced by AI, toothbrushes can’t be part of a botnet, Google has killed cached search results, and testing your backups. Plugs Support us on patreon and get an ad-free RSS feed with early episodes sometimes News/discussion Windows 11 24H2 goes…

Nginx is forked, Broadcom/VMware kills ESXi, dedup is finally fixed in ZFS, using multiple network interfaces on a NAS, and more. Plugs Support us on patreon and get an ad-free RSS feed with early episodes sometimes News announcing freenginx.org Broadcom-owned VMware kills the free version of ESXi virtualization software OpenZFS Native Encryption U…

Trying to report a security issue lands a consultant in trouble, a new take on the drop shipping scam, setting up your first NAS – including the benefits of RAID, picking a distro, choosing the right disk size, and more. Plug Support us on patreon and get an ad-free RSS feed with early episodes sometimes News/discussion IT consultant in Germany fin…

Microsoft’s rudimentary error that allowed an attacker access to its executives’ emails, Pixel phones have another serious storage bug, hidden malware payload found at Ars Technica, and when to upgrade your hardware for Windows 11. Plugs Support us on patreon and get an ad-free RSS feed with early episodes sometimes BSDCan 2024 – Call for papers Ne…

Y2K was a pretty serious problem and 2038 is coming soon, work on Arm servers is improving the experience on the desktop, and what to do with an old unsupported Synology NAS. Plugs Support us on patreon and get an ad-free RSS feed with early episodes sometimes OpenZFS Best Practices: Part 2: File Serving and SANs News/discussion The ‘nothing-happen…

Hard drives are pretty much an enterprise product now, GitHub’s malware problem, and spreading services across different machines and VMs to keep downtime to a minimum. Plugs Support us on patreon and get an ad-free RSS feed with early episodes sometimes OpenZFS Storage Best Practices and Use Cases Part 1: Snapshots and Backups News Hard disk drive…

Why the problems with open source licenses aren’t quite as easy to fix as some people think, the reasons you should never pay ransomware gangs, and running a Nagios distro on a Raspberry Pi. Plug Support us on patreon and get an ad-free RSS feed with early episodes sometimes News/discussion What comes after open source? Bruce Perens is working on i…

What does “incognito mode” in Chrome actually mean and whether documenting browser standards in code is a good idea, the serious implications of a fun story about messing with a ChatGPT instance, and maximizing performance when using mixed disk types on ZFS mirrored vdevs. Plug Support us on patreon and get an ad-free RSS feed with early episodes s…

Twitch pulls out of Korea thanks to the opposite of Net Neutrality, it’s not clear to what extent smart devices are listening to your conversations, more on water usage in data centers, and our thoughts on mandatory access controls. Plug Support us on patreon and get an ad-free RSS feed with early episodes sometimes News Twitch to shut down in Kore…

What you need to know about the recent SSH vulnerability, yet another privacy issue with cloud-connected security cameras, why it’s difficult to get to the bottom of an obscure ZFS encryption bug, and more. Plug Support us on patreon and get an ad-free RSS feed with early episodes sometimes News SSH protects the world’s most sensitive networks. It …

Google Drive client users lost months of files, a feature of UEFI that has left millions of computers potentially vulnerable to persistent malware, and why you probably shouldn’t buy cheap resold volume Windows licenses. Plugs Support us on patreon to get ad-free episodes that are sometimes a day or so early. News/discussion Google Drive users say …

Jim and Allan break down the details of the recent ZFS data corruption bug, and give their tips for managing a fleet of 40+ servers. Plug Support us on patreon and get an ad-free RSS feed with early episodes sometimes News Two new versions of OpenZFS fix long-hidden corruption bug Free Consulting We were asked about managing 40+ servers. Automox Sa…

Why a small island nation’s top level domain ended up with such a terrible reputation, an ssh vulnerability that’s not as scary as it sounds, whether software can be “finished”, and using powerline or WiFi for security cameras. Plugs Support us on patreon and get an ad-free RSS feed with early episodes sometimes News How a tiny Pacific Island becam…

Why and how Allan installed a set of new Power over Ethernet wireless access points, and our hardware recommendations for a media server and NAS in one. Allan’s new WiFi setup Access points Controller Free Consulting We were asked for hardware recommendations for a media server and NAS in one. HelloFresh With HelloFresh, you get farm-fresh, pre-por…

A Cloudflare outage shines a light on sloppy data center practices, and why you shouldn’t run a mail server at home. Plus followup on the Android multi-user bug, package managers on Windows, and Toshiba hard drives. Plugs Support us on patreon and get an ad-free RSS feed with early episodes sometimes News/discussion Cloudflare claims Flexential dat…

Okta seems to not be taking its security seriously enough, crashing iPhones is far easier than it should be, Jim’s report from the Ubuntu Summit, and what to do when you find a company’s sensitive data on the Internet. Plugs Support us on patreon and get an ad-free RSS feed with early episodes sometimes News No, Okta, senior management, not an erra…

The large water consumption of AI and data centers in general, China’s big push towards IPv6, why we don’t talk about Toshiba hard drives very often, and the implications of poor Bluetooth security on an e-bike. Plugs Support us on patreon Unlocking Infrastructure Sovereignty: Harnessing the Power of Open Source Solutions for Business Flexibility a…

What Google should do to prevent malware sites in their ads, why you might want to avoid using multiple profiles on Android devices, a speculative execution vulnerability in Apple Silicon, and the pros and cons of TP-Link Omada and Ubiquiti Unifi. Plugs Support us on patreon News Clever malvertising attack uses Punycode to look like KeePass’s offic…

The nuances of copyrighting AI-generated art, getting the best speeds with Samba, and building an SSD-only NAS. News/discussion Opinion: The Copyright Office is making a mistake on AI-generated art Free Consulting We were asked about building an SSD-only NAS. Kolide Kolide ensures that if a device isn’t secure, it can’t access your apps. It’s Devic…

Why enabling password autofill isn’t a great idea, Jim’s adventures in network repair, and setting up a home router/WiFi hotspot. Feedback Don’t use autofill on your password manager Story Time Adventures in network repair Free Consulting We were asked about hardware for a home router/Wi-Fi hotspot. HelloFresh With HelloFresh, you get farm-fresh, p…

A network breach teaches us all a valuable lesson about threat models, Allan and Jim’s TV setups, and picking the right external storage solution. Plugs Support us on patreon News/discussion How Google Authenticator made one company’s network breach much, much worse Amolith’s wiki page about passwords Feedback Allan’s TV remote control Free Consult…

Google and Apple do a bad job of disclosing a pretty serious vulnerability, why hard drives aren’t physically bigger, and setting up a distributed backup system with a group of friends. Plugs Support us on patreon News Submit your ideas or articles – OpenSource.net Incomplete disclosures by Apple and Google create “huge blindspot” for 0-day hunters…