From sahil at tandon.net Thu Dec 2 00:16:33 2010 From: sahil at tandon.net (Sahil Tandon) Date: Thu, 2 Dec 2010 00:16:33 -0500 Subject: [nycbug-talk] BSD based web hosting In-Reply-To: <20101201015643.GB1277@bonnie.galis.org> References: <4CF5A835.6090603@langille.org> <20101201015643.GB1277@bonnie.galis.org> Message-ID: <20101202051633.GA29409@magic.hamla.org> On Tue, 2010-11-30 at 17:57:06 -0800, George Georgalis wrote: > >On 11/30/2010 2:33 PM, mikel king wrote: > >>Greetings all. > >> > >>I know this pops up on the list every once in a while but perhaps there is some updated information out there. I am researching BSD based hosting providers for a forthcoming article on BSD News. > >> > >>I am looking for specific categories; > >>Basic Hosting (these are the budget guys a la Dreamhost types, that do Web, DNS& email) > >>Virtual Server Hosting (self explanatory, VM rental) > >>Physical Server Hosting (self explanatory, Server rental) > >>Physical Server colocation (You own the box, and rack it at some place like Pilosoft) > >> > >>It would also be helpful if you've used a particular provider's service. Especially if you can either recommend or not and are interested in being mentioned please note this off list to me. > > I've been using http://www.m5hosting.com/ > for about a year or so. Excellent all around. +1; m5hosting is great. -- Sahil Tandon From siraaj at khandkar.net Thu Dec 2 00:39:55 2010 From: siraaj at khandkar.net (Siraaj Khandkar) Date: Thu, 2 Dec 2010 00:39:55 -0500 Subject: [nycbug-talk] BSD based web hosting In-Reply-To: References: Message-ID: On 30 Nov 2010, at 14:33, mikel king wrote: > Greetings all. > > I know this pops up on the list every once in a while but perhaps > there is some updated information out there. I am researching BSD > based hosting providers for a forthcoming article on BSD News. > > I am looking for specific categories; > Basic Hosting (these are the budget guys a la Dreamhost types, that do > Web, DNS & email) > Virtual Server Hosting (self explanatory, VM rental) Randal Schwartz has reported that he's very happy running FreeBSD VM from http://arpnetworks.com/ They also offer OpenBSD and "most" Linux distros. Currently not accepting new orders due to hardware limits, but saying they'll gear-up by Dec 7th. I am anxiously waiting to give them a try! There are others offering BSD VM's, but these guys seem to have the best prices and some cool features (like serial console login over SSH). > Physical Server Hosting (self explanatory, Server rental) > Physical Server colocation (You own the box, and rack it at some place > like Pilosoft) It looks like they offer this as well (out of LA), but I haven't looked into it, as I have no need for that service right now. -- Siraaj Khandkar From lists at stringsutils.com Thu Dec 2 17:05:51 2010 From: lists at stringsutils.com (Francisco Reyes) Date: Thu, 02 Dec 2010 17:05:51 -0500 Subject: [nycbug-talk] BSD based web hosting References:

Message-ID: Siraaj Khandkar writes: > Randal Schwartz has reported that he's very happy running FreeBSD VM > from http://arpnetworks.com/ +1 on arpnetworks. One feature I really that they have, although I have not used it, is the ability to connect to your machine through VNC so you can work on the VM as it boots. They also have options to reboot the machine. They also have bandwith graphs. arpnetworks I think uses KVM for virtulization. I also use http://www.bsdvm.com because they offer unlimited bandwith. I believe bsdvm is VMware based. Lastly, and the one I have been using the longest, http://hub.org. It is FreeBSD jails based. This one is a good mix between having full access to the machine and having most common functionality already built in and automated. Arp and bsdvm you get a VM and the rest if totally up to you. From george at ceetonetechnology.com Fri Dec 3 10:23:35 2010 From: george at ceetonetechnology.com (George Rosamond) Date: Fri, 03 Dec 2010 10:23:35 -0500 Subject: [nycbug-talk] 111 8th Acquired by Google Message-ID: <4CF90B77.5020501@ceetonetechnology.com> Wow. http://www.datacenterknowledge.com/archives/2010/12/03/wsj-google-has-bought-111-8th-avenue/ g From lists at stringsutils.com Fri Dec 3 11:22:27 2010 From: lists at stringsutils.com (Francisco Reyes) Date: Fri, 03 Dec 2010 11:22:27 -0500 Subject: [nycbug-talk] 111 8th Acquired by Google References: <4CF90B77.5020501@ceetonetechnology.com> Message-ID: George Rosamond writes: > http://www.datacenterknowledge.com/archives/2010/12/03/wsj-google-has-bought-111-8th-avenue/ >From reading the article it seems Google just wanted "well connected" office space. Because of electricity prices it seems unlikely they would build up their server farm in there. Hell of an expensive way to build up office space. :-) From robin.polak at gmail.com Fri Dec 3 11:45:17 2010 From: robin.polak at gmail.com (Robin Polak) Date: Fri, 3 Dec 2010 11:45:17 -0500 Subject: [nycbug-talk] 111 8th Acquired by Google In-Reply-To: References: <4CF90B77.5020501@ceetonetechnology.com> Message-ID: On Fri, Dec 3, 2010 at 11:22, Francisco Reyes wrote: > George Rosamond writes: > >> >> http://www.datacenterknowledge.com/archives/2010/12/03/wsj-google-has-bought-111-8th-avenue/ > >> From reading the article it seems Google just wanted "well connected" >> office > > space. Because of electricity prices it seems unlikely they would build up > their server farm in there. Hell of an expensive way to build up office > space. :-) > _______________________________________________ > talk mailing list > talk at lists.nycbug.org > http://lists.nycbug.org/mailman/listinfo/talk > Google sure knows how to make a splash in the press. -- Robin Polak E-Mail: robin.polak at gmail.com V. 917-494-2080 -- Robin Polak E-Mail: robin.polak at gmail.com V. 917-494-2080 From zippy1981 at gmail.com Fri Dec 3 11:53:30 2010 From: zippy1981 at gmail.com (Justin Dearing) Date: Fri, 3 Dec 2010 11:53:30 -0500 Subject: [nycbug-talk] Fwd: 111 8th Acquired by Google In-Reply-To: References: <4CF90B77.5020501@ceetonetechnology.com> Message-ID: ---------- Forwarded message ---------- From: Justin Dearing Date: Fri, Dec 3, 2010 at 11:36 AM Subject: Re: [nycbug-talk] 111 8th Acquired by Google To: Francisco Reyes On Fri, Dec 3, 2010 at 11:22 AM, Francisco Reyes wrote: > > From reading the article it seems Google just wanted "well connected" >> office >> > space. Because of electricity prices it seems unlikely they would build up > their server farm in there. Hell of an expensive way to build up office > space. :-) > > Maybe their afraid of opening up a data center in the flyover states because they feel the top talent from those areas all got to seaboard tech hubs ASAP. -------------- next part -------------- An HTML attachment was scrubbed... URL: From chsnyder at gmail.com Fri Dec 3 13:26:40 2010 From: chsnyder at gmail.com (Chris Snyder) Date: Fri, 3 Dec 2010 13:26:40 -0500 Subject: [nycbug-talk] Fwd: 111 8th Acquired by Google In-Reply-To: References: <4CF90B77.5020501@ceetonetechnology.com> Message-ID: On Fri, Dec 3, 2010 at 11:53 AM, Justin Dearing wrote: > Maybe their afraid of opening up a data center in the flyover states because > they feel the top talent from those areas all got to seaboard tech hubs > ASAP. > Maybe "free loft apartment with Hudson River View" is a nice incentive for talent you are trying to lure away from other companies. An architect friend was just saying the other day that he's surprised Google's NY office isn't more of a campus. From bulk at zaunere.com Fri Dec 3 13:53:07 2010 From: bulk at zaunere.com (Hans Zaunere) Date: Fri, 3 Dec 2010 13:53:07 -0500 Subject: [nycbug-talk] Fwd: 111 8th Acquired by Google In-Reply-To: References: <4CF90B77.5020501@ceetonetechnology.com> Message-ID: <003701cb931b$53c01b50$fb4051f0$@zaunere.com> > > Maybe their afraid of opening up a data center in the flyover states because > > they feel the top talent from those areas all got to seaboard tech hubs > > ASAP. > > Maybe "free loft apartment with Hudson River View" is a nice incentive > for talent you are trying to lure away from other companies. And free high-speed internet? :P H From zippy1981 at gmail.com Fri Dec 3 14:03:24 2010 From: zippy1981 at gmail.com (Justin Dearing) Date: Fri, 3 Dec 2010 14:03:24 -0500 Subject: [nycbug-talk] Fwd: 111 8th Acquired by Google In-Reply-To: References: <4CF90B77.5020501@ceetonetechnology.com> Message-ID: On Fri, Dec 3, 2010 at 1:26 PM, Chris Snyder wrote: > On Fri, Dec 3, 2010 at 11:53 AM, Justin Dearing > wrote: > > > Maybe their afraid of opening up a data center in the flyover states > because > > they feel the top talent from those areas all got to seaboard tech hubs > > ASAP. > > > > Maybe "free loft apartment with Hudson River View" is a nice incentive > for talent you are trying to lure away from other companies. > > Different sides of the same coin. Companies like google make working in tech hubs (Lower CA, NY, Boston, etc) attractive by offering attractive campuses and great fringe benefits. Young talented ambitious CS grads flock to these places because thats where they can get the best perks. Justin -------------- next part -------------- An HTML attachment was scrubbed... URL: From o_sleep at belovedarctos.com Sat Dec 4 11:40:13 2010 From: o_sleep at belovedarctos.com (Bjorn Nelson) Date: Sat, 04 Dec 2010 11:40:13 -0500 Subject: [nycbug-talk] 111 8th Acquired by Google In-Reply-To: References: <4CF90B77.5020501@ceetonetechnology.com> Message-ID: <4CFA6EED.4000502@belovedarctos.com> On 12/3/2010 11:22 AM, Francisco Reyes wrote: > George Rosamond writes: > >> http://www.datacenterknowledge.com/archives/2010/12/03/wsj-google-has-bought-111-8th-avenue/ >> > >> From reading the article it seems Google just wanted "well connected" >> office > space. Because of electricity prices it seems unlikely they would > build up their server farm in there. Hell of an expensive way to build > up office space. :-) Form what I remember of this place, there are tons of various vendor cages with servers in them on at least a couple of the floors. So this purchase not only gives them the above but also close proximity to their customers and possible competitors. When your favorite website's sysadmin has to head in to the cage to fix a server, they will be able to stop by a google office where they can demo them a new infrastructure tool. It's along the lines of one of Machiavelli's suggestions, to move your kingdom to the nation you just conquered if you want to convert it to your own. That or they have a patent for a massively distributed broom handle and they want to rule the world with a low cost noc reboot service. -Bjorn From okan at demirmen.com Sun Dec 5 12:59:58 2010 From: okan at demirmen.com (Okan Demirmen) Date: Sun, 5 Dec 2010 12:59:58 -0500 Subject: [nycbug-talk] BSD based web hosting In-Reply-To: References: Message-ID: <20101205175958.GF27348@clam.khaoz.org> On Tue 2010.11.30 at 14:33 -0500, mikel king wrote: > Greetings all. > > I know this pops up on the list every once in a while but perhaps there is some updated information out there. I am researching BSD based hosting providers for a forthcoming article on BSD News. > > I am looking for specific categories; > Basic Hosting (these are the budget guys a la Dreamhost types, that do Web, DNS & email) > Virtual Server Hosting (self explanatory, VM rental) > Physical Server Hosting (self explanatory, Server rental) > Physical Server colocation (You own the box, and rack it at some place like Pilosoft) > > It would also be helpful if you've used a particular provider's service. Especially if you can either recommend or not and are interested in being mentioned please note this off list to me. jtan.com pair.com Disclaimer: I've used both of them in the past and have no problems recommending either - YMMV. From james at uncryptic.com Sun Dec 5 13:21:08 2010 From: james at uncryptic.com (James Polera) Date: Sun, 5 Dec 2010 13:21:08 -0500 Subject: [nycbug-talk] BSD based web hosting In-Reply-To: <20101205175958.GF27348@clam.khaoz.org> References: <20101205175958.GF27348@clam.khaoz.org> Message-ID: +1 for ARP Networks and http://www.rootbsd.net/ is pretty good too. The focus on FreeBSD, but they will setup an OpenBSD or NetBSD VPS if you ask. On Sun, Dec 5, 2010 at 12:59 PM, Okan Demirmen wrote: > On Tue 2010.11.30 at 14:33 -0500, mikel king wrote: > > Greetings all. > > > > I know this pops up on the list every once in a while but perhaps there > is some updated information out there. I am researching BSD based hosting > providers for a forthcoming article on BSD News. > > > > I am looking for specific categories; > > Basic Hosting (these are the budget guys a la Dreamhost types, that do > Web, DNS & email) > > Virtual Server Hosting (self explanatory, VM rental) > > Physical Server Hosting (self explanatory, Server rental) > > Physical Server colocation (You own the box, and rack it at some place > like Pilosoft) > > > > It would also be helpful if you've used a particular provider's service. > Especially if you can either recommend or not and are interested in being > mentioned please note this off list to me. > > jtan.com > pair.com > > Disclaimer: I've used both of them in the past and have no problems > recommending either - YMMV. > _______________________________________________ > talk mailing list > talk at lists.nycbug.org > http://lists.nycbug.org/mailman/listinfo/talk > -------------- next part -------------- An HTML attachment was scrubbed... URL: From siraaj at khandkar.net Sun Dec 5 22:07:39 2010 From: siraaj at khandkar.net (Siraaj Khandkar) Date: Sun, 5 Dec 2010 22:07:39 -0500 Subject: [nycbug-talk] BSD based web hosting In-Reply-To: References:

Message-ID: On 2 Dec 2010, at 17:05, Francisco Reyes wrote: > Siraaj Khandkar writes: > >> Randal Schwartz has reported that he's very happy running FreeBSD VM >> from http://arpnetworks.com/ > > +1 on arpnetworks. One feature I really that they have, although I have not used it, is the ability to connect to your machine through VNC so you can work on the VM as it boots. They also have options to reboot the machine. They also have bandwith graphs. > arpnetworks I think uses KVM for virtulization. ARP Networks just reopened for new VPS orders! I'll start by migrating my newly created EC2 mail server from Amazon to ARP's OpenBSD instance. Hello spamd! -- Siraaj Khandkar From jschauma at netmeister.org Sun Dec 5 22:24:01 2010 From: jschauma at netmeister.org (Jan Schaumann) Date: Sun, 5 Dec 2010 22:24:01 -0500 Subject: [nycbug-talk] BSD based web hosting In-Reply-To: References: Message-ID: <20101206032400.GH4522@netmeister.org> mikel king wrote: > I know this pops up on the list every once in a while but perhaps > there is some updated information out there. I am researching BSD > based hosting providers for a forthcoming article on BSD News. Since nobody's mentioned it yet (really?): panix http://en.wikipedia.org/wiki/Panix_%28ISP%29 http://www.panix.com/corp/v-colo/vplans.html Native IPv6, too. -Jan -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 186 bytes Desc: not available URL: From george at ceetonetechnology.com Fri Dec 10 16:27:53 2010 From: george at ceetonetechnology.com (George Rosamond) Date: Fri, 10 Dec 2010 16:27:53 -0500 Subject: [nycbug-talk] The BSD Connection Message-ID: <4D029B59.30503@ceetonetechnology.com> Okay, it had to happen sooner or later. . . But apparently there is a pretty significant connection between the BSDs and Wikileaks. http://blather.michaelwlucas.com/?p=443 Now *that's* investigative journalism. Nice job ML (bcc'd). g From siraaj at khandkar.net Fri Dec 10 16:49:31 2010 From: siraaj at khandkar.net (Siraaj Khandkar) Date: Fri, 10 Dec 2010 16:49:31 -0500 Subject: [nycbug-talk] The BSD Connection In-Reply-To: <4D029B59.30503@ceetonetechnology.com> References: <4D029B59.30503@ceetonetechnology.com> Message-ID: <13535793-6C57-40C2-B026-0E5B51318742@khandkar.net> On 10 Dec 2010, at 16:27, George Rosamond wrote: > Okay, it had to happen sooner or later. . . > > But apparently there is a pretty significant connection between the BSDs and Wikileaks. > > http://blather.michaelwlucas.com/?p=443 I hope Joe Lieberman doesn't find-out... -- Siraaj Khandkar From akosela at andykosela.com Fri Dec 10 17:37:29 2010 From: akosela at andykosela.com (Andy Kosela) Date: Fri, 10 Dec 2010 23:37:29 +0100 Subject: [nycbug-talk] The BSD Connection In-Reply-To: <4D029B59.30503@ceetonetechnology.com> References: <4D029B59.30503@ceetonetechnology.com> Message-ID: On Fri, Dec 10, 2010 at 10:27 PM, George Rosamond wrote: > Okay, it had to happen sooner or later. . . > > But apparently there is a pretty significant connection between the BSDs and > Wikileaks. > > http://blather.michaelwlucas.com/?p=443 > > Now *that's* investigative journalism. ?Nice job ML (bcc'd). Julian Assange is definetly a very interesting person. He used to hang on the NetBSD mailing lists a lot... From skreuzer at exit2shell.com Mon Dec 13 14:11:08 2010 From: skreuzer at exit2shell.com (Steven Kreuzer) Date: Mon, 13 Dec 2010 14:11:08 -0500 Subject: [nycbug-talk] Fwd: FreeBSD/EC2 lives! References: <4D066D52.2080100@freebsd.org> Message-ID: <7AC8D32A-0724-45A4-B46E-1190290A6BDC@exit2shell.com> Just announced on freebsd-xen at freebsd.org ! Begin forwarded message: > From: Colin Percival > Date: December 13, 2010 2:00:34 PM EST > To: "freebsd-xen at freebsd.org" > Subject: FreeBSD/EC2 lives! > > Hi freebsd-xen people and wannabe FreeBSD/EC2 users, > > Thanks to a month of bug fixing and a lot of help from Amazon, FreeBSD is now > available on EC2: > http://www.daemonology.net/blog/2010-12-13-FreeBSD-on-EC2.html > > Only for 9.0-CURRENT and only t1.micro instances so far, though -- but we're > moving in the right direction. :-) > > -- > Colin Percival > Security Officer, FreeBSD | freebsd.org | The power to serve > Founder / author, Tarsnap | tarsnap.com | Online backups for the truly paranoid > _______________________________________________ > freebsd-xen at freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-xen > To unsubscribe, send any mail to "freebsd-xen-unsubscribe at freebsd.org" From drulavigne at sympatico.ca Mon Dec 13 14:13:41 2010 From: drulavigne at sympatico.ca (Dru Lavigne) Date: Mon, 13 Dec 2010 19:13:41 +0000 Subject: [nycbug-talk] FreeBSD Now Runs on EC2 Message-ID: Some folks on list may be interested in this. Colin Percival just announced: http://www.daemonology.net/blog/2010-12-13-FreeBSD-on-EC2.html Cheers, DRu -------------- next part -------------- An HTML attachment was scrubbed... URL: From siraaj at khandkar.net Mon Dec 13 14:17:31 2010 From: siraaj at khandkar.net (Siraaj Khandkar) Date: Mon, 13 Dec 2010 14:17:31 -0500 Subject: [nycbug-talk] Fwd: FreeBSD/EC2 lives! In-Reply-To: <7AC8D32A-0724-45A4-B46E-1190290A6BDC@exit2shell.com> References: <4D066D52.2080100@freebsd.org> <7AC8D32A-0724-45A4-B46E-1190290A6BDC@exit2shell.com> Message-ID: <25F11BC6-4242-4CC0-B174-FC6EB2F5654A@khandkar.net> On 13 Dec 2010, at 14:11, Steven Kreuzer wrote: > Just announced on freebsd-xen at freebsd.org ! > > Begin forwarded message: > >> From: Colin Percival >> Date: December 13, 2010 2:00:34 PM EST >> To: "freebsd-xen at freebsd.org" >> Subject: FreeBSD/EC2 lives! >> >> Hi freebsd-xen people and wannabe FreeBSD/EC2 users, >> >> Thanks to a month of bug fixing and a lot of help from Amazon, FreeBSD is now >> available on EC2: >> http://www.daemonology.net/blog/2010-12-13-FreeBSD-on-EC2.html >> >> Only for 9.0-CURRENT and only t1.micro instances so far, though -- but we're >> moving in the right direction. :-) Oh snap! I'm on it in a minute! -- Siraaj Khandkar From siraaj at khandkar.net Mon Dec 13 14:39:39 2010 From: siraaj at khandkar.net (Siraaj Khandkar) Date: Mon, 13 Dec 2010 14:39:39 -0500 Subject: [nycbug-talk] Fwd: FreeBSD/EC2 lives! In-Reply-To: <25F11BC6-4242-4CC0-B174-FC6EB2F5654A@khandkar.net> References: <4D066D52.2080100@freebsd.org> <7AC8D32A-0724-45A4-B46E-1190290A6BDC@exit2shell.com> <25F11BC6-4242-4CC0-B174-FC6EB2F5654A@khandkar.net> Message-ID: On 13 Dec 2010, at 14:17, Siraaj Khandkar wrote: > On 13 Dec 2010, at 14:11, Steven Kreuzer wrote: > >> Just announced on freebsd-xen at freebsd.org ! >> >> Begin forwarded message: >> >>> From: Colin Percival >>> Date: December 13, 2010 2:00:34 PM EST >>> To: "freebsd-xen at freebsd.org" >>> Subject: FreeBSD/EC2 lives! >>> >>> Hi freebsd-xen people and wannabe FreeBSD/EC2 users, >>> >>> Thanks to a month of bug fixing and a lot of help from Amazon, FreeBSD is now >>> available on EC2: > > Oh snap! I'm on it in a minute! Instance launched successfully, but so far no luck contacting it... :-( 204.236.219.220 -- Siraaj Khandkar http://twitter.com/IbnFirnas From chsnyder at gmail.com Mon Dec 13 14:47:01 2010 From: chsnyder at gmail.com (Chris Snyder) Date: Mon, 13 Dec 2010 14:47:01 -0500 Subject: [nycbug-talk] Fwd: FreeBSD/EC2 lives! In-Reply-To: References: <4D066D52.2080100@freebsd.org> <7AC8D32A-0724-45A4-B46E-1190290A6BDC@exit2shell.com> <25F11BC6-4242-4CC0-B174-FC6EB2F5654A@khandkar.net> Message-ID: On Mon, Dec 13, 2010 at 2:39 PM, Siraaj Khandkar wrote: > > Instance launched successfully, but so far no luck contacting it... :-( > > 204.236.219.220 > What does the console dump say? From robin.polak at gmail.com Mon Dec 13 14:20:28 2010 From: robin.polak at gmail.com (Robin Polak) Date: Mon, 13 Dec 2010 14:20:28 -0500 Subject: [nycbug-talk] Fwd: FreeBSD/EC2 lives! In-Reply-To: <25F11BC6-4242-4CC0-B174-FC6EB2F5654A@khandkar.net> References: <4D066D52.2080100@freebsd.org> <7AC8D32A-0724-45A4-B46E-1190290A6BDC@exit2shell.com> <25F11BC6-4242-4CC0-B174-FC6EB2F5654A@khandkar.net> Message-ID: On Mon, Dec 13, 2010 at 14:17, Siraaj Khandkar wrote: > On 13 Dec 2010, at 14:11, Steven Kreuzer wrote: > >> Just announced on freebsd-xen at freebsd.org ! >> >> Begin forwarded message: >> >>> From: Colin Percival >>> Date: December 13, 2010 2:00:34 PM EST >>> To: "freebsd-xen at freebsd.org" >>> Subject: FreeBSD/EC2 lives! >>> >>> Hi freebsd-xen people and wannabe FreeBSD/EC2 users, >>> >>> Thanks to a month of bug fixing and a lot of help from Amazon, FreeBSD is now >>> available on EC2: >>> http://www.daemonology.net/blog/2010-12-13-FreeBSD-on-EC2.html >>> >>> Only for 9.0-CURRENT and only t1.micro instances so far, though -- but we're >>> moving in the right direction. :-) > > > Oh snap! I'm on it in a minute! > > > -- Siraaj Khandkar > > > > _______________________________________________ > talk mailing list > talk at lists.nycbug.org > http://lists.nycbug.org/mailman/listinfo/talk > I've spun up an instance. I'm certainly interested. -- Robin Polak E-Mail: robin.polak at gmail.com V. 917-494-2080 From siraaj at khandkar.net Mon Dec 13 15:08:35 2010 From: siraaj at khandkar.net (Siraaj Khandkar) Date: Mon, 13 Dec 2010 15:08:35 -0500 Subject: [nycbug-talk] Fwd: FreeBSD/EC2 lives! In-Reply-To: References: <4D066D52.2080100@freebsd.org> <7AC8D32A-0724-45A4-B46E-1190290A6BDC@exit2shell.com> <25F11BC6-4242-4CC0-B174-FC6EB2F5654A@khandkar.net> Message-ID: <62DC44E2-943B-41F3-B2FB-A406EA09BA81@khandkar.net> On 13 Dec 2010, at 14:47, Chris Snyder wrote: > On Mon, Dec 13, 2010 at 2:39 PM, Siraaj Khandkar wrote: > >> >> Instance launched successfully, but so far no luck contacting it... :-( >> >> 204.236.219.220 >> > > What does the console dump say? It's a bit lengthy, so I attached it. -------------- next part -------------- Xen Minimal OS! start_info: 0xa01000(VA) nr_pages: 0x26700 shared_inf: 0xdeaee000(MA) pt_base: 0xa04000(VA) nr_pt_frames: 0x9 mfn_list: 0x967000(VA) mod_start: 0xa080101(VA) mod_len: 967212544 flags: 0x0 cmd_line: root=/dev/sda1 ro 4 stack: 0x946780-0x966780 MM: Init _text: 0x0(VA) _etext: 0x621f5(VA) _erodata: 0x76000(VA) _edata: 0x7b6d4(VA) stack start: 0x946780(VA) _end: 0x966d34(VA) start_pfn: a10 max_pfn: 26700 Mapping memory range 0xc00000 - 0x26700000 setting 0x0-0x76000 readonly skipped 0x1000 MM: Initialise page allocator for b3e000(b3e000)-0(26700000) MM: done Demand map pfns at 26701000-36701000. Heap resides at 36702000-76702000. Initialising timer interface Initialising console ... done. gnttab_table mapped at 0x26701000. Initialising scheduler Thread "Idle": pointer: 0x36702008, stack: 0xbf0000 Initialising xenbus Thread "xenstore": pointer: 0x36702478, stack: 0x26600000 Dummy main: start_info=0x966880 Thread "main": pointer: 0x367028e8, stack: 0x26610000 "main" "root=/dev/sda1" "ro" "4" vbd 2049 is hd0 ******************* BLKFRONT for device/vbd/2049 ********** backend at /local/domain/0/backend/vbd/1558/2049 Failed to read /local/domain/0/backend/vbd/1558/2049/feature-barrier. Failed to read /local/domain/0/backend/vbd/1558/2049/feature-flush-cache. 2097152 sectors of 0 bytes ************************** vbd 2064 is hd1 ******************* BLKFRONT for device/vbd/2064 ********** backend at /local/domain/0/backend/vbd/1558/2064 Failed to read /local/domain/0/backend/vbd/1558/2064/feature-barrier. Failed to read /local/domain/0/backend/vbd/1558/2064/feature-flush-cache. 18874368 sectors of 0 bytes ************************** [H [J Booting 'FreeBSD kernel' root (hd0) Filesystem type is ext2fs, using whole disk kernel /boot/kernel/kernel vfs.root.mountfrom=ufs:da1s1,machdep.idle_mwait=0,bo ot_verbose=1 xc_dom_probe_bzimage_kernel: kernel is not a bzImage close blk: backend at /local/domain/0/backend/vbd/1558/2049 close blk: backend at /local/domain/0/backend/vbd/1558/2064 WARNING: loader(8) metadata is missing! GDB: no debug ports present KDB: debugger backends: ddb KDB: current backend: ddb APIC: Using the MPTable enumerator. SMP: Added CPU 0 (BSP) Copyright (c) 1992-2010 The FreeBSD Project. Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994 The Regents of the University of California. All rights reserved. FreeBSD is a registered trademark of The FreeBSD Foundation. FreeBSD 9.0-CURRENT #68: Sun Dec 12 03:52:29 UTC 2010 root at chch.daemonology.net:/usr/obj/i386.i386/usr/src/sys/XEN i386 WARNING: WITNESS option enabled, expect reduced performance. Xen reported: 2659.998 MHz processor. Timecounter "ixen" frequency 1953125 Hz quality 0 CPU: Intel(R) Xeon(R) CPU E5430 @ 2.66GHz (2660.00-MHz 686-class CPU) Origin = "GenuineIntel" Id = 0x1067a Family = 6 Model = 17 Stepping = 10 Features=0xbfe3fbff Features2=0x40ce3bd AMD Features=0x20100000 AMD Features2=0x1 Instruction TLB: 4 KB Pages, 4-way set associative, 128 entries 1st-level instruction cache: 32 KB, 8-way set associative, 64 byte line size 1st-level data cache: 32 KB, 8-way set associative, 64 byte line size L2 cache: 6144 kbytes, 16-way associative, 64 bytes/line real memory = 644874240 (615 MB) Physical memory chunk(s): 0x00000000007d0000 - 0x0000000025b4dfff, 624418816 bytes (152446 pages) avail memory = 621105152 (592 MB) [XEN] IPI cpu=0 irq=128 vector=RESCHEDULE_VECTOR (0) [XEN] IPI cpu=0 irq=129 vector=CALL_FUNCTION_VECTOR (1) Event-channel device installed. random: io: mem: Pentium Pro MTRR support enabled null: nfslock: pseudo-device [XEN] xen_rtc_probe: probing Hypervisor RTC clock rtc0: on motherboard [XEN] xen_rtc_attach: attaching Hypervisor RTC clock rtc0: registered as a time-of-day clock (resolution 1000000us, adjustment 0.500000000s) xs_probe: Probe retuns 0 xenstore0: on motherboard Grant table initialized xc0: on motherboard Device configuration finished. procfs registered Timecounters tick every 10.000 msec [XEN] hypervisor wallclock nudged; nudging TOD. lo0: bpf attached xenbusb_front0: on xenstore0 xn0: at device/vif/0 on xenbusb_front0 xn0: bpf attached xn0: Ethernet address: 12:31:3b:09:16:54 xenbusb_back0: on xenstore0 xctrl0: on xenstore0 xbd0: 1024MB at device/vbd/2049 on xenbusb_front0 xbd0: attaching as da0 GEOM: new disk da0 xbd1: 9216MB at device/vbd/2064 on xenbusb_front0 xbd1: attaching as da1 WARNING: WITNESS option enabled, expect reduced performance. GEOM: new disk da1 Trying to mount root from ufs:da1s1 []... rtc0: [XEN] xen_rtc_gettime rtc0: [XEN] xen_rtc_gettime: wallclock 1285664664 sec; 6371003 nsec rtc0: [XEN] xen_rtc_gettime: uptime 6603576 sec; 154147873 nsec rtc0: [XEN] xen_rtc_gettime: TOD 1292268240 sec; 160518876 nsec start_init: trying /sbin/init Setting hostuuid: 8b2baeeb-06ee-11e0-bd8d-12313b091654. Setting hostid: 0xcb31c5bf. Entropy harvesting: interrupts ethernet point_to_point kickstart. Starting file system checks: /dev/da1s1: FILE SYSTEM CLEAN; SKIPPING CHECKS /dev/da1s1: clean, 2422721 free (1537 frags, 302648 blocks, 0.1% fragmentation) Mounting local file systems:. xn0: link state changed to DOWN xn0: link state changed to UP Starting Network: lo0 xn0. lo0: flags=8049 metric 0 mtu 16384 options=3 inet 127.0.0.1 netmask 0xff000000 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1 nd6 options=21 xn0: flags=8843 metric 0 mtu 1500 options=503 ether 12:31:3b:09:16:54 media: Ethernet manual status: active Starting devd. DHCPDISCOVER on xn0 to 255.255.255.255 port 67 interval 6 DHCPOFFER from 169.254.1.0 DHCPREQUEST on xn0 to 255.255.255.255 port 67 DHCPACK from 169.254.1.0 bound to 10.203.21.158 -- renewal in 43200 seconds. add net ::ffff:0.0.0.0: gateway ::1 add net ::0.0.0.0: gateway ::1 add net fe80::: gateway ::1 add net ff02::: gateway ::1 Generating host.conf. Creating and/or trimming log files. Starting syslogd. No core dumps found. ELF ldconfig path: /lib /usr/lib /usr/lib/compat a.out ldconfig path: /usr/lib/aout /usr/lib/compat/aout Clearing /tmp (X related). Requesting http://169.254.169.254/1.0/meta-data/public-keys/0/openssh-key 407 bytes retrieved in 00:00 (2.17 MB/s) Updating motd:. Generating public/private rsa1 key pair. Your identification has been saved in /etc/ssh/ssh_host_key. Your public key has been saved in /etc/ssh/ssh_host_key.pub. The key fingerprint is: 6c:3b:3b:9a:36:e9:93:9f:08:0a:31:27:c5:c1:e3:49 root at ip-10-203-21-158 The key's randomart image is: +--[RSA1 1024]----+ | .. | | .E. | | ooo | | .o . | |+ . S | | = . . | |. . oo | | . . .*o.+ | | . o==+. | +-----------------+ Generating public/private dsa key pair. Your identification has been saved in /etc/ssh/ssh_host_dsa_key. Your public key has been saved in /etc/ssh/ssh_host_dsa_key.pub. The key fingerprint is: 16:ae:9a:4a:e4:20:92:34:9f:4b:8a:e0:40:0d:51:a9 root at ip-10-203-21-158 The key's randomart image is: +--[ DSA 1024]----+ | oo.. | | o. | | +.. . | |oEo . . . | |B .+ S | |B+o . o | |.oo. . | | . o | | ..o | +-----------------+ Generating public/private rsa key pair. Your identification has been saved in /etc/ssh/ssh_host_rsa_key. Your public key has been saved in /etc/ssh/ssh_host_rsa_key.pub. The key fingerprint is: db:c9:fb:31:35:57:85:49:de:5f:72:65:e3:8c:86:59 root at ip-10-203-21-158 The key's randomart image is: +--[ RSA 2048]----+ | E.++| | +.*o+| | o ooo=| | . o+| | S o o| | + . . o | | . + o | | . o | | ... | +-----------------+ Starting sshd. Starting cron. ec2: ############################################################# ec2: -----BEGIN SSH HOST KEY FINGERPRINTS----- ec2: 2048 db:c9:fb:31:35:57:85:49:de:5f:72:65:e3:8c:86:59 /etc/ssh/ssh_host_rsa_key.pub (RSA) ec2: 1024 16:ae:9a:4a:e4:20:92:34:9f:4b:8a:e0:40:0d:51:a9 /etc/ssh/ssh_host_dsa_key.pub (DSA) ec2: -----END SSH HOST KEY FINGERPRINTS----- ec2: ############################################################# Starting background file system checks in 60 seconds. Mon Dec 13 19:24:21 UTC 2010 Stopping cron. Stopping sshd. Stopping devd. Writing entropy file:. Terminated . Dec 13 19:25:31 ip-10-203-21-158 syslogd: exiting on signal 15 Waiting (max 60 seconds) for system process `vnlru' to stop...done Waiting (max 60 seconds) for system process `bufdaemon' to stop...done Waiting (max 60 seconds) for system process `syncer' to stop... Syncing disks, vnodes remaining...0 0 done All buffers synced. lock order reversal: 1st 0xc2c0ce28 ufs (ufs) @ /usr/src/sys/kern/vfs_mount.c:1210 2nd 0xc2c0c9e8 devfs (devfs) @ /usr/src/sys/kern/vfs_subr.c:2229 KDB: stack backtrace: X_db_sym_numargs(c037be31,4,0,c28dd790,f46cb23e,...) at X_db_sym_numargs+0x146 kdb_backtrace(c0114f4b,c037ef3f,c28e2320,c28e2250,c27119f0,...) at kdb_backtrace+0x2a witness_display_spinlock(c037ef3f,c2c0c9e8,c036d1c8,c28e2250,c0386645,...) at witness_display_spinlock+0x75 witness_checkorder(c2c0c9e8,9,c0386645,8b5,0,...) at witness_checkorder+0x839 __lockmgr_args(c2c0c9e8,80100,c2c0ca08,0,0,...) at __lockmgr_args+0x804 vop_stdlock(c2711b10,c03f0840,85,80100,c2c0c990,...) at vop_stdlock+0x62 VOP_LOCK1_APV(c03b6620,c2711b10,c2c0c990,c03eb520,c2c0c990,...) at VOP_LOCK1_APV+0xb5 _vn_lock(c2c0c990,80100,c0386645,8b5,c03c2b18,...) at _vn_lock+0x5e getnewvnode(c2711ba8,c2c17f38,c2c0c990,c0378bbf,ae,...) at getnewvnode+0xa92 vrele(c2c0c990,c0378bbf,ae,2a9,c2aaf440,...) at vrele+0x10 ext2_unmount(c2b28a20,80000,c2711bd8,4ff,c0110009,...) at ext2_unmount+0x118 dounmount(c2b28a20,80000,c2920b00,cef2662c,0,...) at dounmount+0x466 vfs_unmountall(c0378c71,0,c0378bbf,12b,c2920b00,...) at vfs_unmountall+0x4e kern_reboot(0,0,c0378bbf,ae,c2711c8c,...) at kern_reboot+0x450 reboot(c2920b00,c2711cfc,c2711d38,c037d866,0,...) at reboot+0x4e syscallenter(c2920b00,c2711cf4,c2711cf4,fffffffe,c0126aeeXen Minimal OS! start_info: 0xa01000(VA) nr_pages: 0x26700 shared_inf: 0xdeaee000(MA) pt_base: 0xa04000(VA) nr_pt_frames: 0x9 mfn_list: 0x967000(VA) mod_start: 0x0(VA) mod_len: 0 flags: 0x0 cmd_line: root=/dev/sda1 ro 4 stack: 0x946780-0x966780 MM: Init _text: 0x0(VA) _etext: 0x621f5(VA) _erodata: 0x76000(VA) _edata: 0x7b6d4(VA) stack start: 0x946780(VA) _end: 0x966d34(VA) start_pfn: a10 max_pfn: 26700 Mapping memory range 0xc00000 - 0x26700000 setting 0x0-0x76000 readonly skipped 0x1000 MM: Initialise page allocator for b3e000(b3e000)-0(26700000) MM: done Demand map pfns at 26701000-36701000. Heap resides at 36702000-76702000. Initialising timer interface Initialising console ... done. gnttab_table mapped at 0x26701000. Initialising scheduler Thread "Idle": pointer: 0x36702008, stack: 0xbf0000 Initialising xenbus Thread "xenstore": pointer: 0x36702478, stack: 0x26600000 Dummy main: start_info=0x966880 Thread "main": pointer: 0x367028e8, stack: 0x26610000 "main" "root=/dev/sda1" "ro" "4" vbd 2049 is hd0 ******************* BLKFRONT for device/vbd/2049 ********** backend at /local/domain/0/backend/vbd/1559/2049 Failed to read /local/domain/0/backend/vbd/1559/2049/feature-barrier. Failed to read /local/domain/0/backend/vbd/1559/2049/feature-flush-cache. 2097152 sectors of 0 bytes ************************** vbd 2064 is hd1 ******************* BLKFRONT for device/vbd/2064 ********** backend at /local/domain/0/backend/vbd/1559/2064 Failed to read /local/domain/0/backend/vbd/1559/2064/feature-barrier. Failed to read /local/domain/0/backend/vbd/1559/2064/feature-flush-cache. 18874368 sectors of 0 bytes ************************** [H [J Booting 'FreeBSD kernel' root (hd0) Filesystem type is ext2fs, using whole disk kernel /boot/kernel/kernel vfs.root.mountfrom=ufs:da1s1,machdep.idle_mwait=0,bo ot_verbose=1 xc_dom_probe_bzimage_kernel: kernel is not a bzImage close blk: backend at /local/domain/0/backend/vbd/1559/2049 close blk: backend at /local/domain/0/backend/vbd/1559/2064 WARNING: loader(8) metadata is missing! GDB: no debug ports present KDB: debugger backends: ddb KDB: current backend: ddb APIC: Using the MPTable enumerator. SMP: Added CPU 0 (BSP) Copyright (c) 1992-2010 The FreeBSD Project. Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994 The Regents of the University of California. All rights reserved. FreeBSD is a registered trademark of The FreeBSD Foundation. FreeBSD 9.0-CURRENT #68: Sun Dec 12 03:52:29 UTC 2010 root at chch.daemonology.net:/usr/obj/i386.i386/usr/src/sys/XEN i386 WARNING: WITNESS option enabled, expect reduced performance. Xen reported: 2659.998 MHz processor. Timecounter "ixen" frequency 1953125 Hz quality 0 CPU: Intel(R) Xeon(R) CPU E5430 @ 2.66GHz (2660.00-MHz 686-class CPU) Origin = "GenuineIntel" Id = 0x1067a Family = 6 Model = 17 Stepping = 10 Features=0xbfe3fbff Features2=0x40ce3bd AMD Features=0x20100000 AMD Features2=0x1 Instruction TLB: 4 KB Pages, 4-way set associative, 128 entries 1st-level instruction cache: 32 KB, 8-way set associative, 64 byte line size 1st-level data cache: 32 KB, 8-way set associative, 64 byte line size L2 cache: 6144 kbytes, 16-way associative, 64 bytes/line real memory = 644874240 (615 MB) Physical memory chunk(s): 0x00000000007d0000 - 0x0000000025b4dfff, 624418816 bytes (152446 pages) avail memory = 621105152 (592 MB) [XEN] IPI cpu=0 irq=128 vector=RESCHEDULE_VECTOR (0) [XEN] IPI cpu=0 irq=129 vector=CALL_FUNCTION_VECTOR (1) Event-channel device installed. random: io: mem: Pentium Pro MTRR support enabled null: nfslock: pseudo-device [XEN] xen_rtc_probe: probing Hypervisor RTC clock rtc0: on motherboard [XEN] xen_rtc_attach: attaching Hypervisor RTC clock rtc0: registered as a time-of-day clock (resolution 1000000us, adjustment 0.500000000s) xs_probe: Probe retuns 0 xenstore0: on motherboard Grant table initialized xc0: on motherboard Device configuration finished. procfs registered Timecounters tick every 10.000 msec [XEN] hypervisor wallclock nudged; nudging TOD. lo0: bpf attached xenbusb_front0: on xenstore0 xn0: at device/vif/0 on xenbusb_front0 xn0: bpf attached xn0: Ethernet address: 12:31:3b:09:16:54 xenbusb_back0: on xenstore0 xctrl0: on xenstore0 xbd0: 1024MB at device/vbd/2049 on xenbusb_front0 xbd0: attaching as da0 GEOM: new disk da0 xbd1: 9216MB at device/vbd/2064 on xenbusb_front0 xbd1: attaching as da1 WARNING: WITNESS option enabled, expect reduced performance. GEOM: new disk da1 Trying to mount root from ufs:da1s1 []... rtc0: [XEN] xen_rtc_gettime rtc0: [XEN] xen_rtc_gettime: wallclock 1285664664 sec; 6371003 nsec rtc0: [XEN] xen_rtc_gettime: uptime 6603686 sec; 298543135 nsec rtc0: [XEN] xen_rtc_gettime: TOD 1292268350 sec; 304914138 nsec start_init: trying /sbin/init Setting hostuuid: 8b2baeeb-06ee-11e0-bd8d-12313b091654. Setting hostid: 0xcb31c5bf. Entropy harvesting: interrupts ethernet point_to_point kickstart. Starting file system checks: /dev/da1s1: FILE SYSTEM CLEAN; SKIPPING CHECKS /dev/da1s1: clean, 2422683 free (1539 frags, 302643 blocks, 0.1% fragmentation) Mounting local file systems:. xn0: link state changed to DOWN xn0: link state changed to UP Starting Network: lo0 xn0. lo0: flags=8049 metric 0 mtu 16384 options=3 inet 127.0.0.1 netmask 0xff000000 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1 nd6 options=21 xn0: flags=8843 metric 0 mtu 1500 options=503 ether 12:31:3b:09:16:54 media: Ethernet manual status: active Starting devd. DHCPREQUEST on xn0 to 255.255.255.255 port 67 DHCPACK from 169.254.1.0 bound to 10.203.21.158 -- renewal in 43200 seconds. add net ::ffff:0.0.0.0: gateway ::1 add net ::0.0.0.0: gateway ::1 add net fe80::: gateway ::1 add net ff02::: gateway ::1 Creating and/or trimming log files. Starting syslogd. No core dumps found. ELF ldconfig path: /lib /usr/lib /usr/lib/compat a.out ldconfig path: /usr/lib/aout /usr/lib/compat/aout Clearing /tmp (X related). Updating motd:. Starting sshd. Starting cron. ec2: ############################################################# ec2: -----BEGIN SSH HOST KEY FINGERPRINTS----- ec2: 2048 db:c9:fb:31:35:57:85:49:de:5f:72:65:e3:8c:86:59 /etc/ssh/ssh_host_rsa_key.pub (RSA) ec2: 1024 16:ae:9a:4a:e4:20:92:34:9f:4b:8a:e0:40:0d:51:a9 /etc/ssh/ssh_host_dsa_key.pub (DSA) ec2: -----END SSH HOST KEY FINGERPRINTS----- ec2: ############################################################# Starting background file system checks in 60 seconds. Mon Dec 13 19:25:56 UTC 2010 -------------- next part -------------- -- Siraaj Khandkar http://twitter.com/IbnFirnas From chsnyder at gmail.com Mon Dec 13 15:15:36 2010 From: chsnyder at gmail.com (Chris Snyder) Date: Mon, 13 Dec 2010 15:15:36 -0500 Subject: [nycbug-talk] Fwd: FreeBSD/EC2 lives! In-Reply-To: <62DC44E2-943B-41F3-B2FB-A406EA09BA81@khandkar.net> References: <4D066D52.2080100@freebsd.org> <7AC8D32A-0724-45A4-B46E-1190290A6BDC@exit2shell.com> <25F11BC6-4242-4CC0-B174-FC6EB2F5654A@khandkar.net> <62DC44E2-943B-41F3-B2FB-A406EA09BA81@khandkar.net> Message-ID: On Mon, Dec 13, 2010 at 3:08 PM, Siraaj Khandkar wrote: > It's a bit lengthy, so I attached it. Mystery why you can't connect, there are no obvious startup failures or kernel panics, which is usually what you see when you can't connect to a linux instance. You are connecting as root, using the correct key for authentication? From siraaj at khandkar.net Mon Dec 13 15:32:45 2010 From: siraaj at khandkar.net (Siraaj Khandkar) Date: Mon, 13 Dec 2010 15:32:45 -0500 Subject: [nycbug-talk] Fwd: FreeBSD/EC2 lives! In-Reply-To: References: <4D066D52.2080100@freebsd.org> <7AC8D32A-0724-45A4-B46E-1190290A6BDC@exit2shell.com> <25F11BC6-4242-4CC0-B174-FC6EB2F5654A@khandkar.net> <62DC44E2-943B-41F3-B2FB-A406EA09BA81@khandkar.net> Message-ID: <8360C377-840B-4BD2-A83C-3D790FD345FE@khandkar.net> On 13 Dec 2010, at 15:15, Chris Snyder wrote: > On Mon, Dec 13, 2010 at 3:08 PM, Siraaj Khandkar wrote: > >> It's a bit lengthy, so I attached it. > > Mystery why you can't connect, there are no obvious startup failures > or kernel panics, which is usually what you see when you can't connect > to a linux instance. > You are connecting as root, using the correct key for authentication? OK. Problem solved. The default filter group didn't quite behave as I expected (haven't used it prior). I relaunched it with a new group and all is good now! -- Siraaj Khandkar http://twitter.com/IbnFirnas From robin.polak at gmail.com Mon Dec 13 15:05:21 2010 From: robin.polak at gmail.com (Robin Polak) Date: Mon, 13 Dec 2010 15:05:21 -0500 Subject: [nycbug-talk] Fwd: FreeBSD/EC2 lives! In-Reply-To: References: <4D066D52.2080100@freebsd.org> <7AC8D32A-0724-45A4-B46E-1190290A6BDC@exit2shell.com> <25F11BC6-4242-4CC0-B174-FC6EB2F5654A@khandkar.net> Message-ID: On Mon, Dec 13, 2010 at 14:47, Chris Snyder wrote: > On Mon, Dec 13, 2010 at 2:39 PM, Siraaj Khandkar wrote: > >> >> Instance launched successfully, but so far no luck contacting it... :-( >> >> 204.236.219.220 >> > > What does the console dump say? > _______________________________________________ > talk mailing list > talk at lists.nycbug.org > http://lists.nycbug.org/mailman/listinfo/talk > I'm seeing the same thing. Here is the console dump. Xen Minimal OS! start_info: 0xb10000(VA) nr_pages: 0x6a400 shared_inf: 0x002df000(MA) pt_base: 0xb13000(VA) nr_pt_frames: 0x9 mfn_list: 0x967000(VA) mod_start: 0x0(VA) mod_len: 0 flags: 0x0 cmd_line: root=/dev/sda1 ro 4 stack: 0x946780-0x966780 MM: Init _text: 0x0(VA) _etext: 0x621f5(VA) _erodata: 0x76000(VA) _edata: 0x7b6d4(VA) stack start: 0x946780(VA) _end: 0x966d34(VA) start_pfn: b1f max_pfn: 6a400 Mapping memory range 0xc00000 - 0x6a400000 setting 0x0-0x76000 readonly skipped 0x1000 MM: Initialise page allocator for e6c000(e6c000)-0(6a400000) MM: done Demand map pfns at 6a401000-7a401000. Heap resides at 7a402000-ba402000. Initialising timer interface Initialising console ... done. gnttab_table mapped at 0x6a401000. Initialising scheduler Thread "Idle": pointer: 0x7a402008, stack: 0x6a030000 Initialising xenbus Thread "xenstore": pointer: 0x7a402478, stack: 0x6a040000 Dummy main: start_info=0x966880 Thread "main": pointer: 0x7a4028e8, stack: 0x6a050000 "main" "root=/dev/sda1" "ro" "4" vbd 2049 is hd0 ******************* BLKFRONT for device/vbd/2049 ********** backend at /local/domain/0/backend/vbd/825/2049 Failed to read /local/domain/0/backend/vbd/825/2049/feature-barrier. Failed to read /local/domain/0/backend/vbd/825/2049/feature-flush-cache. 2097152 sectors of 0 bytes ************************** vbd 2051 is hd1 ******************* BLKFRONT for device/vbd/2051 ********** backend at /local/domain/0/backend/vbd/825/2051 Failed to read /local/domain/0/backend/vbd/825/2051/feature-barrier. Failed to read /local/domain/0/backend/vbd/825/2051/feature-flush-cache. 1835008 sectors of 0 bytes ************************** vbd 2064 is hd2 ******************* BLKFRONT for device/vbd/2064 ********** backend at /local/domain/0/backend/vbd/825/2064 Failed to read /local/domain/0/backend/vbd/825/2064/feature-barrier. Failed to read /local/domain/0/backend/vbd/825/2064/feature-flush-cache. 18874368 sectors of 0 bytes ************************** [H [J Booting 'FreeBSD kernel' root (hd0) Filesystem type is ext2fs, using whole disk kernel /boot/kernel/kernel vfs.root.mountfrom=ufs:da1s1,machdep.idle_mwait=0,bo ot_verbose=1 xc_dom_probe_bzimage_kernel: kernel is not a bzImage close blk: backend at /local/domain/0/backend/vbd/825/2049 close blk: backend at /local/domain/0/backend/vbd/825/2051 close blk: backend at /local/domain/0/backend/vbd/825/2064 -- Robin Polak E-Mail: robin.polak at gmail.com V. 917-494-2080 From skreuzer at exit2shell.com Mon Dec 13 15:37:44 2010 From: skreuzer at exit2shell.com (Steven Kreuzer) Date: Mon, 13 Dec 2010 15:37:44 -0500 Subject: [nycbug-talk] Fwd: FreeBSD/EC2 lives! In-Reply-To: <8360C377-840B-4BD2-A83C-3D790FD345FE@khandkar.net> References: <4D066D52.2080100@freebsd.org> <7AC8D32A-0724-45A4-B46E-1190290A6BDC@exit2shell.com> <25F11BC6-4242-4CC0-B174-FC6EB2F5654A@khandkar.net> <62DC44E2-943B-41F3-B2FB-A406EA09BA81@khandkar.net> <8360C377-840B-4BD2-A83C-3D790FD345FE@khandkar.net> Message-ID: <8EAFE7D7-B743-4D8C-A7CE-A186337146B2@exit2shell.com> On Dec 13, 2010, at 3:32 PM, Siraaj Khandkar wrote: > On 13 Dec 2010, at 15:15, Chris Snyder wrote: > >> On Mon, Dec 13, 2010 at 3:08 PM, Siraaj Khandkar wrote: >> >>> It's a bit lengthy, so I attached it. >> >> Mystery why you can't connect, there are no obvious startup failures >> or kernel panics, which is usually what you see when you can't connect >> to a linux instance. >> You are connecting as root, using the correct key for authentication? > > OK. Problem solved. The default filter group didn't quite behave as > I expected (haven't used it prior). > > I relaunched it with a new group and all is good now! In case anyone else runs into this issue, when it asks you to assign a security group to the instance, ssh isn't open by default. Once you add that, you will be able to login as root with the ssh key that you generate when you bring the instance online For those that are interested: ip-10-203-34-197# uname -a FreeBSD ip-10-203-34-197 9.0-CURRENT FreeBSD 9.0-CURRENT #68: Sun Dec 12 03:52:29 UTC 2010 root at chch.daemonology.net:/usr/obj/i386.i386/usr/src/sys/XEN i386 ip-10-203-34-197# dmesg APIC: Using the MPTable enumerator. SMP: Added CPU 0 (BSP) Copyright (c) 1992-2010 The FreeBSD Project. Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994 The Regents of the University of California. All rights reserved. FreeBSD is a registered trademark of The FreeBSD Foundation. FreeBSD 9.0-CURRENT #68: Sun Dec 12 03:52:29 UTC 2010 root at chch.daemonology.net:/usr/obj/i386.i386/usr/src/sys/XEN i386 WARNING: WITNESS option enabled, expect reduced performance. Xen reported: 2659.998 MHz processor. Timecounter "ixen" frequency 1953125 Hz quality 0 CPU: Intel(R) Xeon(R) CPU E5430 @ 2.66GHz (2660.00-MHz 686-class CPU) Origin = "GenuineIntel" Id = 0x1067a Family = 6 Model = 17 Stepping = 10 Features=0xbfe3fbff Features2=0x40ce3bd AMD Features=0x20100000 AMD Features2=0x1 Instruction TLB: 4 KB Pages, 4-way set associative, 128 entries 1st-level instruction cache: 32 KB, 8-way set associative, 64 byte line size 1st-level data cache: 32 KB, 8-way set associative, 64 byte line size L2 cache: 6144 kbytes, 16-way associative, 64 bytes/line real memory = 644874240 (615 MB) Physical memory chunk(s): 0x00000000007d0000 - 0x0000000025b4dfff, 624418816 bytes (152446 pages) avail memory = 621105152 (592 MB) [XEN] IPI cpu=0 irq=128 vector=RESCHEDULE_VECTOR (0) [XEN] IPI cpu=0 irq=129 vector=CALL_FUNCTION_VECTOR (1) Event-channel device installed. random: io: mem: Pentium Pro MTRR support enabled null: nfslock: pseudo-device [XEN] xen_rtc_probe: probing Hypervisor RTC clock rtc0: on motherboard [XEN] xen_rtc_attach: attaching Hypervisor RTC clock rtc0: registered as a time-of-day clock (resolution 1000000us, adjustment 0.500000000s) xs_probe: Probe retuns 0 xenstore0: on motherboard Grant table initialized xc0: on motherboard Device configuration finished. procfs registered Timecounters tick every 10.000 msec [XEN] hypervisor wallclock nudged; nudging TOD. lo0: bpf attached xenbusb_front0: on xenstore0 xn0: at device/vif/0 on xenbusb_front0 xn0: bpf attached xn0: Ethernet address: 12:31:3b:09:21:37 xenbusb_back0: on xenstore0 xctrl0: on xenstore0 xbd0: 1024MB at device/vbd/2049 on xenbusb_front0 xbd0: attaching as da0 GEOM: new disk da0 xbd1: 9216MB at device/vbd/2064 on xenbusb_front0 xbd1: attaching as da1 WARNING: WITNESS option enabled, expect reduced performance. GEOM: new disk da1 Trying to mount root from ufs:da1s1 []... rtc0: [XEN] xen_rtc_gettime rtc0: [XEN] xen_rtc_gettime: wallclock 1285664218 sec; 526376574 nsec rtc0: [XEN] xen_rtc_gettime: uptime 6607083 sec; 790764218 nsec rtc0: [XEN] xen_rtc_gettime: TOD 1292271302 sec; 317140792 nsec start_init: trying /sbin/init From siraaj at khandkar.net Mon Dec 13 15:47:36 2010 From: siraaj at khandkar.net (Siraaj Khandkar) Date: Mon, 13 Dec 2010 15:47:36 -0500 Subject: [nycbug-talk] Fwd: FreeBSD/EC2 lives! In-Reply-To: <8EAFE7D7-B743-4D8C-A7CE-A186337146B2@exit2shell.com> References: <4D066D52.2080100@freebsd.org> <7AC8D32A-0724-45A4-B46E-1190290A6BDC@exit2shell.com> <25F11BC6-4242-4CC0-B174-FC6EB2F5654A@khandkar.net> <62DC44E2-943B-41F3-B2FB-A406EA09BA81@khandkar.net> <8360C377-840B-4BD2-A83C-3D790FD345FE@khandkar.net> <8EAFE7D7-B743-4D8C-A7CE-A186337146B2@exit2shell.com> Message-ID: <60794892-0B7A-4434-B710-D89B26C99110@khandkar.net> On 13 Dec 2010, at 15:37, Steven Kreuzer wrote: > > On Dec 13, 2010, at 3:32 PM, Siraaj Khandkar wrote: > >> >> OK. Problem solved. The default filter group didn't quite behave as >> I expected (haven't used it prior). >> >> I relaunched it with a new group and all is good now! > > In case anyone else runs into this issue, when it asks you to assign a security group to the instance, ssh isn't open by default. Yeah, it reads like it opens everything from 0-65535, but to 'default group' source. Changing the source to '0.0.0.0/0' opens to all. I'll dump dmesg to nycbug.org :-) -- Siraaj Khandkar http://twitter.com/IbnFirnas From mterenzio at gmail.com Mon Dec 13 17:38:27 2010 From: mterenzio at gmail.com (Matt) Date: Mon, 13 Dec 2010 17:38:27 -0500 Subject: [nycbug-talk] Fwd: FreeBSD/EC2 lives! In-Reply-To: <60794892-0B7A-4434-B710-D89B26C99110@khandkar.net> References: <4D066D52.2080100@freebsd.org> <7AC8D32A-0724-45A4-B46E-1190290A6BDC@exit2shell.com> <25F11BC6-4242-4CC0-B174-FC6EB2F5654A@khandkar.net> <62DC44E2-943B-41F3-B2FB-A406EA09BA81@khandkar.net> <8360C377-840B-4BD2-A83C-3D790FD345FE@khandkar.net> <8EAFE7D7-B743-4D8C-A7CE-A186337146B2@exit2shell.com> <60794892-0B7A-4434-B710-D89B26C99110@khandkar.net> Message-ID: <4966CF9B-2DB8-46B0-AE40-E4FDA75685B8@gmail.com> I'm so psyched. Thanks to everyone that made this possible! On Dec 13, 2010, at 3:47 PM, Siraaj Khandkar wrote: > On 13 Dec 2010, at 15:37, Steven Kreuzer wrote: >> >> On Dec 13, 2010, at 3:32 PM, Siraaj Khandkar wrote: >> >>> >>> OK. Problem solved. The default filter group didn't quite behave as >>> I expected (haven't used it prior). >>> >>> I relaunched it with a new group and all is good now! >> >> In case anyone else runs into this issue, when it asks you to assign a security group to the instance, ssh isn't open by default. > > Yeah, it reads like it opens everything from 0-65535, but to 'default > group' source. Changing the source to '0.0.0.0/0' opens to all. > > I'll dump dmesg to nycbug.org :-) > > -- > Siraaj Khandkar > http://twitter.com/IbnFirnas > _______________________________________________ > talk mailing list > talk at lists.nycbug.org > http://lists.nycbug.org/mailman/listinfo/talk From siraaj at khandkar.net Tue Dec 14 22:03:55 2010 From: siraaj at khandkar.net (Siraaj Khandkar) Date: Tue, 14 Dec 2010 22:03:55 -0500 Subject: [nycbug-talk] Fwd: Allegations regarding OpenBSD IPSEC References: <201012142118.oBELIRnH002826@cvs.openbsd.org> Message-ID: <3D6CC504-B3D6-46F0-B41C-8694100741C2@khandkar.net> Anyone else noticed this? Any thoughts? Begin forwarded message: > From: Theo de Raadt > Date: 14 December 2010 16:18:27 EST > To: security-announce at openbsd.org > Subject: Allegations regarding OpenBSD IPSEC > > I have received a mail regarding the early development of the OpenBSD > IPSEC stack. It is alleged that some ex-developers (and the company > they worked for) accepted US government money to put backdoors into > our network stack, in particular the IPSEC stack. Around 2000-2001. > > Since we had the first IPSEC stack available for free, large parts of > the code are now found in many other projects/products. Over 10 > years, the IPSEC code has gone through many changes and fixes, so it > is unclear what the true impact of these allegations are. > > The mail came in privately from a person I have not talked to for > nearly 10 years. I refuse to become part of such a conspiracy, and > will not be talking to Gregory Perry about this. Therefore I am > making it public so that > (a) those who use the code can audit it for these problems, > (b) those that are angry at the story can take other actions, > (c) if it is not true, those who are being accused can defend themselves. > > Of course I don't like it when my private mail is forwarded. However > the "little ethic" of a private mail being forwarded is much smaller > than the "big ethic" of government paying companies to pay open source > developers (a member of a community-of-friends) to insert > privacy-invading holes in software. > > ---- > > From: Gregory Perry > To: "deraadt at openbsd.org" > Subject: OpenBSD Crypto Framework > Thread-Topic: OpenBSD Crypto Framework > Thread-Index: AcuZjuF6cT4gcSmqQv+Fo3/+2m80eg== > Date: Sat, 11 Dec 2010 23:55:25 +0000 > Message-ID: <8D3222F9EB68474DA381831A120B1023019AC034 at mbx021-e2-nj-5.exch021.domain.local> > Accept-Language: en-US > Content-Language: en-US > X-MS-Has-Attach: > X-MS-TNEF-Correlator: > Content-Type: text/plain; charset="iso-8859-1" > Content-Transfer-Encoding: quoted-printable > MIME-Version: 1.0 > Status: RO > > Hello Theo, > > Long time no talk. If you will recall, a while back I was the CTO at > NETSEC and arranged funding and donations for the OpenBSD Crypto > Framework. At that same time I also did some consulting for the FBI, > for their GSA Technical Support Center, which was a cryptologic > reverse engineering project aimed at backdooring and implementing key > escrow mechanisms for smart card and other hardware-based computing > technologies. > > My NDA with the FBI has recently expired, and I wanted to make you > aware of the fact that the FBI implemented a number of backdoors and > side channel key leaking mechanisms into the OCF, for the express > purpose of monitoring the site to site VPN encryption system > implemented by EOUSA, the parent organization to the FBI. Jason > Wright and several other developers were responsible for those > backdoors, and you would be well advised to review any and all code > commits by Wright as well as the other developers he worked with > originating from NETSEC. > > This is also probably the reason why you lost your DARPA funding, they > more than likely caught wind of the fact that those backdoors were > present and didn't want to create any derivative products based upon > the same. > > This is also why several inside FBI folks have been recently > advocating the use of OpenBSD for VPN and firewalling implementations > in virtualized environments, for example Scott Lowe is a well > respected author in virtualization circles who also happens top be on > the FBI payroll, and who has also recently published several tutorials > for the use of OpenBSD VMs in enterprise VMware vSphere deployments. > > Merry Christmas... > > Gregory Perry > Chief Executive Officer > GoVirtual Education > > "VMware Training Products & Services" > > 540-645-6955 x111 (local) > 866-354-7369 x111 (toll free) > 540-931-9099 (mobile) > 877-648-0555 (fax) > > http://www.facebook.com/GregoryVPerry > http://www.facebook.com/GoVirtual From pete at nomadlogic.org Tue Dec 14 22:11:42 2010 From: pete at nomadlogic.org (Pete Wright) Date: Wed, 15 Dec 2010 03:11:42 +0000 Subject: [nycbug-talk] Fwd: Allegations regarding OpenBSD IPSEC In-Reply-To: <3D6CC504-B3D6-46F0-B41C-8694100741C2@khandkar.net> References: <201012142118.oBELIRnH002826@cvs.openbsd.org> <3D6CC504-B3D6-46F0-B41C-8694100741C2@khandkar.net> Message-ID: <20101215031138.GI91348@pv.nomadlogic.org> On Tue, Dec 14, 2010 at 10:03:55PM -0500, Siraaj Khandkar wrote: > Anyone else noticed this? Any thoughts? > I was thinking about this since reading the mail, and at this point I really don't know what to think - aside from the fact that thank god the code is open and available for review. Hopefully someone has the resources to go through the commit logs (like bob beck mentions in the followup to this post) during the time to do an audit of this code. as far as the whole "US govt pushing openbsd and virtual ipsec devices" theory - I'm not really buying it (and probably being naive for doing so). -pete > > Begin forwarded message: > > > From: Theo de Raadt > > Date: 14 December 2010 16:18:27 EST > > To: security-announce at openbsd.org > > Subject: Allegations regarding OpenBSD IPSEC > > > > I have received a mail regarding the early development of the OpenBSD > > IPSEC stack. It is alleged that some ex-developers (and the company > > they worked for) accepted US government money to put backdoors into > > our network stack, in particular the IPSEC stack. Around 2000-2001. > > > > Since we had the first IPSEC stack available for free, large parts of > > the code are now found in many other projects/products. Over 10 > > years, the IPSEC code has gone through many changes and fixes, so it > > is unclear what the true impact of these allegations are. > > > > The mail came in privately from a person I have not talked to for > > nearly 10 years. I refuse to become part of such a conspiracy, and > > will not be talking to Gregory Perry about this. Therefore I am > > making it public so that > > (a) those who use the code can audit it for these problems, > > (b) those that are angry at the story can take other actions, > > (c) if it is not true, those who are being accused can defend themselves. > > > > Of course I don't like it when my private mail is forwarded. However > > the "little ethic" of a private mail being forwarded is much smaller > > than the "big ethic" of government paying companies to pay open source > > developers (a member of a community-of-friends) to insert > > privacy-invading holes in software. > > > > ---- > > > > From: Gregory Perry > > To: "deraadt at openbsd.org" > > Subject: OpenBSD Crypto Framework > > Thread-Topic: OpenBSD Crypto Framework > > Thread-Index: AcuZjuF6cT4gcSmqQv+Fo3/+2m80eg== > > Date: Sat, 11 Dec 2010 23:55:25 +0000 > > Message-ID: <8D3222F9EB68474DA381831A120B1023019AC034 at mbx021-e2-nj-5.exch021.domain.local> > > Accept-Language: en-US > > Content-Language: en-US > > X-MS-Has-Attach: > > X-MS-TNEF-Correlator: > > Content-Type: text/plain; charset="iso-8859-1" > > Content-Transfer-Encoding: quoted-printable > > MIME-Version: 1.0 > > Status: RO > > > > Hello Theo, > > > > Long time no talk. If you will recall, a while back I was the CTO at > > NETSEC and arranged funding and donations for the OpenBSD Crypto > > Framework. At that same time I also did some consulting for the FBI, > > for their GSA Technical Support Center, which was a cryptologic > > reverse engineering project aimed at backdooring and implementing key > > escrow mechanisms for smart card and other hardware-based computing > > technologies. > > > > My NDA with the FBI has recently expired, and I wanted to make you > > aware of the fact that the FBI implemented a number of backdoors and > > side channel key leaking mechanisms into the OCF, for the express > > purpose of monitoring the site to site VPN encryption system > > implemented by EOUSA, the parent organization to the FBI. Jason > > Wright and several other developers were responsible for those > > backdoors, and you would be well advised to review any and all code > > commits by Wright as well as the other developers he worked with > > originating from NETSEC. > > > > This is also probably the reason why you lost your DARPA funding, they > > more than likely caught wind of the fact that those backdoors were > > present and didn't want to create any derivative products based upon > > the same. > > > > This is also why several inside FBI folks have been recently > > advocating the use of OpenBSD for VPN and firewalling implementations > > in virtualized environments, for example Scott Lowe is a well > > respected author in virtualization circles who also happens top be on > > the FBI payroll, and who has also recently published several tutorials > > for the use of OpenBSD VMs in enterprise VMware vSphere deployments. > > > > Merry Christmas... > > > > Gregory Perry > > Chief Executive Officer > > GoVirtual Education > > > > "VMware Training Products & Services" > > > > 540-645-6955 x111 (local) > > 866-354-7369 x111 (toll free) > > 540-931-9099 (mobile) > > 877-648-0555 (fax) > > > > http://www.facebook.com/GregoryVPerry > > http://www.facebook.com/GoVirtual > _______________________________________________ > talk mailing list > talk at lists.nycbug.org > http://lists.nycbug.org/mailman/listinfo/talk -- Pete Wright pete at nomadlogic.org From jason at dixongroup.net Tue Dec 14 22:09:10 2010 From: jason at dixongroup.net (Jason Dixon) Date: Tue, 14 Dec 2010 22:09:10 -0500 Subject: [nycbug-talk] Fwd: Allegations regarding OpenBSD IPSEC In-Reply-To: <3D6CC504-B3D6-46F0-B41C-8694100741C2@khandkar.net> References: <201012142118.oBELIRnH002826@cvs.openbsd.org> <3D6CC504-B3D6-46F0-B41C-8694100741C2@khandkar.net> Message-ID: <20101215030910.GD14661@dixongroup.net> My thoughts: http://obfuscurity.com/2010/12/Deconstructing-the-OpenBSD-IPsec-Rumors -J. On Tue, Dec 14, 2010 at 10:03:55PM -0500, Siraaj Khandkar wrote: > Anyone else noticed this? Any thoughts? > > > Begin forwarded message: > > > From: Theo de Raadt > > Date: 14 December 2010 16:18:27 EST > > To: security-announce at openbsd.org > > Subject: Allegations regarding OpenBSD IPSEC > > > > I have received a mail regarding the early development of the OpenBSD > > IPSEC stack. It is alleged that some ex-developers (and the company > > they worked for) accepted US government money to put backdoors into > > our network stack, in particular the IPSEC stack. Around 2000-2001. > > > > Since we had the first IPSEC stack available for free, large parts of > > the code are now found in many other projects/products. Over 10 > > years, the IPSEC code has gone through many changes and fixes, so it > > is unclear what the true impact of these allegations are. > > > > The mail came in privately from a person I have not talked to for > > nearly 10 years. I refuse to become part of such a conspiracy, and > > will not be talking to Gregory Perry about this. Therefore I am > > making it public so that > > (a) those who use the code can audit it for these problems, > > (b) those that are angry at the story can take other actions, > > (c) if it is not true, those who are being accused can defend themselves. > > > > Of course I don't like it when my private mail is forwarded. However > > the "little ethic" of a private mail being forwarded is much smaller > > than the "big ethic" of government paying companies to pay open source > > developers (a member of a community-of-friends) to insert > > privacy-invading holes in software. > > > > ---- > > > > From: Gregory Perry > > To: "deraadt at openbsd.org" > > Subject: OpenBSD Crypto Framework > > Thread-Topic: OpenBSD Crypto Framework > > Thread-Index: AcuZjuF6cT4gcSmqQv+Fo3/+2m80eg== > > Date: Sat, 11 Dec 2010 23:55:25 +0000 > > Message-ID: <8D3222F9EB68474DA381831A120B1023019AC034 at mbx021-e2-nj-5.exch021.domain.local> > > Accept-Language: en-US > > Content-Language: en-US > > X-MS-Has-Attach: > > X-MS-TNEF-Correlator: > > Content-Type: text/plain; charset="iso-8859-1" > > Content-Transfer-Encoding: quoted-printable > > MIME-Version: 1.0 > > Status: RO > > > > Hello Theo, > > > > Long time no talk. If you will recall, a while back I was the CTO at > > NETSEC and arranged funding and donations for the OpenBSD Crypto > > Framework. At that same time I also did some consulting for the FBI, > > for their GSA Technical Support Center, which was a cryptologic > > reverse engineering project aimed at backdooring and implementing key > > escrow mechanisms for smart card and other hardware-based computing > > technologies. > > > > My NDA with the FBI has recently expired, and I wanted to make you > > aware of the fact that the FBI implemented a number of backdoors and > > side channel key leaking mechanisms into the OCF, for the express > > purpose of monitoring the site to site VPN encryption system > > implemented by EOUSA, the parent organization to the FBI. Jason > > Wright and several other developers were responsible for those > > backdoors, and you would be well advised to review any and all code > > commits by Wright as well as the other developers he worked with > > originating from NETSEC. > > > > This is also probably the reason why you lost your DARPA funding, they > > more than likely caught wind of the fact that those backdoors were > > present and didn't want to create any derivative products based upon > > the same. > > > > This is also why several inside FBI folks have been recently > > advocating the use of OpenBSD for VPN and firewalling implementations > > in virtualized environments, for example Scott Lowe is a well > > respected author in virtualization circles who also happens top be on > > the FBI payroll, and who has also recently published several tutorials > > for the use of OpenBSD VMs in enterprise VMware vSphere deployments. > > > > Merry Christmas... > > > > Gregory Perry > > Chief Executive Officer > > GoVirtual Education > > > > "VMware Training Products & Services" > > > > 540-645-6955 x111 (local) > > 866-354-7369 x111 (toll free) > > 540-931-9099 (mobile) > > 877-648-0555 (fax) > > > > http://www.facebook.com/GregoryVPerry > > http://www.facebook.com/GoVirtual > _______________________________________________ > talk mailing list > talk at lists.nycbug.org > http://lists.nycbug.org/mailman/listinfo/talk -- Jason Dixon DixonGroup Consulting http://www.dixongroup.net/ From mark.saad at ymail.com Tue Dec 14 22:20:16 2010 From: mark.saad at ymail.com (Mark Saad) Date: Tue, 14 Dec 2010 22:20:16 -0500 Subject: [nycbug-talk] Fwd: Allegations regarding OpenBSD IPSEC In-Reply-To: <3D6CC504-B3D6-46F0-B41C-8694100741C2@khandkar.net> References: <201012142118.oBELIRnH002826@cvs.openbsd.org> <3D6CC504-B3D6-46F0-B41C-8694100741C2@khandkar.net> Message-ID: handkar wrote: > Anyone else noticed this? Any thoughts? > > http://cm.bell-labs.com/who/ken/trust.html > Begin forwarded message: > >> From: Theo de Raadt >> Date: 14 December 2010 16:18:27 EST >> To: security-announce at openbsd.org >> Subject: Allegations regarding OpenBSD IPSEC >> >> I have received a mail regarding the early development of the OpenBSD >> IPSEC stack. ?It is alleged that some ex-developers (and the company >> they worked for) accepted US government money to put backdoors into >> our network stack, in particular the IPSEC stack. ?Around 2000-2001. >> >> Since we had the first IPSEC stack available for free, large parts of >> the code are now found in many other projects/products. ?Over 10 >> years, the IPSEC code has gone through many changes and fixes, so it >> is unclear what the true impact of these allegations are. >> >> The mail came in privately from a person I have not talked to for >> nearly 10 years. ?I refuse to become part of such a conspiracy, and >> will not be talking to Gregory Perry about this. ?Therefore I am >> making it public so that >> ? ?(a) those who use the code can audit it for these problems, >> ? ?(b) those that are angry at the story can take other actions, >> ? ?(c) if it is not true, those who are being accused can defend themselves. >> >> Of course I don't like it when my private mail is forwarded. ?However >> the "little ethic" of a private mail being forwarded is much smaller >> than the "big ethic" of government paying companies to pay open source >> developers (a member of a community-of-friends) to insert >> privacy-invading holes in software. >> >> ---- >> >> From: Gregory Perry >> To: "deraadt at openbsd.org" >> Subject: OpenBSD Crypto Framework >> Thread-Topic: OpenBSD Crypto Framework >> Thread-Index: AcuZjuF6cT4gcSmqQv+Fo3/+2m80eg== >> Date: Sat, 11 Dec 2010 23:55:25 +0000 >> Message-ID: <8D3222F9EB68474DA381831A120B1023019AC034 at mbx021-e2-nj-5.exch021.domain.local> >> Accept-Language: en-US >> Content-Language: en-US >> X-MS-Has-Attach: >> X-MS-TNEF-Correlator: >> Content-Type: text/plain; charset="iso-8859-1" >> Content-Transfer-Encoding: quoted-printable >> MIME-Version: 1.0 >> Status: RO >> >> Hello Theo, >> >> Long time no talk. ?If you will recall, a while back I was the CTO at >> NETSEC and arranged funding and donations for the OpenBSD Crypto >> Framework. ?At that same time I also did some consulting for the FBI, >> for their GSA Technical Support Center, which was a cryptologic >> reverse engineering project aimed at backdooring and implementing key >> escrow mechanisms for smart card and other hardware-based computing >> technologies. >> >> My NDA with the FBI has recently expired, and I wanted to make you >> aware of the fact that the FBI implemented a number of backdoors and >> side channel key leaking mechanisms into the OCF, for the express >> purpose of monitoring the site to site VPN encryption system >> implemented by EOUSA, the parent organization to the FBI. ?Jason >> Wright and several other developers were responsible for those >> backdoors, and you would be well advised to review any and all code >> commits by Wright as well as the other developers he worked with >> originating from NETSEC. >> >> This is also probably the reason why you lost your DARPA funding, they >> more than likely caught wind of the fact that those backdoors were >> present and didn't want to create any derivative products based upon >> the same. >> >> This is also why several inside FBI folks have been recently >> advocating the use of OpenBSD for VPN and firewalling implementations >> in virtualized environments, for example Scott Lowe is a well >> respected author in virtualization circles who also happens top be on >> the FBI payroll, and who has also recently published several tutorials >> for the use of OpenBSD VMs in enterprise VMware vSphere deployments. >> >> Merry Christmas... >> >> Gregory Perry >> Chief Executive Officer >> GoVirtual Education >> >> "VMware Training Products & Services" >> Why are his phone numbers in here? >> 540-645-6955 x111 (local) >> 866-354-7369 x111 (toll free) >> 540-931-9099 (mobile) >> 877-648-0555 (fax) >> >> http://www.facebook.com/GregoryVPerry Also a fun read as it has his personal phooooooooooooooooooooooooooooooooooooooooooooooooooooooo >> http://www.facebook.com/GoVirtual > _______________________________________________ > talk mailing list > talk at lists.nycbug.org > http://lists.nycbug.org/mailman/listinfo/talk > -- mark saad | nonesuch at longcount.org From george at ceetonetechnology.com Tue Dec 14 23:11:41 2010 From: george at ceetonetechnology.com (George Rosamond) Date: Tue, 14 Dec 2010 23:11:41 -0500 Subject: [nycbug-talk] Fwd: Allegations regarding OpenBSD IPSEC In-Reply-To: References: <201012142118.oBELIRnH002826@cvs.openbsd.org> <3D6CC504-B3D6-46F0-B41C-8694100741C2@khandkar.net> Message-ID: <4D083FFD.5020209@ceetonetechnology.com> On 12/14/10 22:20, Mark Saad wrote: > handkar wrote: >> Anyone else noticed this? Any thoughts? >> >> > http://cm.bell-labs.com/who/ken/trust.html cool. More below. > >> Begin forwarded message: >> >>> From: Theo de Raadt >>> Date: 14 December 2010 16:18:27 EST >>> To: security-announce at openbsd.org >>> Subject: Allegations regarding OpenBSD IPSEC >>> >>> I have received a mail regarding the early development of the OpenBSD >>> IPSEC stack. It is alleged that some ex-developers (and the company >>> they worked for) accepted US government money to put backdoors into >>> our network stack, in particular the IPSEC stack. Around 2000-2001. >>> >>> Since we had the first IPSEC stack available for free, large parts of >>> the code are now found in many other projects/products. Over 10 >>> years, the IPSEC code has gone through many changes and fixes, so it >>> is unclear what the true impact of these allegations are. >>> >>> The mail came in privately from a person I have not talked to for >>> nearly 10 years. I refuse to become part of such a conspiracy, and >>> will not be talking to Gregory Perry about this. Therefore I am >>> making it public so that >>> (a) those who use the code can audit it for these problems, >>> (b) those that are angry at the story can take other actions, >>> (c) if it is not true, those who are being accused can defend themselves. >>> >>> Of course I don't like it when my private mail is forwarded. However >>> the "little ethic" of a private mail being forwarded is much smaller >>> than the "big ethic" of government paying companies to pay open source >>> developers (a member of a community-of-friends) to insert >>> privacy-invading holes in software. >>> >>> ---- >>> >>> From: Gregory Perry >>> To: "deraadt at openbsd.org" >>> Subject: OpenBSD Crypto Framework >>> Thread-Topic: OpenBSD Crypto Framework >>> Thread-Index: AcuZjuF6cT4gcSmqQv+Fo3/+2m80eg== >>> Date: Sat, 11 Dec 2010 23:55:25 +0000 >>> Message-ID:<8D3222F9EB68474DA381831A120B1023019AC034 at mbx021-e2-nj-5.exch021.domain.local> >>> Accept-Language: en-US >>> Content-Language: en-US >>> X-MS-Has-Attach: >>> X-MS-TNEF-Correlator: >>> Content-Type: text/plain; charset="iso-8859-1" >>> Content-Transfer-Encoding: quoted-printable >>> MIME-Version: 1.0 >>> Status: RO >>> >>> Hello Theo, >>> >>> Long time no talk. If you will recall, a while back I was the CTO at >>> NETSEC and arranged funding and donations for the OpenBSD Crypto >>> Framework. At that same time I also did some consulting for the FBI, >>> for their GSA Technical Support Center, which was a cryptologic >>> reverse engineering project aimed at backdooring and implementing key >>> escrow mechanisms for smart card and other hardware-based computing >>> technologies. >>> >>> My NDA with the FBI has recently expired, and I wanted to make you >>> aware of the fact that the FBI implemented a number of backdoors and >>> side channel key leaking mechanisms into the OCF, for the express >>> purpose of monitoring the site to site VPN encryption system >>> implemented by EOUSA, the parent organization to the FBI. Jason >>> Wright and several other developers were responsible for those >>> backdoors, and you would be well advised to review any and all code >>> commits by Wright as well as the other developers he worked with >>> originating from NETSEC. >>> >>> This is also probably the reason why you lost your DARPA funding, they >>> more than likely caught wind of the fact that those backdoors were >>> present and didn't want to create any derivative products based upon >>> the same. >>> >>> This is also why several inside FBI folks have been recently >>> advocating the use of OpenBSD for VPN and firewalling implementations >>> in virtualized environments, for example Scott Lowe is a well >>> respected author in virtualization circles who also happens top be on >>> the FBI payroll, and who has also recently published several tutorials >>> for the use of OpenBSD VMs in enterprise VMware vSphere deployments. >>> >>> Merry Christmas... >>> >>> Gregory Perry >>> Chief Executive Officer >>> GoVirtual Education >>> >>> "VMware Training Products& Services" >>> > > Why are his phone numbers in here? maybe since it *was* a private email? I'm more curious about the Facebook. > >>> 540-645-6955 x111 (local) >>> 866-354-7369 x111 (toll free) >>> 540-931-9099 (mobile) >>> 877-648-0555 (fax) >>> > > >>> http://www.facebook.com/GregoryVPerry > Also a fun read as it has his personal > phooooooooooooooooooooooooooooooooooooooooooooooooooooooo > >>> http://www.facebook.com/GoVirtual Something really stinks about this whole thing. Does anyone remember the last time a law enforcement agency had someone sign a 10 year NDA on a backdoor? "Oh, times up, I can post it on Facebook now. Cool." Maybe he was being "outed" on Wikileaks. Yet another connection. As mentioned by Beck, the binary driver issue certainly seems like a very relevant follow-up. g From compustretch at gmail.com Wed Dec 15 14:04:04 2010 From: compustretch at gmail.com (forest mars) Date: Wed, 15 Dec 2010 14:04:04 -0500 Subject: [nycbug-talk] OpenBSD ipsec FBI backdoor (was: The BSD Connection) Message-ID: BSD, Wikileaks, and now Gregory Perry's revelations are seeing the light of day: http://arstechnica.com/open-source/news/2010/12/fbi-accused-of-planting-backdoor-in-openbsd-ipsec-stack.ars Of course this ipsec rabbit hole would seem to go a lot deeper than Julian lurking on the NetBSD list... cheers, Forest Mars On Fri, Dec 10, 2010 at 4:27 PM, George Rosamond < george at ceetonetechnology.com> wrote: > Okay, it had to happen sooner or later. . . > > But apparently there is a pretty significant connection between the BSDs > and Wikileaks. > > http://blather.michaelwlucas.com/?p=443 > > -- -- "In theory, theory and practice are exactly the same. In practice, they're completely different." ------------------------------------------------------------------ This email is: [ ] private: do not forward [ x ] o.k. to forward [ ] o.k. to blog [ ] ask first -----BEGIN PGP SIGNATURE----- Version: PGPsdk version 1.7.1 (C) 1997-1999 Network Associates, Inc. and its affiliated companies. (Diffie-Helman/DSS-only version) iQA/AwUBRkjTLDbz7LySoccvEQJDcQCguZZj4M4kOVOlOX4CtbgR0rppsdovAjra 3RRXIlkdzuYI0YJz4WyvKlTn =MLhk -----END PGP SIGNATURE----- ------------------------------------------------------------------ The New TLDs are Here! Switch to Name.Space: http://namespace.org/switch Support new domains & keep free media free! Register yours today! https://secure.name-space.com/registry -------------- next part -------------- An HTML attachment was scrubbed... URL: From spork at bway.net Wed Dec 15 14:31:51 2010 From: spork at bway.net (Charles Sprickman) Date: Wed, 15 Dec 2010 14:31:51 -0500 (EST) Subject: [nycbug-talk] OpenBSD ipsec FBI backdoor (was: The BSD Connection) In-Reply-To: References: Message-ID: On Wed, 15 Dec 2010, forest mars wrote: > BSD, Wikileaks, and now Gregory Perry's revelations are seeing the light of > day: > > http://arstechnica.com/open-source/news/2010/12/fbi-accused-of-planting-backdoor-in-openbsd-ipsec-stack.ars > > Of course this ipsec rabbit hole would seem to go a lot deeper than Julian > lurking on the NetBSD list... Well, on the upside we now know what it takes to get Ryan Paul to write a story about *BSD. :) > cheers, > > Forest Mars > > > On Fri, Dec 10, 2010 at 4:27 PM, George Rosamond < > george at ceetonetechnology.com> wrote: > >> Okay, it had to happen sooner or later. . . >> >> But apparently there is a pretty significant connection between the BSDs >> and Wikileaks. >> >> http://blather.michaelwlucas.com/?p=443 >> >> > > -- > -- > "In theory, theory and practice are exactly the same. > In practice, they're completely different." > ------------------------------------------------------------------ > This email is: > [ ] private: do not forward > [ x ] o.k. to forward > [ ] o.k. to blog > [ ] ask first > -----BEGIN PGP SIGNATURE----- > Version: PGPsdk version 1.7.1 (C) 1997-1999 Network Associates, Inc. and its > affiliated companies. (Diffie-Helman/DSS-only version) > > iQA/AwUBRkjTLDbz7LySoccvEQJDcQCguZZj4M4kOVOlOX4CtbgR0rppsdovAjra > 3RRXIlkdzuYI0YJz4WyvKlTn > =MLhk > -----END PGP SIGNATURE----- > ------------------------------------------------------------------ > The New TLDs are Here! > Switch to Name.Space: http://namespace.org/switch > Support new domains & keep free media free! Register yours today! > https://secure.name-space.com/registry > From jason at dixongroup.net Wed Dec 15 14:33:37 2010 From: jason at dixongroup.net (Jason Dixon) Date: Wed, 15 Dec 2010 14:33:37 -0500 Subject: [nycbug-talk] OpenBSD ipsec FBI backdoor (was: The BSD Connection) In-Reply-To: References: Message-ID: <20101215193337.GJ14661@dixongroup.net> Jason Wright has publicly refuted Greg Perry's claims about his involvement in any OpenBSD IPsec backdoors. http://marc.info/?l=openbsd-tech&m=129244045916861&w=2 -- Jason Dixon DixonGroup Consulting http://www.dixongroup.net/ From ruben at mrbrklyn.com Wed Dec 15 15:01:29 2010 From: ruben at mrbrklyn.com (Ruben Safir) Date: Wed, 15 Dec 2010 15:01:29 -0500 Subject: [nycbug-talk] OpenBSD ipsec FBI backdoor (was: The BSD Connection) In-Reply-To: References: Message-ID: <20101215200129.GA897@www2.mrbrklyn.com> On Wed, Dec 15, 2010 at 02:04:04PM -0500, forest mars wrote: > BSD, Wikileaks, and now Gregory Perry's revelations are seeing the light of > day: > > http://arstechnica.com/open-source/news/2010/12/fbi-accused-of-planting-backdoor-in-openbsd-ipsec-stack.ars > > Of course this ipsec rabbit hole would seem to go a lot deeper than Julian > lurking on the NetBSD list... That is nothing. How about the leaks that show that the Jews actually took down the WTC along with the Bush Family . Cheers > > cheers, > > Forest Mars > > > On Fri, Dec 10, 2010 at 4:27 PM, George Rosamond < > george at ceetonetechnology.com> wrote: > > > Okay, it had to happen sooner or later. . . > > > > But apparently there is a pretty significant connection between the BSDs > > and Wikileaks. > > > > http://blather.michaelwlucas.com/?p=443 > > > > > > -- > -- > "In theory, theory and practice are exactly the same. > In practice, they're completely different." > ------------------------------------------------------------------ > This email is: > [ ] private: do not forward > [ x ] o.k. to forward > [ ] o.k. to blog > [ ] ask first > -----BEGIN PGP SIGNATURE----- > Version: PGPsdk version 1.7.1 (C) 1997-1999 Network Associates, Inc. and its > affiliated companies. (Diffie-Helman/DSS-only version) > > iQA/AwUBRkjTLDbz7LySoccvEQJDcQCguZZj4M4kOVOlOX4CtbgR0rppsdovAjra > 3RRXIlkdzuYI0YJz4WyvKlTn > =MLhk > -----END PGP SIGNATURE----- > ------------------------------------------------------------------ > The New TLDs are Here! > Switch to Name.Space: http://namespace.org/switch > Support new domains & keep free media free! Register yours today! > https://secure.name-space.com/registry > _______________________________________________ > talk mailing list > talk at lists.nycbug.org > http://lists.nycbug.org/mailman/listinfo/talk -- http://www.mrbrklyn.com - Interesting Stuff http://www.nylxs.com - Leadership Development in Free Software So many immigrant groups have swept through our town that Brooklyn, like Atlantis, reaches mythological proportions in the mind of the world - RI Safir 1998 http://fairuse.nylxs.com DRM is THEFT - We are the STAKEHOLDERS - RI Safir 2002 "Yeah - I write Free Software...so SUE ME" "The tremendous problem we face is that we are becoming sharecroppers to our own cultural heritage -- we need the ability to participate in our own society." "> I'm an engineer. I choose the best tool for the job, politics be damned.< You must be a stupid engineer then, because politcs and technology have been attached at the hip since the 1st dynasty in Ancient Egypt. I guess you missed that one." ? Copyright for the Digital Millennium From george at ceetonetechnology.com Wed Dec 15 15:36:19 2010 From: george at ceetonetechnology.com (George Rosamond) Date: Wed, 15 Dec 2010 15:36:19 -0500 Subject: [nycbug-talk] OpenBSD ipsec FBI backdoor (was: The BSD Connection) In-Reply-To: <20101215193337.GJ14661@dixongroup.net> References: <20101215193337.GJ14661@dixongroup.net> Message-ID: <4D0926C3.3010309@ceetonetechnology.com> On 12/15/10 14:33, Jason Dixon wrote: > Jason Wright has publicly refuted Greg Perry's claims about his > involvement in any OpenBSD IPsec backdoors. > > http://marc.info/?l=openbsd-tech&m=129244045916861&w=2 > Poor Jason Wright. Nice mud-throwing there Greggie-boy. One added confusion to this is we have "Jason" Dixon and Pete "Wright" posting on this list. Anyone else catch that? Thread is looking kind of dead now. . . But Michael Lucas' blog, as always, is useful: http://blather.michaelwlucas.com/?p=452 What a great motivation to get more people working on the IPSec code specifically and auditing in general. Maybe we have a meeting on the topic of code auditing. There must be a some useful insight someone could put in a meeting format. g From mwlucas at blackhelicopters.org Wed Dec 15 15:50:31 2010 From: mwlucas at blackhelicopters.org (Michael W. Lucas) Date: Wed, 15 Dec 2010 15:50:31 -0500 Subject: [nycbug-talk] OpenBSD ipsec FBI backdoor (was: The BSD Connection) In-Reply-To: <4D0926C3.3010309@ceetonetechnology.com> References: <20101215193337.GJ14661@dixongroup.net> <4D0926C3.3010309@ceetonetechnology.com> Message-ID: <20101215205031.GA48741@bewilderbeast.blackhelicopters.org> On Wed, Dec 15, 2010 at 03:36:19PM -0500, George Rosamond wrote: > On 12/15/10 14:33, Jason Dixon wrote: > >Jason Wright has publicly refuted Greg Perry's claims about his > >involvement in any OpenBSD IPsec backdoors. > > > >http://marc.info/?l=openbsd-tech&m=129244045916861&w=2 > > > > Poor Jason Wright. Nice mud-throwing there Greggie-boy. > > One added confusion to this is we have "Jason" Dixon and Pete "Wright" > posting on this list. Anyone else catch that? > > Thread is looking kind of dead now. . . > > But Michael Lucas' blog, as always, is useful: > > http://blather.michaelwlucas.com/?p=452 Far more interesting, and motivational, is DES' post: http://maycontaintracesofbolts.blogspot.com/2010/12/openbsd-ipsec-backdoor-allegations.html ==ml PS: George, by repeatedly copying me on messages to the closed talk@ list, has made it clear that he's OK if my head overloads and explodes because I'm subscribed to too many mailing lists. If that happens, you lot know who to blame. I suggest you make him clean up the mess. -- Michael W. Lucas http://www.MichaelWLucas.com/, http://blather.MichaelWLucas.com/ Latest book: Network Flow Analysis http://www.networkflowanalysis.com/ mwlucas at BlackHelicopters.org, Twitter @mwlauthor From mark.saad at ymail.com Wed Dec 15 19:35:14 2010 From: mark.saad at ymail.com (Mark Saad) Date: Wed, 15 Dec 2010 19:35:14 -0500 Subject: [nycbug-talk] OpenBSD ipsec FBI backdoor (was: The BSD Connection) In-Reply-To: <20101215205031.GA48741@bewilderbeast.blackhelicopters.org> References: <20101215193337.GJ14661@dixongroup.net> <4D0926C3.3010309@ceetonetechnology.com> <20101215205031.GA48741@bewilderbeast.blackhelicopters.org> Message-ID: . Lucas wrote: > On Wed, Dec 15, 2010 at 03:36:19PM -0500, George Rosamond wrote: >> On 12/15/10 14:33, Jason Dixon wrote: >> >Jason Wright has publicly refuted Greg Perry's claims about his >> >involvement in any OpenBSD IPsec backdoors. >> > >> >http://marc.info/?l=openbsd-tech&m=129244045916861&w=2 >> > >> >> Poor Jason Wright. ?Nice mud-throwing there Greggie-boy. >> >> One added confusion to this is we have "Jason" Dixon and Pete "Wright" >> posting on this list. ?Anyone else catch that? >> >> Thread is looking kind of dead now. . . >> >> But Michael Lucas' blog, as always, is useful: >> >> http://blather.michaelwlucas.com/?p=452 > > Far more interesting, and motivational, is DES' post: > > http://maycontaintracesofbolts.blogspot.com/2010/12/openbsd-ipsec-backdoor-allegations.html > > ==ml > > PS: George, by repeatedly copying me on messages to the closed talk@ > list, has made it clear that he's OK if my head overloads and explodes > because I'm subscribed to too many mailing lists. ?If that happens, > you lot know who to blame. ?I suggest you make him clean up the mess. > > > -- > Michael W. Lucas > http://www.MichaelWLucas.com/, http://blather.MichaelWLucas.com/ > Latest book: Network Flow Analysis http://www.networkflowanalysis.com/ > mwlucas at BlackHelicopters.org, Twitter @mwlauthor Some further reading I found on osnews.com but it still sounds fud like. http://blogs.csoonline.com/1296/an_fbi_backdoor_in_openbsd -- mark saad | nonesuch at longcount.org From sjt.kar at gmail.com Thu Dec 16 04:34:39 2010 From: sjt.kar at gmail.com (Sujit K M) Date: Thu, 16 Dec 2010 15:04:39 +0530 Subject: [nycbug-talk] OpenBSD ipsec FBI backdoor (was: The BSD Connection) In-Reply-To: References: <20101215193337.GJ14661@dixongroup.net> <4D0926C3.3010309@ceetonetechnology.com> <20101215205031.GA48741@bewilderbeast.blackhelicopters.org> Message-ID: http://marc.info/?l=openbsd-tech&m=129244045916861&w=2 Seems to be a refute. But Neither can I think of any better logic than an denial by the person. Knowing FreeBSD/NetBSD Kernel for a long time I donot think there is any real way to create backdoors than doing it in the kernel. But one way I think there is a real threat to this kind of effort is GNU Tools which can be tuned for better for back doors. But this certainly points to better security reviews with company as well as open source developers. On Thu, Dec 16, 2010 at 6:05 AM, Mark Saad wrote: > . Lucas wrote: >> On Wed, Dec 15, 2010 at 03:36:19PM -0500, George Rosamond wrote: >>> On 12/15/10 14:33, Jason Dixon wrote: >>> >Jason Wright has publicly refuted Greg Perry's claims about his >>> >involvement in any OpenBSD IPsec backdoors. >>> > >>> >http://marc.info/?l=openbsd-tech&m=129244045916861&w=2 >>> > >>> >>> Poor Jason Wright. ?Nice mud-throwing there Greggie-boy. >>> >>> One added confusion to this is we have "Jason" Dixon and Pete "Wright" >>> posting on this list. ?Anyone else catch that? >>> >>> Thread is looking kind of dead now. . . >>> >>> But Michael Lucas' blog, as always, is useful: >>> >>> http://blather.michaelwlucas.com/?p=452 >> >> Far more interesting, and motivational, is DES' post: >> >> http://maycontaintracesofbolts.blogspot.com/2010/12/openbsd-ipsec-backdoor-allegations.html >> >> ==ml >> >> PS: George, by repeatedly copying me on messages to the closed talk@ >> list, has made it clear that he's OK if my head overloads and explodes >> because I'm subscribed to too many mailing lists. ?If that happens, >> you lot know who to blame. ?I suggest you make him clean up the mess. >> >> >> -- >> Michael W. Lucas >> http://www.MichaelWLucas.com/, http://blather.MichaelWLucas.com/ >> Latest book: Network Flow Analysis http://www.networkflowanalysis.com/ >> mwlucas at BlackHelicopters.org, Twitter @mwlauthor > > Some further reading I found on osnews.com but it still sounds fud like. > > http://blogs.csoonline.com/1296/an_fbi_backdoor_in_openbsd > > > > -- > > mark saad | nonesuch at longcount.org > _______________________________________________ > talk mailing list > talk at lists.nycbug.org > http://lists.nycbug.org/mailman/listinfo/talk > -- -- Sujit K M blog(http://kmsujit.blogspot.com/) From pete at nomadlogic.org Thu Dec 16 19:15:38 2010 From: pete at nomadlogic.org (Pete Wright) Date: Fri, 17 Dec 2010 00:15:38 +0000 Subject: [nycbug-talk] ec2 ami's Message-ID: <20101217001533.GD64720@pv.nomadlogic.org> hi all, so i'm winding down a gig right now, and have a little bit of time on my hands and figured this would be a good opportunity to spin up a couple freebsd ec2 AMI's for people to test out. my first though was to create a public AMI with lighttpd and varnish so people who don't alot of time on their hands would be able to easilly test out the new freebsd builds that colin et. al. announced this week. anyone have any other applications that they think would be good to have available for testing? regardless, once i get something up suitable for testing i'll let you all know. -pete -- Pete Wright pete at nomadlogic.org From slynch2112 at me.com Fri Dec 17 07:07:25 2010 From: slynch2112 at me.com (Siobhan Lynch) Date: Fri, 17 Dec 2010 07:07:25 -0500 Subject: [nycbug-talk] ec2 ami's In-Reply-To: <20101217001533.GD64720@pv.nomadlogic.org> References: <20101217001533.GD64720@pv.nomadlogic.org> Message-ID: I would just love a vanilla - no-nonsense ami - I haven't looked to see if there is one yet- but a pristine install all plus ports minus X11 would be amazing. Otherwise - if there already is one and you're building the "standard build" post-install type - then "if you build itl " (with whatever packages you use normally) "they will come" Like a FreeBSD Field of Dreams or more apt: Wayne's World :) -Trish On Dec 16, 2010, at 7:15 PM, pete at nomadlogic.org (Pete Wright) wrote: > hi all, > so i'm winding down a gig right now, and have a little bit of time on my > hands and figured this would be a good opportunity to spin up a couple > freebsd ec2 AMI's for people to test out. > > my first though was to create a public AMI with lighttpd and varnish so > people who don't alot of time on their hands would be able to easilly > test out the new freebsd builds that colin et. al. announced this week. > > anyone have any other applications that they think would be good to have > available for testing? > > regardless, once i get something up suitable for testing i'll let you > all know. > > -pete > > -- > Pete Wright > pete at nomadlogic.org > > _______________________________________________ > talk mailing list > talk at lists.nycbug.org > http://lists.nycbug.org/mailman/listinfo/talk From pete at nomadlogic.org Fri Dec 17 12:31:46 2010 From: pete at nomadlogic.org (Pete Wright) Date: Fri, 17 Dec 2010 09:31:46 -0800 Subject: [nycbug-talk] ec2 ami's In-Reply-To: References: <20101217001533.GD64720@pv.nomadlogic.org> Message-ID: On Dec 17, 2010, at 4:07 AM, Siobhan Lynch wrote: > I would just love a vanilla - no-nonsense ami - I haven't looked to see if there is one yet- but a pristine install all plus ports minus X11 would be amazing. > > Otherwise - if there already is one and you're building the "standard build" post-install type - then "if you build itl > " (with whatever packages you use normally) "they will come" > > Like a FreeBSD Field of Dreams or more apt: Wayne's World :) > Hi Trish - so the default AMI that Colin has provided is a basic 9.0-CURRENT system image (minus ports i'm afraid). but it does work! I got pulled into something last night, but i was pretty much finished creating an AMI for myself that does have ports and sudo pre-installed already (this would be a starting point for setting up AMI's running other 3rd party apps for testing). I'll make that public and post it to talk@ later today hopefully. -pete From pete at nomadlogic.org Fri Dec 17 12:33:03 2010 From: pete at nomadlogic.org (Pete Wright) Date: Fri, 17 Dec 2010 09:33:03 -0800 Subject: [nycbug-talk] ec2 ami's In-Reply-To: <33C9E6D4AA2E9741B021194BBF4AF40D0123F0F6@thehourexchange.thehour.com> References: <20101217001533.GD64720@pv.nomadlogic.org> <33C9E6D4AA2E9741B021194BBF4AF40D0123F0F6@thehourexchange.thehour.com> Message-ID: <5BC10C7B-E363-467C-B440-79AD56586D10@nomadlogic.org> On Dec 17, 2010, at 5:38 AM, Matt Terenzio wrote: > postgresql and php would be nice > > cool! i'll try to get that today! i have traditionally avoided running disk i/o intensive systems on EC2 (like db's for example) - but i bet this would be a good test to see how well 9.0-CURRENT run's on amazon. -pete -------------- next part -------------- An HTML attachment was scrubbed... URL: From siraaj at khandkar.net Fri Dec 17 16:17:43 2010 From: siraaj at khandkar.net (Siraaj Khandkar) Date: Fri, 17 Dec 2010 16:17:43 -0500 Subject: [nycbug-talk] Fwd: Allegations regarding OpenBSD IPSEC In-Reply-To: <20101215031138.GI91348@pv.nomadlogic.org> References: <201012142118.oBELIRnH002826@cvs.openbsd.org> <3D6CC504-B3D6-46F0-B41C-8694100741C2@khandkar.net> <20101215031138.GI91348@pv.nomadlogic.org> Message-ID: On 14 Dec 2010, at 22:11, Pete Wright wrote: > On Tue, Dec 14, 2010 at 10:03:55PM -0500, Siraaj Khandkar wrote: >> Anyone else noticed this? Any thoughts? >> > > I was thinking about this since reading the mail, and at this point I > really don't know what to think - aside from the fact that thank god the > code is open and available for review. Hopefully someone has the > resources to go through the commit logs (like bob beck mentions in the > followup to this post) during the time to do an audit of this code. > > as far as the whole "US govt pushing openbsd and virtual ipsec devices" > theory - I'm not really buying it (and probably being naive for doing so). > My thoughts as well. I have faith in OpenBSD developers, but I'm wondering what will be the publicity impact. May become more difficult convincing bosses/clients to agree to use OpenBSD (or any *BSD) gateways/servers... I really hesitate to say it, but perhaps Perry's email should not have been released so soon, not until some sort of audit took place. But what do I know... Also, will this spill-over to and prompt SELinux scrutiny as well...? -- Siraaj Khandkar http://twitter.com/IbnFirnas From siraaj at khandkar.net Fri Dec 17 16:27:29 2010 From: siraaj at khandkar.net (Siraaj Khandkar) Date: Fri, 17 Dec 2010 16:27:29 -0500 Subject: [nycbug-talk] Fwd: Allegations regarding OpenBSD IPSEC In-Reply-To: References: <201012142118.oBELIRnH002826@cvs.openbsd.org> <3D6CC504-B3D6-46F0-B41C-8694100741C2@khandkar.net> Message-ID: On 14 Dec 2010, at 22:20, Mark Saad wrote: > handkar wrote: >> Anyone else noticed this? Any thoughts? >> >> > http://cm.bell-labs.com/who/ken/trust.html An eye-opening read! I remember first reading it about 10-or-so years ago, but it makes so much more sense now. Thanks for that! > Why are his phone numbers in here? Smells like marketing and suggests possible motives... -- Siraaj Khandkar http://twitter.com/IbnFirnas From siraaj at khandkar.net Fri Dec 17 17:00:14 2010 From: siraaj at khandkar.net (Siraaj Khandkar) Date: Fri, 17 Dec 2010 17:00:14 -0500 Subject: [nycbug-talk] Fwd: Allegations regarding OpenBSD IPSEC In-Reply-To: <4D083FFD.5020209@ceetonetechnology.com> References: <201012142118.oBELIRnH002826@cvs.openbsd.org> <3D6CC504-B3D6-46F0-B41C-8694100741C2@khandkar.net> <4D083FFD.5020209@ceetonetechnology.com> Message-ID: On 14 Dec 2010, at 23:11, George Rosamond wrote: > Something really stinks about this whole thing. > > Does anyone remember the last time a law enforcement agency had someone sign a 10 year NDA on a backdoor? > > "Oh, times up, I can post it on Facebook now. Cool." > > Maybe he was being "outed" on Wikileaks. Yet another connection. Searching the page does indeed reveal a reference to 'Perry': http://wikileaks.2600.com/cable/2010/02/10BERLIN164.html ;) -- Siraaj Khandkar http://twitter.com/IbnFirnas From pete at nomadlogic.org Sat Dec 18 14:44:19 2010 From: pete at nomadlogic.org (Pete Wright) Date: Sat, 18 Dec 2010 19:44:19 +0000 Subject: [nycbug-talk] First Public AMI available for testing Message-ID: <20101218194416.GG64720@pv.nomadlogic.org> Hi All, Just had a chance to test out my first AMI based on Colin's FreeBSD 9.0-Current work. Here is the AMI ID: ami-7a41b713 As per Colin's notes this will only run on a "t1-micro" instance. It works though. In this image I've packaged the following: - sudo - tmux - ports tree give it a spin, and if it looks good I'll build some more! -pete -- Pete Wright pete at nomadlogic.org From pete at nomadlogic.org Sat Dec 18 16:33:51 2010 From: pete at nomadlogic.org (Pete Wright) Date: Sat, 18 Dec 2010 21:33:51 +0000 Subject: [nycbug-talk] First Public AMI available for testing In-Reply-To: <20101218194416.GG64720@pv.nomadlogic.org> References: <20101218194416.GG64720@pv.nomadlogic.org> Message-ID: <20101218213347.GH64720@pv.nomadlogic.org> On Sat, Dec 18, 2010 at 07:44:19PM +0000, Pete Wright wrote: > Hi All, > Just had a chance to test out my first AMI based on Colin's > FreeBSD 9.0-Current work. Here is the AMI ID: > > ami-7a41b713 > > As per Colin's notes this will only run on a "t1-micro" instance. It > works though. In this image I've packaged the following: > > - sudo > - tmux > - ports tree > > give it a spin, and if it looks good I'll build some more! > > -pete > here's one with python27 compiled from ports: ami-c841b7a1 also - here is my EC2 ID which you all can feel free to use to search for AMI's owned by me: 844886073610 have fun! -pete -- Pete Wright pete at nomadlogic.org From mterenzio at gmail.com Sat Dec 18 16:49:19 2010 From: mterenzio at gmail.com (Matthew Terenzio) Date: Sat, 18 Dec 2010 16:49:19 -0500 Subject: [nycbug-talk] First Public AMI available for testing In-Reply-To: <20101218213347.GH64720@pv.nomadlogic.org> References: <20101218194416.GG64720@pv.nomadlogic.org> <20101218213347.GH64720@pv.nomadlogic.org> Message-ID: This is great stuff. Much appreciated. Thanks Pete. On Sat, Dec 18, 2010 at 4:33 PM, Pete Wright wrote: > On Sat, Dec 18, 2010 at 07:44:19PM +0000, Pete Wright wrote: > > Hi All, > > Just had a chance to test out my first AMI based on Colin's > > FreeBSD 9.0-Current work. Here is the AMI ID: > > > > ami-7a41b713 > > > > As per Colin's notes this will only run on a "t1-micro" instance. It > > works though. In this image I've packaged the following: > > > > - sudo > > - tmux > > - ports tree > > > > give it a spin, and if it looks good I'll build some more! > > > > -pete > > > > here's one with python27 compiled from ports: > > ami-c841b7a1 > > also - here is my EC2 ID which you all can feel free to use to search > for AMI's owned by me: > > 844886073610 > > have fun! > > -pete > > -- > Pete Wright > pete at nomadlogic.org > > _______________________________________________ > talk mailing list > talk at lists.nycbug.org > http://lists.nycbug.org/mailman/listinfo/talk > -------------- next part -------------- An HTML attachment was scrubbed... URL: From lists at stringsutils.com Sun Dec 19 11:07:18 2010 From: lists at stringsutils.com (Francisco Reyes) Date: Sun, 19 Dec 2010 11:07:18 -0500 Subject: [nycbug-talk] First Public AMI available for testing References: <20101218194416.GG64720@pv.nomadlogic.org> Message-ID: Pete Wright writes: > Just had a chance to test out my first AMI based on Colin's > FreeBSD 9.0-Current work. Here is the AMI ID: Where can one find instructions on building an AMI for FreeBSD. Is it simmilar to the process on other OSs so one can use the generic instructions at Amazon or was there something spcecial/different needed for FreeBSD? Now that FreeBSD is getting closer to having support in Amazon I think it may be a good time to start taking a look at the amazon cloud. From pete at nomadlogic.org Mon Dec 20 19:17:22 2010 From: pete at nomadlogic.org (Pete Wright) Date: Tue, 21 Dec 2010 00:17:22 +0000 Subject: [nycbug-talk] First Public AMI available for testing In-Reply-To: References: <20101218194416.GG64720@pv.nomadlogic.org> Message-ID: <20101221001719.GJ64720@pv.nomadlogic.org> On Sun, Dec 19, 2010 at 11:07:18AM -0500, Francisco Reyes wrote: > Pete Wright writes: > > >Just had a chance to test out my first AMI based on Colin's > >FreeBSD 9.0-Current work. Here is the AMI ID: > > Where can one find instructions on building an AMI for FreeBSD. Is it > simmilar to the process on other OSs so one can use the generic > instructions at Amazon or was there something spcecial/different needed for > FreeBSD? > > Now that FreeBSD is getting closer to having support in Amazon I think > it may be a good time to start taking a look at the amazon cloud. > Hi Francisco, It is the same method for building any AMI on amazon. The high level overview is: - take an existing AMI (i've been using Colin's freebsd 9-CURRENT) - configure software to suite - follow instructions on building AMI from existing image it's all pretty portable and easy to do! -pete -- Pete Wright pete at nomadlogic.org From mark.saad at ymail.com Wed Dec 22 10:20:05 2010 From: mark.saad at ymail.com (Mark Saad) Date: Wed, 22 Dec 2010 10:20:05 -0500 Subject: [nycbug-talk] OpenBSD ipsec FBI backdoor (was: The BSD Connection) In-Reply-To: References: <20101215193337.GJ14661@dixongroup.net> <4D0926C3.3010309@ceetonetechnology.com> <20101215205031.GA48741@bewilderbeast.blackhelicopters.org> Message-ID: Some new updates > http://marc.info/?l=openbsd-tech&m=129244045916861&w=2 > > Seems to be a refute. But Neither can I think of any better logic than > an denial by > the person. Knowing FreeBSD/NetBSD Kernel for a long time I donot think there is > any real way to create backdoors than doing it in the kernel. But one > way I think there > is a real threat to this kind of effort is GNU Tools which can be > tuned for better for back > doors. > > But this certainly points to better security reviews with company as > well as open > source developers. > > On Thu, Dec 16, 2010 at 6:05 AM, Mark Saad wrote: >> . Lucas wrote: >>> On Wed, Dec 15, 2010 at 03:36:19PM -0500, George Rosamond wrote: >>>> On 12/15/10 14:33, Jason Dixon wrote: >>>> >Jason Wright has publicly refuted Greg Perry's claims about his >>>> >involvement in any OpenBSD IPsec backdoors. >>>> > >>>> >http://marc.info/?l=openbsd-tech&m=129244045916861&w=2 >>>> > >>>> >>>> Poor Jason Wright. ?Nice mud-throwing there Greggie-boy. >>>> >>>> One added confusion to this is we have "Jason" Dixon and Pete "Wright" >>>> posting on this list. ?Anyone else catch that? >>>> >>>> Thread is looking kind of dead now. . . >>>> >>>> But Michael Lucas' blog, as always, is useful: >>>> >>>> http://blather.michaelwlucas.com/?p=452 >>> >>> Far more interesting, and motivational, is DES' post: >>> >>> http://maycontaintracesofbolts.blogspot.com/2010/12/openbsd-ipsec-backdoor-allegations.html >>> >>> ==ml >>> >>> PS: George, by repeatedly copying me on messages to the closed talk@ >>> list, has made it clear that he's OK if my head overloads and explodes >>> because I'm subscribed to too many mailing lists. ?If that happens, >>> you lot know who to blame. ?I suggest you make him clean up the mess. >>> >>> >>> -- >>> Michael W. Lucas >>> http://www.MichaelWLucas.com/, http://blather.MichaelWLucas.com/ >>> Latest book: Network Flow Analysis http://www.networkflowanalysis.com/ >>> mwlucas at BlackHelicopters.org, Twitter @mwlauthor >> >> Some further reading I found on osnews.com but it still sounds fud like. >> >> http://blogs.csoonline.com/1296/an_fbi_backdoor_in_openbsd http://cryptome.org/0003/fbi-backdoors.htm http://marc.info/?l=openbsd-tech&m=129296046123471&w=2 -- mark saad | nonesuch at longcount.org From matt at atopia.net Mon Dec 27 13:29:04 2010 From: matt at atopia.net (Matt Juszczak) Date: Mon, 27 Dec 2010 13:29:04 -0500 (EST) Subject: [nycbug-talk] OT: Verizon LTE vs T-Mobile "4g" on FreeBSD Message-ID: Hi everyone, Happy Snow Day -- Right now I have a Verizon Blackberry Bold that I can tether to my laptop with 3G speeds (slowish). I don't like the fact that I have to tether, though, and I also don't like that I can't use my phone and Internet at the same time. I've thought about getting a new Verizon 4g LTE card, but it looks like the plans are expensive, and getting it working on FreeBSD would be troublesome. I saw that T-Mobile has HSPA+ in NYC and Boston (where I frequent the most) and their prices are quite cheap, plus there aren't any overage fees (it just slows down). Plus, it looks like it'll be easier to get the device working in FreeBSD and even inside Ubuntu (which I sometimes use). Does anyone have experience with T-Mobile's network versus Verizons? Any comments on this? Anyone got either working in FreeBSD? -Matt From lists at stringsutils.com Mon Dec 27 16:09:34 2010 From: lists at stringsutils.com (Francisco Reyes) Date: Mon, 27 Dec 2010 16:09:34 -0500 Subject: [nycbug-talk] =?iso-8859-1?q?OT=3A_Verizon_LTE_vs_T-Mobile_=224g?= =?iso-8859-1?q?=22_on_FreeBSD?= References: Message-ID: Matt Juszczak writes: > Does anyone have experience with T-Mobile's network versus Verizons? Any > comments on this? Anyone got either working in FreeBSD? Why not go for a Mifi device like http://www.verizonwireless.com/b2c/mobilebroadband/?page=products_mifi http://reviews.sprint.com/5611v2/115/mifi-2200-by-novatel-wireless-reviews/r eviews.htm Also, Clear has been advertising and opening up stores in NY http://www.clear.com They have two types of mifi devices. I believe Clear is the provider of the sprint 4G (Wimax) network http://www.phonenews.com/sprint-completes-clearwire-clear-will-replace-xohm -5650/ http://gizmodo.com/5100394/sprint-and-clearwire-marriage-official-wimax-netw ork-branded-clear From ahpook at verizon.net Mon Dec 27 17:11:32 2010 From: ahpook at verizon.net (Ah Pook) Date: Mon, 27 Dec 2010 17:11:32 -0500 Subject: [nycbug-talk] OT: Verizon LTE vs T-Mobile "4g" on FreeBSD In-Reply-To: References: Message-ID: <201012271711.32824.ahpook@verizon.net> On Monday, December 27, 2010, Francisco Reyes wrote: > Matt Juszczak writes: > > Does anyone have experience with T-Mobile's network versus > > Verizons? Any comments on this? Anyone got either working in > > FreeBSD? > > Why not go for a Mifi device like > > http://www.verizonwireless.com/b2c/mobilebroadband/?page=products_mif > i > http://reviews.sprint.com/5611v2/115/mifi-2200-by-novatel-wireless-r > eviews/r eviews.htm > > Also, Clear has been advertising and opening up stores in NY > http://www.clear.com > > They have two types of mifi devices. > > I believe Clear is the provider of the sprint 4G (Wimax) network > http://www.phonenews.com/sprint-completes-clearwire-clear-will-replac > e-xohm -5650/ > http://gizmodo.com/5100394/sprint-and-clearwire-marriage-official-wim > ax-netw ork-branded-clear Friend of mine just came to visit - he has a Clear thingy. It worked swimmingly everywhere from Manhattan to eastern Long Island. He has the iPad one, but uses it with his MacBook. Shhh. Hardware's cheap, monthly rates are cheap if you get that one, and customer support seemed on the ball, at least in terms of responsiveness. From lists at stringsutils.com Mon Dec 27 23:12:43 2010 From: lists at stringsutils.com (Francisco Reyes) Date: Mon, 27 Dec 2010 23:12:43 -0500 Subject: [nycbug-talk] =?iso-8859-1?q?OT=3A_Verizon_LTE_vs_T-Mobile_=224g?= =?iso-8859-1?q?=22_on_FreeBSD?= References: <201012271711.32824.ahpook@verizon.net> Message-ID: Ah Pook writes: > Friend of mine just came to visit - he has a Clear thingy. It worked > swimmingly everywhere from Manhattan to eastern Long Island. He has the How was the speed? Prices seem reasonable (at least in the ball park of competitors offering 3G).. From george at ceetonetechnology.com Mon Dec 27 23:18:28 2010 From: george at ceetonetechnology.com (George Rosamond) Date: Mon, 27 Dec 2010 23:18:28 -0500 Subject: [nycbug-talk] OT: Verizon LTE vs T-Mobile "4g" on FreeBSD In-Reply-To: References: <201012271711.32824.ahpook@verizon.net> Message-ID: <4D196514.4050302@ceetonetechnology.com> On 12/27/10 23:12, Francisco Reyes wrote: > Ah Pook writes: > >> Friend of mine just came to visit - he has a Clear thingy. It worked >> swimmingly everywhere from Manhattan to eastern Long Island. He has the > > How was the speed? > > Prices seem reasonable (at least in the ball park of competitors > offering 3G).. Like everyone else, I've seen them around for a few months now. I've also heard their latency is atrocious. g From bonsaime at gmail.com Tue Dec 28 00:07:27 2010 From: bonsaime at gmail.com (Jesse Callaway) Date: Tue, 28 Dec 2010 00:07:27 -0500 Subject: [nycbug-talk] OT: Verizon LTE vs T-Mobile "4g" on FreeBSD In-Reply-To: <4D196514.4050302@ceetonetechnology.com> References: <201012271711.32824.ahpook@verizon.net> <4D196514.4050302@ceetonetechnology.com> Message-ID: I remember on the drive up to bsdcan for the 1st year someone had a hotspot from their fon in the caravan. Maybe it was a ppp to one computer which then provided routing over 11b to others. Its all over now! Couple more years and there will be nothing to tie you down. I was afraid that we'd all be working 24-7 because of this tech, but that's not been the case. Just the normal 9 hr workday + more locational freedom. For once capitalism is good to the worker. (*sort of* a joke) -jesse On Dec 27, 2010 11:19 PM, "George Rosamond" wrote: On 12/27/10 23:12, Francisco Reyes wrote: > > Ah Pook writes: > >> Friend of mine just came to visit... Like everyone else, I've seen them around for a few months now. I've also heard their latency is atrocious. g _______________________________________________ talk mailing list talk at lists.nycbug.org http://l... -------------- next part -------------- An HTML attachment was scrubbed... URL: From george at ceetonetechnology.com Tue Dec 28 12:54:09 2010 From: george at ceetonetechnology.com (George Rosamond) Date: Tue, 28 Dec 2010 12:54:09 -0500 Subject: [nycbug-talk] A simple end-of-year poll Message-ID: <4D1A2441.5020408@ceetonetechnology.com> We tend to swap stories of providers informally or as tangents on sloppy threads. So I thought it would be useful to structure it a bit more for the benefit of all. Feel free to ignore providers irrelevant to your situation. In cases you do it yourself, you can note that. Brief comments useful. Avoid sales pitches, of course. Please reply inline to keep the thread clean (including Mark S :) DNS provider (s) Dynamic DNS provider (for those with non-static IPs at home) Domain Registrar EMail provider WWW provider Shell provider And happy new year to all. g From lists at stringsutils.com Tue Dec 28 13:22:54 2010 From: lists at stringsutils.com (Francisco Reyes) Date: Tue, 28 Dec 2010 13:22:54 -0500 Subject: [nycbug-talk] A simple end-of-year poll References: <4D1A2441.5020408@ceetonetechnology.com> Message-ID: George Rosamond writes: * DNS provider (s) zoneedit.com (First 5 domains free) * Dynamic DNS provider (for those with non-static IPs at home) * Domain Registrar namenbargain.com (9.99 domains) * EMail provider * WWW provider * Shell/VM provider hub.org (Jails) bsdvm.com (vmware) arpnetworks.com (connect to console through VNC or from their management interface) From ike at blackskyresearch.net Tue Dec 28 13:40:44 2010 From: ike at blackskyresearch.net (Isaac Levy) Date: Tue, 28 Dec 2010 13:40:44 -0500 Subject: [nycbug-talk] A simple end-of-year poll In-Reply-To: <4D1A2441.5020408@ceetonetechnology.com> References: <4D1A2441.5020408@ceetonetechnology.com> Message-ID: <201012281841.oBSIf2bY005995@rs75.luxsci.com> On Dec 28, 2010, at 12:54 PM, George Rosamond wrote: > We tend to swap stories of providers informally or as tangents on sloppy threads. > > So I thought it would be useful to structure it a bit more for the benefit of all. > > Feel free to ignore providers irrelevant to your situation. In cases you do it yourself, you can note that. Brief comments useful. Avoid sales pitches, of course. > > Please reply inline to keep the thread clean (including Mark S :) > > DNS provider (s) With the respective Registrars, or self-hosted. > > Dynamic DNS provider (for those with non-static IPs at home) > > Domain Registrar Godaddy (meh, but the price is ok and they do V6!) > > EMail provider http://luxsci.com/ (I'm still sad Bruno and Loftmail is gone) > > WWW provider Speakeasy (meh) Tried Clear networks 4g junk this year- 200ms latency to servers in manhattan just won't cut it for me, no matter what their throughput is. > > Shell provider > > And happy new year to all. Indeed! Rocket- .ike From lists at stringsutils.com Tue Dec 28 15:05:34 2010 From: lists at stringsutils.com (Francisco Reyes) Date: Tue, 28 Dec 2010 15:05:34 -0500 Subject: [nycbug-talk] A simple end-of-year poll References: <4D1A2441.5020408@ceetonetechnology.com> <201012281841.oBSIf2bY005995@rs75.luxsci.com> Message-ID: Isaac Levy writes: > (I'm still sad Bruno and Loftmail is gone) When did this happened? Is Bruno gone, but the company remains? I didn't know, but have been moving domains out from loftmail. Have had issues ever since "the move".. whatever that was. What package do you use with LuxSci? Just looked at one of their basic packages; it did not even have imap. The package with imap seems pricy. 2 Email accounts $18.29/month!! From lists at stringsutils.com Tue Dec 28 15:10:10 2010 From: lists at stringsutils.com (Francisco Reyes) Date: Tue, 28 Dec 2010 15:10:10 -0500 Subject: [nycbug-talk] Reversed (or previously applied) patch detected Message-ID: I was doing some exercises to get familiar with diff/patch. Tried: cd mkdir tmp cd tmp mkdir original mkdir changed echo Line1 > original/File1 echo Line2 >>original/File1 echo Line4 >>original/File1 echo Line1 > changed/File1 echo Line2 >>changed/File1 echo Line3 >>changed/File1 echo Line4 >>changed/File1 echo 1 > original/File2 echo 2 >>original/File2 echo 4 >>original/File2 echo 1 > changed/File2 echo 2 >>changed/File2 echo 3 >>changed/File2 echo 4 >>changed/File2 diff -urN original changed > dir.diff Which produced: diff -ruN original/File1 changed/File1 --- original/File1 2010-12-26 23:07:41.000000000 -0500 +++ changed/File1 2010-12-26 23:08:26.000000000 -0500 @@ -1,3 +1,5 @@ Line1 Line2 +Line3 Line4 +Line5 diff -ruN original/File2 changed/File2 --- original/File2 2010-12-26 23:08:08.000000000 -0500 +++ changed/File2 2010-12-26 23:08:35.000000000 -0500 @@ -1,3 +1,8 @@ 1 2 +3 4 +5 +6 +7 +8 Then tried patch < dir.diff The patch command gives the warning: Reversed (or previously applied) patch detected Tried a few other variations like patch -p References: Message-ID: <201012281534.18717.jhb@freebsd.org> On Tuesday, December 28, 2010 3:10:10 pm Francisco Reyes wrote: > I was doing some exercises to get familiar with diff/patch. > > Tried: > cd > mkdir tmp > cd tmp > mkdir original > mkdir changed > echo Line1 > original/File1 > echo Line2 >>original/File1 > echo Line4 >>original/File1 > > echo Line1 > changed/File1 > echo Line2 >>changed/File1 > echo Line3 >>changed/File1 > echo Line4 >>changed/File1 > > echo 1 > original/File2 > echo 2 >>original/File2 > echo 4 >>original/File2 > > echo 1 > changed/File2 > echo 2 >>changed/File2 > echo 3 >>changed/File2 > echo 4 >>changed/File2 > > diff -urN original changed > dir.diff > > Which produced: > diff -ruN original/File1 changed/File1 > --- original/File1 2010-12-26 23:07:41.000000000 -0500 > +++ changed/File1 2010-12-26 23:08:26.000000000 -0500 > @@ -1,3 +1,5 @@ > Line1 > Line2 > +Line3 > Line4 > +Line5 > diff -ruN original/File2 changed/File2 > --- original/File2 2010-12-26 23:08:08.000000000 -0500 > +++ changed/File2 2010-12-26 23:08:35.000000000 -0500 > @@ -1,3 +1,8 @@ > 1 > 2 > +3 > 4 > +5 > +6 > +7 > +8 > > > Then tried > patch < dir.diff > > > The patch command gives the warning: > Reversed (or previously applied) patch detected > > Tried a few other variations like > patch -p > It will run without errors with > patch -R < dir.diff > > But that will make the "changed" files be like the original instead of > patching the original files. > > Any ideas/hints? Try: cd original; patch -p1 < ../dir.diff -- John Baldwin From lists at stringsutils.com Tue Dec 28 16:35:31 2010 From: lists at stringsutils.com (Francisco Reyes) Date: Tue, 28 Dec 2010 16:35:31 -0500 Subject: [nycbug-talk] Reversed (or previously applied) patch detected References: <201012281534.18717.jhb@freebsd.org> Message-ID: John Baldwin writes: > Try: > > cd original; patch -p1 < ../dir.diff Thanks. That worked. How can one the equivalent of an absolute path? For, example I got a patch to a port and I just ran the patch command and it updated the port. I didn't have to change to the port directory. Just re-did my little experiment and used the full path to source on the diff, then went into the source dir and ran patch without any parameter other than the patch; it loaded properly. I still don't get why it would not work from ~/tmp if the original diff had the full path (ie tried running patch from ~/tmp and did not work). The patch to the port was: diff -ruN /usr/ports/databases/skytools/Makefile skytools/Makefile --- /usr/ports/databases/skytools/Makefile 2010-12-02 22:55:36.000000000 +0800 +++ skytools/Makefile 2010-12-26 06:00:36.000000000 +0800 @@ -6,9 +6,9 @@ # PORTNAME= skytools -PORTVERSION= 2.1.11 +PORTVERSION= 2.1.12 CATEGORIES= databases -MASTER_SITES= http://pgfoundry.org/frs/download.php/2561/ +MASTER_SITES= http://pgfoundry.org/frs/download.php/2872/ MAINTAINER= kheechin at gmail.com COMMENT= PostgreSQL tools from Skype: walshipping, queueing, replication diff -ruN /usr/ports/databases/skytools/distinfo skytools/distinfo --- /usr/ports/databases/skytools/distinfo 2010-03-28 06:51:56.000000000 +0800 +++ skytools/distinfo 2010-12-26 06:08:32.000000000 +0800 @@ -1,3 +1,2 @@ -MD5 (skytools-2.1.11.tar.gz) = 1451a5fc47bf9a28339f7dff28d8b11a -SHA256 (skytools-2.1.11.tar.gz) = fdfbb428d41a5f16c3cf7b7a3a0dcc5e500e102c898311825310a30889a82c71 -SIZE (skytools-2.1.11.tar.gz) = 249019 +SHA256 (skytools-2.1.12.tar.gz) = f385947b121a05d9d64ca70dd46585f592161ad939303735ebb9d62f246d6ac0 +SIZE (skytools-2.1.12.tar.gz) = 259101 From george at ceetonetechnology.com Tue Dec 28 16:39:18 2010 From: george at ceetonetechnology.com (George Rosamond) Date: Tue, 28 Dec 2010 16:39:18 -0500 Subject: [nycbug-talk] A simple end-of-year poll In-Reply-To: References: <4D1A2441.5020408@ceetonetechnology.com> <201012281841.oBSIf2bY005995@rs75.luxsci.com> Message-ID: <4D1A5906.7010404@ceetonetechnology.com> On 12/28/10 15:05, Francisco Reyes wrote: > Isaac Levy writes: > >> (I'm still sad Bruno and Loftmail is gone) > > When did this happened? Is Bruno gone, but the company remains? > I didn't know, but have been moving domains out from loftmail. Have had > issues ever since "the move".. whatever that was. Bruno is alive and well. > > What package do you use with LuxSci? Just looked at one of their basic > packages; it did not even have imap. The package with imap seems pricy. > 2 Email accounts $18.29/month!! Right. . .put the above two paragraphs together. Hosting email has got to be one of the most under-appreciated services. We all live on email 24/7, expect 1 gig IMAP mailboxes to sync in seconds over-latency ridden residential connections, then don't expect to pay a lot. If I hosted email, it would be uucp or hard copy print-outs delivered by snail mail, with mailbox sizes 200 k max. And no SLA. You have issues even though they winded down a while ago, and you don't want to pay >$20 a month. Stick to gmail or something. :) g From dave at donnerjack.com Tue Dec 28 16:44:51 2010 From: dave at donnerjack.com (David Lawson) Date: Tue, 28 Dec 2010 16:44:51 -0500 Subject: [nycbug-talk] A simple end-of-year poll In-Reply-To: <4D1A5906.7010404@ceetonetechnology.com> References: <4D1A2441.5020408@ceetonetechnology.com> <201012281841.oBSIf2bY005995@rs75.luxsci.com> <4D1A5906.7010404@ceetonetechnology.com> Message-ID: <4D1A5A53.3040700@donnerjack.com> What happened with LoftMail? I still host accounts there and haven't seen any problems, though the system move a while ago caused a brief hiccup in some of the accounts I set up for friends. Has Bruno moved on from the company or what? --Dave From lists at stringsutils.com Tue Dec 28 16:57:19 2010 From: lists at stringsutils.com (Francisco Reyes) Date: Tue, 28 Dec 2010 16:57:19 -0500 Subject: [nycbug-talk] A simple end-of-year poll References: <4D1A2441.5020408@ceetonetechnology.com> <201012281841.oBSIf2bY005995@rs75.luxsci.com> <4D1A5906.7010404@ceetonetechnology.com> Message-ID: George Rosamond writes: > Hosting email has got to be one of the most under-appreciated services. Agree, but market is what it is. Even google only charges $5/month and it is for some insane amount of space. > seconds over-latency ridden residential connections, then don't expect > to pay a lot. I think 2 to 5 per mailbox per month is the most people will be willing to pay regardless of how much space you give them. The only people that pay more than that are usually Microsoft exchange users and Lotus notes users. > If I hosted email, it would be uucp or hard copy print-outs delivered by > snail mail, with mailbox sizes 200 k max. And no SLA. That would be a hobby not a business, because you would have no customers. :-) > You have issues even though they winded down a while ago, and you don't > want to pay >$20 a month. Perceived value is just that.. what people perceive it to be. Unfortunately, for those trying to run a business on the email market, the price people are willing to pay for email is low. > Stick to gmail or something. Even hosted gmail is cheaper than the price listed by LuxSci for 2 accounts. LuxSci may be cheaper over more accounts, but I was looking for a small domain that only has 2 accounts. Over the years I have had hosted email on many different companies and sadly at one point or another every one has had some growing pains and expericed large dowtimes; so I figure if no matter where I go there will be downtime, may as well find a good value. Currently I am leaning towards giving Maia mailguard a try and self host all my domains and if that goes well all my small business customers. From lists at stringsutils.com Tue Dec 28 16:58:35 2010 From: lists at stringsutils.com (Francisco Reyes) Date: Tue, 28 Dec 2010 16:58:35 -0500 Subject: [nycbug-talk] A simple end-of-year poll References: <4D1A2441.5020408@ceetonetechnology.com> <201012281841.oBSIf2bY005995@rs75.luxsci.com> <4D1A5906.7010404@ceetonetechnology.com> <4D1A5A53.3040700@donnerjack.com> Message-ID: David Lawson writes: > the system move a while ago caused a brief > hiccup in some of the accounts I set up for friends. Same here. I had them for years, but the system move had all kinds of issues for me so I have been moving out my domains. From lists at stringsutils.com Tue Dec 28 17:03:35 2010 From: lists at stringsutils.com (Francisco Reyes) Date: Tue, 28 Dec 2010 17:03:35 -0500 Subject: [nycbug-talk] Any DragonflyBSD users in list? Message-ID: Have been trying to subscribe to the DragonflyBSD users list without any success. Anyone currently on that list that could post to it and find out if they are having problems with new subscriptions? Wrote to Matthew Dillon, but have not hear back yet. The little I have seen so far is very promissing, although I need to research more why they went with pksrc instead of ports; find it intriguing that a FreeBSD derived OS did not go with ports. Hammer is very interesting and the snapshot capability seems pretty responsive. Loading tens of thousands of files to a test VM.. let's see how the snapshot behaves with more files. From george at ceetonetechnology.com Tue Dec 28 17:40:27 2010 From: george at ceetonetechnology.com (George Rosamond) Date: Tue, 28 Dec 2010 17:40:27 -0500 Subject: [nycbug-talk] A simple end-of-year poll In-Reply-To: References: <4D1A2441.5020408@ceetonetechnology.com> <201012281841.oBSIf2bY005995@rs75.luxsci.com> <4D1A5906.7010404@ceetonetechnology.com> Message-ID: <4D1A675B.6000900@ceetonetechnology.com> On 12/28/10 16:57, Francisco Reyes wrote: > George Rosamond writes: > >> Hosting email has got to be one of the most under-appreciated services. > > Agree, but market is what it is. Even google only charges $5/month and > it is for some insane amount of space. > >> seconds over-latency ridden residential connections, then don't expect >> to pay a lot. > > I think 2 to 5 per mailbox per month is the most people will be willing > to pay regardless of how much space you give them. The only people that > pay more than that are usually Microsoft exchange users and Lotus notes > users. Who knows. I think the email provider market is too big with so many players that to say $2-5 per mailbox is "the most" is over-generalizing. It's not like buying a Big Mac or a house in Florida with bad drywall. > >> If I hosted email, it would be uucp or hard copy print-outs delivered >> by snail mail, with mailbox sizes 200 k max. And no SLA. > > That would be a hobby not a business, because you would have no > customers. :-) I get your sarcasm, but don't miss my point about it being thankless. >> You have issues even though they winded down a while ago, and you >> don't want to pay >$20 a month. > > Perceived value is just that.. what people perceive it to be. > Unfortunately, for those trying to run a business on the email market, > the price people are willing to pay for email is low. > Of course. That's if you don't mind massive privacy issues bundled with that inexpensive package from Google. I used to tell Bruno all the time to drop the privacy crap and just resell his customer email anonymized by AOL. Now that's a cheap business model. >> Stick to gmail or something. > > Even hosted gmail is cheaper than the price listed by LuxSci for 2 > accounts. LuxSci may be cheaper over more accounts, but I was looking > for a small domain that only has 2 accounts. > Of course google is cheaper. They can be. They just want to built out their social link analysis data. Search engines, social networking sites and data mining firms love to have paying customers or free "staff" creating data for them. > Over the years I have had hosted email on many different companies and > sadly at one point or another every one has had some growing pains and > expericed large dowtimes; so I figure if no matter where I go there will > be downtime, may as well find a good value. Valid point. > > Currently I am leaning towards giving Maia mailguard a try and self host > all my domains and if that goes well all my small business customers. g From o_sleep at belovedarctos.com Tue Dec 28 20:00:30 2010 From: o_sleep at belovedarctos.com (Bjorn Nelson) Date: Tue, 28 Dec 2010 20:00:30 -0500 Subject: [nycbug-talk] A simple end-of-year poll In-Reply-To: <4D1A2441.5020408@ceetonetechnology.com> References: <4D1A2441.5020408@ceetonetechnology.com> Message-ID: <4D1A882E.9030806@belovedarctos.com> On 12/28/2010 12:54 PM, George Rosamond wrote: > We tend to swap stories of providers informally or as tangents on > sloppy threads. > > So I thought it would be useful to structure it a bit more for the > benefit of all. > > Feel free to ignore providers irrelevant to your situation. In cases > you do it yourself, you can note that. Brief comments useful. Avoid > sales pitches, of course. > > Please reply inline to keep the thread clean (including Mark S :) > > DNS provider (s) > > Dynamic DNS provider (for those with non-static IPs at home) > > Domain Registrar domainmonger.com > EMail provider google apps > WWW provider mac.com ... they keep threatening to remove my non-iweb stuff. > > Shell provider home > > And happy new year to all. > > g > _______________________________________________ > talk mailing list > talk at lists.nycbug.org > http://lists.nycbug.org/mailman/listinfo/talk From siraaj at khandkar.net Tue Dec 28 20:23:47 2010 From: siraaj at khandkar.net (Siraaj Khandkar) Date: Tue, 28 Dec 2010 20:23:47 -0500 Subject: [nycbug-talk] A simple end-of-year poll In-Reply-To: <4D1A2441.5020408@ceetonetechnology.com> References: <4D1A2441.5020408@ceetonetechnology.com> Message-ID: <7FCEA193-E623-4E23-87B9-EE27FB04F475@khandkar.net> On 28 Dec 2010, at 12:54, George Rosamond wrote: > We tend to swap stories of providers informally or as tangents on sloppy threads. > > So I thought it would be useful to structure it a bit more for the benefit of all. > > Feel free to ignore providers irrelevant to your situation. In cases you do it yourself, you can note that. Brief comments useful. Avoid sales pitches, of course. > > Please reply inline to keep the thread clean (including Mark S :) > > DNS provider (s) Self (BIND on OpenBSD and CentOS). > Dynamic DNS provider (for those with non-static IPs at home) n/a > Domain Registrar GoDaddy... cheap, Domain Manager is nice. > EMail provider Self (Postfix/Dovecot on OpenBSD and Debian). > WWW provider Optimum Business. Very happy, no contract, 5 IPs, 5mb up, 30mb down, 80 bucks. > > Shell provider /usr/local/bin/bash ;) VPS: ARP Networks, Amazon, Open Hosting. Slowly moving everything to the recently discovered ARP Networks. > And happy new year to all. Likewise! -- Siraaj Khandkar http://twitter.com/IbnFirnas From jhb at freebsd.org Wed Dec 29 09:04:15 2010 From: jhb at freebsd.org (John Baldwin) Date: Wed, 29 Dec 2010 09:04:15 -0500 Subject: [nycbug-talk] Reversed (or previously applied) patch detected In-Reply-To: References: <201012281534.18717.jhb@freebsd.org> Message-ID: <201012290904.15640.jhb@freebsd.org> On Tuesday, December 28, 2010 4:35:31 pm Francisco Reyes wrote: > John Baldwin writes: > > > Try: > > > > cd original; patch -p1 < ../dir.diff > > Thanks. That worked. > > How can one the equivalent of an absolute path? > For, example I got a patch to a port and I just ran the patch command and it > updated the port. I didn't have to change to the port directory. > > Just re-did my little experiment and used the full path to source on the > diff, then went into the source dir and ran patch without any parameter > other than the patch; it loaded properly. I still don't get why it would not > work from ~/tmp if the original diff had the full path (ie tried running > patch from ~/tmp and did not work). > > > The patch to the port was: > diff -ruN /usr/ports/databases/skytools/Makefile skytools/Makefile > --- /usr/ports/databases/skytools/Makefile 2010-12-02 > 22:55:36.000000000 +0800 > +++ skytools/Makefile 2010-12-26 06:00:36.000000000 +0800 > @@ -6,9 +6,9 @@ I believe it has to do with out patch resolves paths. In this case it will probably look for 1) the full relative path in the '+++' line and then 2) just the basename ('Makefile') in the current directory. I'm not sure if it will fall back to the name in the --- line as well, but it might, probably using the full path first followed by the basename second. However, in your original patch you had the 'original/' directory in your path name and when you cd'd into 'original' neither the full relative path or the simple basename matched, so it failed to find a file to apply the patch to. -- John Baldwin From ike at blackskyresearch.net Fri Dec 31 13:06:44 2010 From: ike at blackskyresearch.net (Isaac Levy) Date: Fri, 31 Dec 2010 13:06:44 -0500 Subject: [nycbug-talk] OpenBSD ipsec FBI backdoor (was: The BSD Connection) In-Reply-To: References: <20101215193337.GJ14661@dixongroup.net> <4D0926C3.3010309@ceetonetechnology.com> <20101215205031.GA48741@bewilderbeast.blackhelicopters.org> Message-ID: <201012311807.oBVI72wm003563@rs75.luxsci.com> On Dec 22, 2010, at 10:20 AM, Mark Saad wrote: > Some new updates Fascinating saga, (Mickey's posts are fascinating), here's a collection of various re-print posts; http://spectregroup.wordpress.com/2010/12/30/trusting-trust/ Happy New Year everyone! Best, .ike From george at ceetonetechnology.com Fri Dec 31 13:57:24 2010 From: george at ceetonetechnology.com (George Rosamond) Date: Fri, 31 Dec 2010 13:57:24 -0500 Subject: [nycbug-talk] OpenBSD ipsec FBI backdoor (was: The BSD Connection) In-Reply-To: <201012311807.oBVI72wm003563@rs75.luxsci.com> References: <20101215193337.GJ14661@dixongroup.net> <4D0926C3.3010309@ceetonetechnology.com> <20101215205031.GA48741@bewilderbeast.blackhelicopters.org> <201012311807.oBVI72wm003563@rs75.luxsci.com> Message-ID: <4D1E2794.20107@ceetonetechnology.com> On 12/31/10 13:06, Isaac Levy wrote: > On Dec 22, 2010, at 10:20 AM, Mark Saad wrote: > >> Some new updates > > Fascinating saga, (Mickey's posts are fascinating), here's a collection of various re-print posts; > > http://spectregroup.wordpress.com/2010/12/30/trusting-trust/ > > Happy New Year everyone! and to all! On a more concrete note, we are going to use the new year as a chance to shift more in a relevant direction. Although it's all up for debate. Since it's safe to assume that few (on this list and beyond) are armed to actually audit code with the depth of IPSec and cryptography, we are working out some lower common denominator approaches. We have always (quietly) strived to have NYCBUG serve as a gateway for more people to be directly involved in the BSD projects as contributors, whether just doing PRs, providing patches, etc, and hopefully creating trajectories to more fundamental involvement. It's on that note I open the discussion, and move the thread to a more productive direction. I hope. I am working out the details of a NetBSD-related bugfest with Christos. Such activities, as a user group, can be immediately beneficial to each BSD and related project, and could also assist attendees in NYCBUG in playing more useful roles to the projects. Another idea is to have of presentations on code auditing, or at least introducing the framework. Certainly reading the Unix classics is a great starting point in terms of correct coding behavior. We are exploring some other directions, but it's best to put the discussion out in the open here, and hopefully open the discussion. g From fire at firecrow.com Fri Dec 31 16:16:21 2010 From: fire at firecrow.com (fire crow) Date: Fri, 31 Dec 2010 16:16:21 -0500 Subject: [nycbug-talk] NetBSD bugfest (was: OpenBSD ipsec FBI backdoor) Message-ID: On Fri, Dec 31, 2010 at 1:57 PM, George Rosamond wrote: > On 12/31/10 13:06, Isaac Levy wrote: >> >> On Dec 22, 2010, at 10:20 AM, Mark Saad wrote: >> >>> Some new updates >> >> Fascinating saga, (Mickey's posts are fascinating), here's a collection of >> various re-print posts; >> >> http://spectregroup.wordpress.com/2010/12/30/trusting-trust/ >> >> Happy New Year everyone! > > and to all! > > On a more concrete note, we are going to use the new year as a chance to > shift more in a relevant direction. ?Although it's all up for debate. > > Since it's safe to assume that few (on this list and beyond) are armed to > actually audit code with the depth of IPSec and cryptography, we are working > out some lower common denominator approaches. > > We have always (quietly) strived to have NYCBUG serve as a gateway for more > people to be directly involved in the BSD projects as contributors, whether > just doing PRs, providing patches, etc, and hopefully creating trajectories > to more fundamental involvement. > > It's on that note I open the discussion, and move the thread to a more > productive direction. ?I hope. > > I am working out the details of a NetBSD-related bugfest with Christos. > ?Such activities, as a user group, can be immediately beneficial to each BSD > and related project, and could also assist attendees in NYCBUG in playing > more useful roles to the projects. > > Another idea is to have of presentations on code auditing, or at least > introducing the framework. ?Certainly reading the Unix classics is a great > starting point in terms of correct coding behavior. > > We are exploring some other directions, but it's best to put the discussion > out in the open here, and hopefully open the discussion. > > g > _______________________________________________ > talk mailing list > talk at lists.nycbug.org > http://lists.nycbug.org/mailman/listinfo/talk > that sounds awesome, a review of the kernel and scheduler structure would be great for programmers like myself, who are just getting into low level systems development. I've started reading the NetBSD source, starting with "/usr/src/sys/kern/init_main.c", any recommendations about articles or better places in the source to start digging, that would be an awesome thread. before that I was reading up on minix and know that among the developers I know (even the linux kiddies) discussing schedulers and how processors are implemented, or the bell labs time scheduling paper, creates a lot of interest. + | fire crow | computer programmer !_____________________ ? http://firecrow.com, fire at firecrow.com, 917.306.9451, New York City, USA