From kmsujit at gmail.com  Sat Jul  1 07:04:45 2017
From: kmsujit at gmail.com (Sujit K M)
Date: Sat, 1 Jul 2017 16:34:45 +0530
Subject: [talk] New Laptop
Message-ID: <CA+6mNepT0kYNFCcPiKYc4B3-Cp1yzgkWMnoEC_+e8ctro4Uhpg@mail.gmail.com>

Hi All,

I recently purchased an Lenovo Flex 10 Idea Pad laptop. Below link for a spec.
http://www.usanotebook.com/3820-Flex%2010-Laptop-Brown-Touchscreen_Lenovo_IdeaPad_Flex_10_notebook.php

http://www.usanotebook.com/3820-Flex%2010-Laptop-Brown-Touchscreen_Lenovo_IdeaPad_Flex_10_notebook.php

I was quite impressed with it. Are there any UNIX users for this machine.
This is currently having windows 8 and with a lot of goodies like free Office
2013, etc.

I would also like to know the current status of Touchscreen notebooks on
FreeBSD/NetBSD or Open BSD or any other BSD Flavour. Or Even Linux.

Regards,
Sujit K M



From jhellenthal at dataix.net  Sat Jul  1 07:37:50 2017
From: jhellenthal at dataix.net (J. Hellenthal)
Date: Sat, 1 Jul 2017 06:37:50 -0500
Subject: [talk] New Laptop
In-Reply-To: <CA+6mNepT0kYNFCcPiKYc4B3-Cp1yzgkWMnoEC_+e8ctro4Uhpg@mail.gmail.com>
References: <CA+6mNepT0kYNFCcPiKYc4B3-Cp1yzgkWMnoEC_+e8ctro4Uhpg@mail.gmail.com>
Message-ID: <DB1F78C7-0ABD-4B32-95EC-FDE7B790FCFC@DataIX.net>

One way to find out... grab something that you want and ... Try it.

There is probably more support for it in Linux than BSD sad to say but that?s the ropes and there?s lots of live CDs out there to give it a whirl.

-- 
 Onward!, 
 Jason Hellenthal, 
 Systems & Network Admin, 
 Mobile: 0x9CA0BD58, 
 JJH48-ARIN

On Jul 1, 2017, at 06:04, Sujit K M <kmsujit at gmail.com> wrote:

Hi All,

I recently purchased an Lenovo Flex 10 Idea Pad laptop. Below link for a spec.
http://www.usanotebook.com/3820-Flex%2010-Laptop-Brown-Touchscreen_Lenovo_IdeaPad_Flex_10_notebook.php

http://www.usanotebook.com/3820-Flex%2010-Laptop-Brown-Touchscreen_Lenovo_IdeaPad_Flex_10_notebook.php

I was quite impressed with it. Are there any UNIX users for this machine.
This is currently having windows 8 and with a lot of goodies like free Office
2013, etc.

I would also like to know the current status of Touchscreen notebooks on
FreeBSD/NetBSD or Open BSD or any other BSD Flavour. Or Even Linux.

Regards,
Sujit K M

_______________________________________________
talk mailing list
talk at lists.nycbug.org
http://lists.nycbug.org/mailman/listinfo/talk



From scottro11 at gmail.com  Sat Jul  1 13:40:40 2017
From: scottro11 at gmail.com (Scott Robbins)
Date: Sat, 1 Jul 2017 13:40:40 -0400
Subject: [talk] Re New Laptop
Message-ID: <20170701174040.GA15703@scott1.scottro.net>

Somehow, my previous reply to this got lost. So if my other answer shows
up, apologies.


Anyway, I have a yoga2 (which also has a hi-res screen, 3200x1800 which
creates its own problems.)

I don't have much info on touch screends for the BSDs, as I don't use them,
but FreeBSD may have trouble with later Intel cards.  You may have to use
CURRENT and the drm-next-4.7 git repo, which will have its own
problems--for example, on a recent install of snapshot, then the latest git
repo for drm-next, I couldn't get firefox to run.  

On OpenBSD, I found that the iwm driver wouldn't connect to a hidden
wireless network. Also, when I replaced the card with a dual channel, even
when connected to a 5GHz network, its wireless was slow. I would recommend 
if planning to play with BSDs on it, to get a USB to ethernet cable.
This was with a recent snapshot.


Linux Mint and Fedora's live workstation both worked well with the
touchscreen, but all I did was drag a couple of windows around.

I have more details on FreeBSD with the drm-next git repo at
http://srobb.net/freebsdintel.html

When running Fedora with openbox or dwm, however, the touchscreen didn't
really work.  


-- 
Scott Robbins
PGP keyID EB3467D6
( 1B48 077D 66F6 9DB0 FDC2 A409 FA54 EB34 67D6 )
gpg --keyserver pgp.mit.edu --recv-keys EB3467D6



From bcully at gmail.com  Sat Jul  1 19:54:51 2017
From: bcully at gmail.com (Brian Cully)
Date: Sat, 1 Jul 2017 19:54:51 -0400
Subject: [talk] Re New Laptop
In-Reply-To: <20170701174040.GA15703@scott1.scottro.net>
References: <20170701174040.GA15703@scott1.scottro.net>
Message-ID: <7BD5E450-885A-4EED-A595-6A38D98CB8C8@gmail.com>


> On 1-Jul-2017, at 13:40, Scott Robbins <scottro11 at gmail.com> wrote:
> On OpenBSD, I found that the iwm driver wouldn't connect to a hidden
> wireless network. Also, when I replaced the card with a dual channel, even
> when connected to a 5GHz network, its wireless was slow. I would recommend 
> if planning to play with BSDs on it, to get a USB to ethernet cable.
> This was with a recent snapshot.

	I couldn?t get good performance out of FreeBSD with any of the USB WiFi dongles I tried. Support may be better with PCIe cards, but I don?t have slots for those. So I tried:

		* otus with a NetGear WN111 v2
		* urtwn with ASUS USB-N10 NANO
		* run with D-Link DWA-162

	All of them were dreadful, and only the D-Link could actually use the 5GHz band. Of course, since none of the drivers supported 802.11n, that was 802.11a on 5GHz.

	I eventually gave up, grabbed an old apple Airport router I had around to use as a WiFi extender, and plugged my FreeBSD boxen into that via ethernet.

-bjc


From scottro11 at gmail.com  Sat Jul  1 20:53:57 2017
From: scottro11 at gmail.com (Scott Robbins)
Date: Sat, 1 Jul 2017 20:53:57 -0400
Subject: [talk] Re New Laptop
In-Reply-To: <7BD5E450-885A-4EED-A595-6A38D98CB8C8@gmail.com>
References: <20170701174040.GA15703@scott1.scottro.net>
 <7BD5E450-885A-4EED-A595-6A38D98CB8C8@gmail.com>
Message-ID: <20170702005357.GB32189@scott1.scottro.net>

On Sat, Jul 01, 2017 at 07:54:51PM -0400, Brian Cully wrote:
> 
> > On 1-Jul-2017, at 13:40, Scott Robbins <scottro11 at gmail.com> wrote:
> > On OpenBSD, I found that the iwm driver wouldn't connect to a hidden
> > wireless network. Also, when I replaced the card with a dual channel, even
> > when connected to a 5GHz network, its wireless was slow. I would recommend 
> > if planning to play with BSDs on it, to get a USB to ethernet cable.
> > This was with a recent snapshot.
> 
> 	I couldn?t get good performance out of FreeBSD with any of the USB WiFi dongles I tried. Support may be better with PCIe cards, but I don?t have slots for those. So I tried:

I'm not familiar with each one--what I have found is that buying the really
cheap ones from NewEgg or Amazon often turn out to be a waste.  For me,
with two no-name ones (one 10/100, one 10/100/1000) my speeds are good.

(No serious benchmarking though.)


-- 
Scott Robbins
PGP keyID EB3467D6
( 1B48 077D 66F6 9DB0 FDC2 A409 FA54 EB34 67D6 )
gpg --keyserver pgp.mit.edu --recv-keys EB3467D6



From fire at firecrow.com  Sat Jul  1 21:37:56 2017
From: fire at firecrow.com (fire crow)
Date: Sat, 1 Jul 2017 21:37:56 -0400
Subject: [talk] Re New Laptop
In-Reply-To: <20170702005357.GB32189@scott1.scottro.net>
References: <20170701174040.GA15703@scott1.scottro.net>
 <7BD5E450-885A-4EED-A595-6A38D98CB8C8@gmail.com>
 <20170702005357.GB32189@scott1.scottro.net>
Message-ID: <CAH=cS8ErDxtoJo2iNzefU5vxMVK1dod9YQ6eHSRDMNLT+uFK0A@mail.gmail.com>

On Jul 1, 2017 20:56, "Scott Robbins" <scottro11 at gmail.com> wrote:

On Sat, Jul 01, 2017 at 07:54:51PM -0400, Brian Cully wrote:
>
> > On 1-Jul-2017, at 13:40, Scott Robbins <scottro11 at gmail.com> wrote:
> > On OpenBSD, I found that the iwm driver wouldn't connect to a hidden
> > wireless network. Also, when I replaced the card with a dual channel,
even
> > when connected to a 5GHz network, its wireless was slow. I would
recommend
> > if planning to play with BSDs on it, to get a USB to ethernet cable.
> > This was with a recent snapshot.
>
>       I couldn?t get good performance out of FreeBSD with any of the USB
WiFi dongles I tried. Support may be better with PCIe cards, but I don?t
have slots for those. So I tried:

I'm not familiar with each one--what I have found is that buying the really
cheap ones from NewEgg or Amazon often turn out to be a waste.  For me,
with two no-name ones (one 10/100, one 10/100/1000) my speeds are good.

(No serious benchmarking though.)


--
Scott Robbins
PGP keyID EB3467D6
( 1B48 077D 66F6 9DB0 FDC2 A409 FA54 EB34 67D6 )
gpg --keyserver pgp.mit.edu --recv-keys EB3467D6


I have the the Lenovo 100S 14 inch ($200), and iwm wifi works well, the
intel graphics driver does not work with the i915 kernel module yet so the
only option is vesa, and I had to install from a usb current image to get
it to work with efi.

Hope that helps.

~fire

_______________________________________________
talk mailing list
talk at lists.nycbug.org
http://lists.nycbug.org/mailman/listinfo/talk
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.nycbug.org:8443/pipermail/talk/attachments/20170701/023c1e26/attachment.htm>

From kmsujit at gmail.com  Sun Jul  2 10:05:31 2017
From: kmsujit at gmail.com (Sujit K M)
Date: Sun, 2 Jul 2017 19:35:31 +0530
Subject: [talk] Re New Laptop
In-Reply-To: <CAH=cS8ErDxtoJo2iNzefU5vxMVK1dod9YQ6eHSRDMNLT+uFK0A@mail.gmail.com>
References: <20170701174040.GA15703@scott1.scottro.net>
 <7BD5E450-885A-4EED-A595-6A38D98CB8C8@gmail.com>
 <20170702005357.GB32189@scott1.scottro.net>
 <CAH=cS8ErDxtoJo2iNzefU5vxMVK1dod9YQ6eHSRDMNLT+uFK0A@mail.gmail.com>
Message-ID: <CA+6mNepT-1KT=8y0-D1Ww=vZ06VH9xVKbW9559N_91XLZ+Tv7w@mail.gmail.com>

On Sun, Jul 2, 2017 at 7:07 AM, fire crow <fire at firecrow.com> wrote:
> I have the the Lenovo 100S 14 inch ($200), and iwm wifi works well, the
> intel graphics driver does not work with the i915 kernel module yet so the
> only option is vesa, and I had to install from a usb current image to get it
> to work with efi.

Don't you think vesa is outdated to use in something like 2016+ Laptop.



From scottro11 at gmail.com  Sun Jul  2 11:04:43 2017
From: scottro11 at gmail.com (Scott Robbins)
Date: Sun, 2 Jul 2017 11:04:43 -0400
Subject: [talk] Re New Laptop
In-Reply-To: <CA+6mNepT-1KT=8y0-D1Ww=vZ06VH9xVKbW9559N_91XLZ+Tv7w@mail.gmail.com>
References: <20170701174040.GA15703@scott1.scottro.net>
 <7BD5E450-885A-4EED-A595-6A38D98CB8C8@gmail.com>
 <20170702005357.GB32189@scott1.scottro.net>
 <CAH=cS8ErDxtoJo2iNzefU5vxMVK1dod9YQ6eHSRDMNLT+uFK0A@mail.gmail.com>
 <CA+6mNepT-1KT=8y0-D1Ww=vZ06VH9xVKbW9559N_91XLZ+Tv7w@mail.gmail.com>
Message-ID: <20170702150443.GA15110@scott1.scottro.net>

On Sun, Jul 02, 2017 at 07:35:31PM +0530, Sujit K M wrote:
> On Sun, Jul 2, 2017 at 7:07 AM, fire crow <fire at firecrow.com> wrote:
> > I have the the Lenovo 100S 14 inch ($200), and iwm wifi works well, the
> > intel graphics driver does not work with the i915 kernel module yet so the
> > only option is vesa, and I had to install from a usb current image to get it
> > to work with efi.
> 
> Don't you think vesa is outdated to use in something like 2016+ Laptop.

I know you're not asking me, but yes.  The Intel driver is really far
behind. You may have better luck with OpenBSD as far as that goes. See my
earlier post and link.
If using EFI, you may be able to use scfb
https://wiki.freebsd.org/Graphics/SCFB

-- 
Scott Robbins
PGP keyID EB3467D6
( 1B48 077D 66F6 9DB0 FDC2 A409 FA54 EB34 67D6 )
gpg --keyserver pgp.mit.edu --recv-keys EB3467D6



From fire at firecrow.com  Sun Jul  2 14:44:11 2017
From: fire at firecrow.com (fire crow)
Date: Sun, 2 Jul 2017 14:44:11 -0400
Subject: [talk] Re New Laptop
In-Reply-To: <CA+6mNepT-1KT=8y0-D1Ww=vZ06VH9xVKbW9559N_91XLZ+Tv7w@mail.gmail.com>
References: <20170701174040.GA15703@scott1.scottro.net>
 <7BD5E450-885A-4EED-A595-6A38D98CB8C8@gmail.com>
 <20170702005357.GB32189@scott1.scottro.net>
 <CAH=cS8ErDxtoJo2iNzefU5vxMVK1dod9YQ6eHSRDMNLT+uFK0A@mail.gmail.com>
 <CA+6mNepT-1KT=8y0-D1Ww=vZ06VH9xVKbW9559N_91XLZ+Tv7w@mail.gmail.com>
Message-ID: <CAH=cS8Ez8Pzkp9OJTSao8ms9Nc56pwXa1s2fWdDPK8sLeEib9A@mail.gmail.com>

On Jul 2, 2017 10:07, "Sujit K M" <kmsujit at gmail.com> wrote:

On Sun, Jul 2, 2017 at 7:07 AM, fire crow <fire at firecrow.com> wrote:
> I have the the Lenovo 100S 14 inch ($200), and iwm wifi works well, the
> intel graphics driver does not work with the i915 kernel module yet so the
> only option is vesa, and I had to install from a usb current image to get
it
> to work with efi.

Don't you think vesa is outdated to use in something like 2016+ Laptop.


Yes vesa support is a draw back not a feature, im counting on i915 support
in the near future from freeBSD, would work on it myself but havnt had time.

~fire


_______________________________________________
talk mailing list
talk at lists.nycbug.org
http://lists.nycbug.org/mailman/listinfo/talk
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.nycbug.org:8443/pipermail/talk/attachments/20170702/6bec6172/attachment.htm>

From pete at nomadlogic.org  Sun Jul  2 15:10:54 2017
From: pete at nomadlogic.org (Pete Wright)
Date: Sun, 2 Jul 2017 12:10:54 -0700
Subject: [talk] Re New Laptop
In-Reply-To: <20170702150443.GA15110@scott1.scottro.net>
References: <20170701174040.GA15703@scott1.scottro.net>
 <7BD5E450-885A-4EED-A595-6A38D98CB8C8@gmail.com>
 <20170702005357.GB32189@scott1.scottro.net>
 <CAH=cS8ErDxtoJo2iNzefU5vxMVK1dod9YQ6eHSRDMNLT+uFK0A@mail.gmail.com>
 <CA+6mNepT-1KT=8y0-D1Ww=vZ06VH9xVKbW9559N_91XLZ+Tv7w@mail.gmail.com>
 <20170702150443.GA15110@scott1.scottro.net>
Message-ID: <038eabac-ee8c-3810-12c6-91dba0300970@nomadlogic.org>



On 07/02/2017 08:04, Scott Robbins wrote:
> On Sun, Jul 02, 2017 at 07:35:31PM +0530, Sujit K M wrote:
>> On Sun, Jul 2, 2017 at 7:07 AM, fire crow <fire at firecrow.com> wrote:
>>> I have the the Lenovo 100S 14 inch ($200), and iwm wifi works well, the
>>> intel graphics driver does not work with the i915 kernel module yet so the
>>> only option is vesa, and I had to install from a usb current image to get it
>>> to work with efi.
>> Don't you think vesa is outdated to use in something like 2016+ Laptop.
> I know you're not asking me, but yes.  The Intel driver is really far
> behind. You may have better luck with OpenBSD as far as that goes. See my
> earlier post and link.
> If using EFI, you may be able to use scfb
> https://wiki.freebsd.org/Graphics/SCFB
>
if running recent intel GPU's based on the i915 chipset on freebsd 
please test out the code in this repository:

https://github.com/FreeBSDDesktop/freebsd-base-graphics

specifically the "drm-next" branch.  this is actively being hacked on 
and hopefully with enough testing/exposure will get merged upstream 
sooner rather than later.  there is lots of work here to refactor how 
the linuxkpi is implemented to make it easier to keep the i915 code 
closer in sync with the intel code released for linux.

i run drm-next on all my daily drivers and it's actually quite stable 
when watching video, browsing web and hacking on systems.

cheers,
-pete

-- 
Pete Wright
pete at nomadlogic.org
@nomadlogicLA



From pete at nomadlogic.org  Sun Jul  2 15:16:15 2017
From: pete at nomadlogic.org (Pete Wright)
Date: Sun, 2 Jul 2017 12:16:15 -0700
Subject: [talk] Re New Laptop
In-Reply-To: <038eabac-ee8c-3810-12c6-91dba0300970@nomadlogic.org>
References: <20170701174040.GA15703@scott1.scottro.net>
 <7BD5E450-885A-4EED-A595-6A38D98CB8C8@gmail.com>
 <20170702005357.GB32189@scott1.scottro.net>
 <CAH=cS8ErDxtoJo2iNzefU5vxMVK1dod9YQ6eHSRDMNLT+uFK0A@mail.gmail.com>
 <CA+6mNepT-1KT=8y0-D1Ww=vZ06VH9xVKbW9559N_91XLZ+Tv7w@mail.gmail.com>
 <20170702150443.GA15110@scott1.scottro.net>
 <038eabac-ee8c-3810-12c6-91dba0300970@nomadlogic.org>
Message-ID: <8a719219-6c08-acac-6af9-07c7c876363b@nomadlogic.org>



On 07/02/2017 12:10, Pete Wright wrote:
>
>
> On 07/02/2017 08:04, Scott Robbins wrote:
>> On Sun, Jul 02, 2017 at 07:35:31PM +0530, Sujit K M wrote:
>>> On Sun, Jul 2, 2017 at 7:07 AM, fire crow <fire at firecrow.com> wrote:
>>>> I have the the Lenovo 100S 14 inch ($200), and iwm wifi works well, 
>>>> the
>>>> intel graphics driver does not work with the i915 kernel module yet 
>>>> so the
>>>> only option is vesa, and I had to install from a usb current image 
>>>> to get it
>>>> to work with efi.
>>> Don't you think vesa is outdated to use in something like 2016+ Laptop.
>> I know you're not asking me, but yes.  The Intel driver is really far
>> behind. You may have better luck with OpenBSD as far as that goes. 
>> See my
>> earlier post and link.
>> If using EFI, you may be able to use scfb
>> https://wiki.freebsd.org/Graphics/SCFB
>>
> if running recent intel GPU's based on the i915 chipset on freebsd 
> please test out the code in this repository:
>
> https://github.com/FreeBSDDesktop/freebsd-base-graphics
>
> specifically the "drm-next" branch.  this is actively being hacked on 
> and hopefully with enough testing/exposure will get merged upstream 
> sooner rather than later.  there is lots of work here to refactor how 
> the linuxkpi is implemented to make it easier to keep the i915 code 
> closer in sync with the intel code released for linux.
>
> i run drm-next on all my daily drivers and it's actually quite stable 
> when watching video, browsing web and hacking on systems.
>

also forgot to mention that TrueOS has incorporated the drm-next code 
into their release, so that's another option if you don't want to 
actively track this repository and want to run freebsd and have fully 
hardware accelerated graphics.:

https://www.trueos.org/

-p

-- 
Pete Wright
pete at nomadlogic.org
@nomadlogicLA



From mcevoy.pat at gmail.com  Wed Jul  5 12:21:15 2017
From: mcevoy.pat at gmail.com (Pat McEvoy)
Date: Wed, 5 Jul 2017 12:21:15 -0400
Subject: [talk] 502 Bad Gateway
Message-ID: <66C41D19-5C8B-4888-8766-872147FE1474@gmail.com>

nycbug.org Is kicking off a 502 Bad Gateway error

Patrick

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.nycbug.org:8443/pipermail/talk/attachments/20170705/74808c92/attachment.htm>

From jpb at jimby.name  Wed Jul  5 15:55:40 2017
From: jpb at jimby.name (Jim B.)
Date: Wed, 5 Jul 2017 15:55:40 -0400
Subject: [talk] 502 Bad Gateway
In-Reply-To: <66C41D19-5C8B-4888-8766-872147FE1474@gmail.com>
References: <66C41D19-5C8B-4888-8766-872147FE1474@gmail.com>
Message-ID: <20170705195540.GA85259@jimby.name>

* Pat McEvoy <mcevoy.pat at gmail.com> [2017-07-05 12:21]:
> nycbug.org Is kicking off a 502 Bad Gateway error
> 
> Patrick
> 

Not seeing that from 63.79.91.19 (via firefox)  or from 104.225.12.93 (via lynx).

Wed Jul  5 15:55:25 EDT 2017

Cheers,
Jim B.



From okan at demirmen.com  Wed Jul  5 16:03:12 2017
From: okan at demirmen.com (Okan Demirmen)
Date: Wed, 5 Jul 2017 16:03:12 -0400
Subject: [talk] 502 Bad Gateway
In-Reply-To: <20170705195540.GA85259@jimby.name>
References: <66C41D19-5C8B-4888-8766-872147FE1474@gmail.com>
 <20170705195540.GA85259@jimby.name>
Message-ID: <20170705200312.GA18421@carbon.khaoz.org>

On Wed 2017.07.05 at 15:55 -0400, Jim B. wrote:
> * Pat McEvoy <mcevoy.pat at gmail.com> [2017-07-05 12:21]:
> > nycbug.org Is kicking off a 502 Bad Gateway error
> > 
> > Patrick
> > 
> 
> Not seeing that from 63.79.91.19 (via firefox)  or from 104.225.12.93 (via lynx).
> 
> Wed Jul  5 15:55:25 EDT 2017

Yeah, we took care of it already - thanks though!



From venture37 at geeklan.co.uk  Mon Jul 10 12:06:18 2017
From: venture37 at geeklan.co.uk (Sevan Janiyan)
Date: Mon, 10 Jul 2017 17:06:18 +0100
Subject: [talk] pkgsrcCon 2017 London, stream / schedule (1/07/2017)
In-Reply-To: <9b4f6fe2-72c2-91e5-91b1-74e53dfebfca@geeklan.co.uk>
References: <9b4f6fe2-72c2-91e5-91b1-74e53dfebfca@geeklan.co.uk>
Message-ID: <f2eb5275-987f-58c6-1fe5-f2634243b093@geeklan.co.uk>

Hello,
Thank for the tips, Saturday was a bit of rush and though a feed via XLR
connectors was possible, we couldn't get it working, settling on using
the mic on the webcam to capture from the PA.

Rookie mistakes, I should've adjusted the microphone on the speaking
stand for each speaker to capture their voice better and lighting but
that'll have to be next time, now.

I'm trying to get the videos uploaded to archive.org but boy is their
upload function terrible. I don't have flash installed and their
alternative uploader keeps on barfing. I'm now on day 3 of trying get
the videos on there. Tried Safari, Chrome & FireFox :(

Luckily, the videos and slides are available here
http://pkgsrc.org/pkgsrcCon/2017/talks.html
and a report here
https://blog.netbsd.org/tnf/entry/pkgsrccon_2017_report

Thanks again for the help on getting setup :)

Regards,


Sevan



From jkeenan at pobox.com  Tue Jul 11 09:31:18 2017
From: jkeenan at pobox.com (James E Keenan)
Date: Tue, 11 Jul 2017 09:31:18 -0400
Subject: [talk] Suggest meeting topic: role of BSD in response to ransomware
Message-ID: <67055780-980e-954a-e9a4-36bc36327c6c@pobox.com>

Here's a topic I wouldn't mind seeing discussed at a future NYCBUG meeting:

Is there a role for the BSDs in response to massive ransomware attacks?

In the last few months ransomware attacks such as WannaCry 
(https://en.wikipedia.org/wiki/WannaCry_ransomware_attack) have had a 
devastating effect on large organizations.  Organizations affected 
include one of the largest law firms in the country and one of the 
world's largest advertising agency networks.  Such organizations are, 
typically, "Windows shops."

Suppose that you are a sysadmin or other, non-executive-level techie in 
such an organization.  You've heard about FreeBSD and OpenBSD and you 
wonder, "Would using these OSes have helped us either resist a 
ransomware attack?  Could they help us recover better from such an attack?"

I ask because I know such people.  Their organizations have decades of 
investment in Windows, so, under normal circumstances, it's difficult 
for them to argue the case for other OSes.  But these are not normal 
circumstances.  Is there an "elevator pitch" we could provide them for 
exploring BSD?

Thank you very much.
Jim Keenan



From kmsujit at gmail.com  Tue Jul 11 10:08:54 2017
From: kmsujit at gmail.com (Sujit K M)
Date: Tue, 11 Jul 2017 19:38:54 +0530
Subject: [talk] Suggest meeting topic: role of BSD in response to
 ransomware
In-Reply-To: <67055780-980e-954a-e9a4-36bc36327c6c@pobox.com>
References: <67055780-980e-954a-e9a4-36bc36327c6c@pobox.com>
Message-ID: <CA+6mNepdmCYneMKbDhacozahHTLCLcd0yowD=zG-hsuqUc=4RA@mail.gmail.com>

On Tue, Jul 11, 2017 at 7:01 PM, James E Keenan <jkeenan at pobox.com> wrote:
> Here's a topic I wouldn't mind seeing discussed at a future NYCBUG meeting:

Are you suggesting that since FreeBSD is the defacto standard in
Networking Routers?
Or Are you suggesting the High Availability to Loads that it can support?

>
> Is there a role for the BSDs in response to massive ransomware attacks?

I have never understood these attacks. I find it solely because of
illiterate professionals.
It can always be avoided.

>
> In the last few months ransomware attacks such as WannaCry
> (https://en.wikipedia.org/wiki/WannaCry_ransomware_attack) have had a
> devastating effect on large organizations.  Organizations affected include
> one of the largest law firms in the country and one of the world's largest
> advertising agency networks.  Such organizations are, typically, "Windows
> shops."
>
> Suppose that you are a sysadmin or other, non-executive-level techie in such
> an organization.  You've heard about FreeBSD and OpenBSD and you wonder,
> "Would using these OSes have helped us either resist a ransomware attack?
> Could they help us recover better from such an attack?"

I agree We are better equipped.

>
> I ask because I know such people.  Their organizations have decades of
> investment in Windows, so, under normal circumstances, it's difficult for
> them to argue the case for other OSes.  But these are not normal
> circumstances.  Is there an "elevator pitch" we could provide them for
> exploring BSD?
>
> Thank you very much.
> Jim Keenan
>
> _______________________________________________
> talk mailing list
> talk at lists.nycbug.org
> http://lists.nycbug.org/mailman/listinfo/talk



From okan at demirmen.com  Tue Jul 11 10:33:00 2017
From: okan at demirmen.com (Okan Demirmen)
Date: Tue, 11 Jul 2017 10:33:00 -0400
Subject: [talk] Suggest meeting topic: role of BSD in response to
 ransomware
In-Reply-To: <CA+6mNepdmCYneMKbDhacozahHTLCLcd0yowD=zG-hsuqUc=4RA@mail.gmail.com>
References: <67055780-980e-954a-e9a4-36bc36327c6c@pobox.com>
 <CA+6mNepdmCYneMKbDhacozahHTLCLcd0yowD=zG-hsuqUc=4RA@mail.gmail.com>
Message-ID: <20170711143300.GA84263@carbon.khaoz.org>

On Tue 2017.07.11 at 19:38 +0530, Sujit K M wrote:
> On Tue, Jul 11, 2017 at 7:01 PM, James E Keenan <jkeenan at pobox.com> wrote:
> > Here's a topic I wouldn't mind seeing discussed at a future NYCBUG meeting:
> 
> Are you suggesting that since FreeBSD is the defacto standard in
> Networking Routers?

I don't want to distract from the question James asked, but this statement
above is incorrect; I typically refain from responding to these, but this is
just wrong.

> Or Are you suggesting the High Availability to Loads that it can support?
> 
> >
> > Is there a role for the BSDs in response to massive ransomware attacks?
> 
> I have never understood these attacks. I find it solely because of
> illiterate professionals.
> It can always be avoided.

It is because the frameworks allow for it.

> > In the last few months ransomware attacks such as WannaCry
> > (https://en.wikipedia.org/wiki/WannaCry_ransomware_attack) have had a
> > devastating effect on large organizations.  Organizations affected include
> > one of the largest law firms in the country and one of the world's largest
> > advertising agency networks.  Such organizations are, typically, "Windows
> > shops."
> >
> > Suppose that you are a sysadmin or other, non-executive-level techie in such
> > an organization.  You've heard about FreeBSD and OpenBSD and you wonder,
> > "Would using these OSes have helped us either resist a ransomware attack?
> > Could they help us recover better from such an attack?"
> 
> I agree We are better equipped.
> 
> >
> > I ask because I know such people.  Their organizations have decades of
> > investment in Windows, so, under normal circumstances, it's difficult for
> > them to argue the case for other OSes.  But these are not normal
> > circumstances.  Is there an "elevator pitch" we could provide them for
> > exploring BSD?
> >
> > Thank you very much.
> > Jim Keenan
> >
> > _______________________________________________
> > talk mailing list
> > talk at lists.nycbug.org
> > http://lists.nycbug.org/mailman/listinfo/talk
> 
> _______________________________________________
> talk mailing list
> talk at lists.nycbug.org
> http://lists.nycbug.org/mailman/listinfo/talk



From kmsujit at gmail.com  Tue Jul 11 10:43:15 2017
From: kmsujit at gmail.com (Sujit K M)
Date: Tue, 11 Jul 2017 20:13:15 +0530
Subject: [talk] Suggest meeting topic: role of BSD in response to
 ransomware
In-Reply-To: <20170711143300.GA84263@carbon.khaoz.org>
References: <67055780-980e-954a-e9a4-36bc36327c6c@pobox.com>
 <CA+6mNepdmCYneMKbDhacozahHTLCLcd0yowD=zG-hsuqUc=4RA@mail.gmail.com>
 <20170711143300.GA84263@carbon.khaoz.org>
Message-ID: <CA+6mNerW-jssQxNf+veGNAa_ALEO_FgNnqyRNAORPbf0MpEw5A@mail.gmail.com>

> I don't want to distract from the question James asked, but this statement
> above is incorrect; I typically refain from responding to these, but this is
> just wrong.

This should be joke, stop complaining without facts. We have Cisco and Juniper
where most of the networking routers are based on an FreeBSD Based OS. Most
of web facing httpd servers are using FreeBSD.

>
> It is because the frameworks allow for it.

The same framework allows you to disable. It is like doing a crash
course in 24 hours
or reading some Dummies book in 10 days. You need to know the OS inside out.
Also On the sites like the one suggested by James, you don't actually
configure an
individual router, they are configured otherwise.



From bonsaime at gmail.com  Tue Jul 11 10:49:17 2017
From: bonsaime at gmail.com (Jesse Callaway)
Date: Tue, 11 Jul 2017 07:49:17 -0700
Subject: [talk] Suggest meeting topic: role of BSD in response to
 ransomware
In-Reply-To: <20170711143300.GA84263@carbon.khaoz.org>
References: <67055780-980e-954a-e9a4-36bc36327c6c@pobox.com>
 <CA+6mNepdmCYneMKbDhacozahHTLCLcd0yowD=zG-hsuqUc=4RA@mail.gmail.com>
 <20170711143300.GA84263@carbon.khaoz.org>
Message-ID: <CAJU5ZBM4bb486c=2yH0i0V9P=0nJ=SbkA9GvO=AHh=5nvK_naQ@mail.gmail.com>

On Tue, Jul 11, 2017 at 7:33 AM, Okan Demirmen <okan at demirmen.com> wrote:

> On Tue 2017.07.11 at 19:38 +0530, Sujit K M wrote:
> > On Tue, Jul 11, 2017 at 7:01 PM, James E Keenan <jkeenan at pobox.com>
> wrote:
> > > Here's a topic I wouldn't mind seeing discussed at a future NYCBUG
> meeting:
> >
> > Are you suggesting that since FreeBSD is the defacto standard in
> > Networking Routers?
>
> I don't want to distract from the question James asked, but this statement
> above is incorrect; I typically refain from responding to these, but this
> is
> just wrong.
>
> > Or Are you suggesting the High Availability to Loads that it can support?
> >
> > >
> > > Is there a role for the BSDs in response to massive ransomware attacks?
> >
> > I have never understood these attacks. I find it solely because of
> > illiterate professionals.
> > It can always be avoided.
>
> It is because the frameworks allow for it.
>
> > > In the last few months ransomware attacks such as WannaCry
> > > (https://en.wikipedia.org/wiki/WannaCry_ransomware_attack) have had a
> > > devastating effect on large organizations.  Organizations affected
> include
> > > one of the largest law firms in the country and one of the world's
> largest
> > > advertising agency networks.  Such organizations are, typically,
> "Windows
> > > shops."
> > >
> > > Suppose that you are a sysadmin or other, non-executive-level techie
> in such
> > > an organization.  You've heard about FreeBSD and OpenBSD and you
> wonder,
> > > "Would using these OSes have helped us either resist a ransomware
> attack?
> > > Could they help us recover better from such an attack?"
> >
> > I agree We are better equipped.
> >
> > >
> > > I ask because I know such people.  Their organizations have decades of
> > > investment in Windows, so, under normal circumstances, it's difficult
> for
> > > them to argue the case for other OSes.  But these are not normal
> > > circumstances.  Is there an "elevator pitch" we could provide them for
> > > exploring BSD?
> > >
> > > Thank you very much.
> > > Jim Keenan
> > >
> > > _______________________________________________
> > > talk mailing list
> > > talk at lists.nycbug.org
> > > http://lists.nycbug.org/mailman/listinfo/talk
> >
> > _______________________________________________
> > talk mailing list
> > talk at lists.nycbug.org
> > http://lists.nycbug.org/mailman/listinfo/talk
>
> _______________________________________________
> talk mailing list
> talk at lists.nycbug.org
> http://lists.nycbug.org/mailman/listinfo/talk
>


https://wikileaks.org/vault7/

Most of these exploits are Windows. It's just the easiest target. There's
certainly at least this body of "tools" one can point to, and by inference
on the art of war the bad guys doing ransomware are using similar
technology. So far all ransomware attacks I've heard of (ever) target
Windows networked storage.

I am certainly interested in how an office can use network storage without
using Windows software, in a practical manner. Would be good to hear
people's ideas on this. EG: How can you get a 20 person accounting firm to
be more secure against such an attack while having to run Quickbooks and
whatever their favorite tax software is, using shared document storage.

-- 
-jesse
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.nycbug.org:8443/pipermail/talk/attachments/20170711/eec51c83/attachment.htm>

From jkeenan at pobox.com  Tue Jul 11 10:55:37 2017
From: jkeenan at pobox.com (James E Keenan)
Date: Tue, 11 Jul 2017 10:55:37 -0400
Subject: [talk] Suggest meeting topic: role of BSD in response to
 ransomware
In-Reply-To: <CAJU5ZBM4bb486c=2yH0i0V9P=0nJ=SbkA9GvO=AHh=5nvK_naQ@mail.gmail.com>
References: <67055780-980e-954a-e9a4-36bc36327c6c@pobox.com>
 <CA+6mNepdmCYneMKbDhacozahHTLCLcd0yowD=zG-hsuqUc=4RA@mail.gmail.com>
 <20170711143300.GA84263@carbon.khaoz.org>
 <CAJU5ZBM4bb486c=2yH0i0V9P=0nJ=SbkA9GvO=AHh=5nvK_naQ@mail.gmail.com>
Message-ID: <1c7409bc-e446-329e-2de4-4b990e616626@pobox.com>

On 07/11/2017 10:49 AM, Jesse Callaway wrote:
> 
> 
> On Tue, Jul 11, 2017 at 7:33 AM, Okan Demirmen <okan at demirmen.com 
> <mailto:okan at demirmen.com>> wrote:
> 
>     On Tue 2017.07.11 at 19:38 +0530, Sujit K M wrote:
>     > On Tue, Jul 11, 2017 at 7:01 PM, James E Keenan <jkeenan at pobox.com <mailto:jkeenan at pobox.com>> wrote:
>     > > Here's a topic I wouldn't mind seeing discussed at a future NYCBUG meeting:
>     >
>     > Are you suggesting that since FreeBSD is the defacto standard in
>     > Networking Routers?
> 
>     I don't want to distract from the question James asked, but this
>     statement
>     above is incorrect; I typically refain from responding to these, but
>     this is
>     just wrong.
> 
>     > Or Are you suggesting the High Availability to Loads that it can support?
>     >
>     > >
>     > > Is there a role for the BSDs in response to massive ransomware attacks?
>     >
>     > I have never understood these attacks. I find it solely because of
>     > illiterate professionals.
>     > It can always be avoided.
> 
>     It is because the frameworks allow for it.
> 
>      > > In the last few months ransomware attacks such as WannaCry
>      > > (https://en.wikipedia.org/wiki/WannaCry_ransomware_attack
>     <https://en.wikipedia.org/wiki/WannaCry_ransomware_attack>) have had a
>      > > devastating effect on large organizations.  Organizations
>     affected include
>      > > one of the largest law firms in the country and one of the
>     world's largest
>      > > advertising agency networks.  Such organizations are,
>     typically, "Windows
>      > > shops."
>      > >
>      > > Suppose that you are a sysadmin or other, non-executive-level
>     techie in such
>      > > an organization.  You've heard about FreeBSD and OpenBSD and
>     you wonder,
>      > > "Would using these OSes have helped us either resist a
>     ransomware attack?
>      > > Could they help us recover better from such an attack?"
>      >
>      > I agree We are better equipped.
>      >
>      > >
>      > > I ask because I know such people.  Their organizations have
>     decades of
>      > > investment in Windows, so, under normal circumstances, it's
>     difficult for
>      > > them to argue the case for other OSes.  But these are not normal
>      > > circumstances.  Is there an "elevator pitch" we could provide
>     them for
>      > > exploring BSD?
>      > >
>      > > Thank you very much.
>      > > Jim Keenan
>      > >
>      > > _______________________________________________
>      > > talk mailing list
>      > > talk at lists.nycbug.org <mailto:talk at lists.nycbug.org>
>      > > http://lists.nycbug.org/mailman/listinfo/talk
>     <http://lists.nycbug.org/mailman/listinfo/talk>
>      >
>      > _______________________________________________
>      > talk mailing list
>      > talk at lists.nycbug.org <mailto:talk at lists.nycbug.org>
>      > http://lists.nycbug.org/mailman/listinfo/talk
>     <http://lists.nycbug.org/mailman/listinfo/talk>
> 
>     _______________________________________________
>     talk mailing list
>     talk at lists.nycbug.org <mailto:talk at lists.nycbug.org>
>     http://lists.nycbug.org/mailman/listinfo/talk
>     <http://lists.nycbug.org/mailman/listinfo/talk>
> 
> 
> 
> https://wikileaks.org/vault7/
> 
> Most of these exploits are Windows. It's just the easiest target. 
> There's certainly at least this body of "tools" one can point to, and by 
> inference on the art of war the bad guys doing ransomware are using 
> similar technology. So far all ransomware attacks I've heard of (ever) 
> target Windows networked storage.
> 
> I am certainly interested in how an office can use network storage 
> without using Windows software, in a practical manner. Would be good to 
> hear people's ideas on this. EG: How can you get a 20 person accounting 
> firm to be more secure against such an attack while having to run 
> Quickbooks and whatever their favorite tax software is, using shared 
> document storage.
> 
> -- 
> -jesse
> 

Thanks, Jesse, that's an example of the kind of response I was looking for.

Do the BSDs address problems that people outside the BSD world are 
currently facing?

And how do we talk with them about that?

jimk



From kmsujit at gmail.com  Tue Jul 11 10:57:53 2017
From: kmsujit at gmail.com (Sujit K M)
Date: Tue, 11 Jul 2017 20:27:53 +0530
Subject: [talk] Suggest meeting topic: role of BSD in response to
 ransomware
In-Reply-To: <CAJU5ZBM4bb486c=2yH0i0V9P=0nJ=SbkA9GvO=AHh=5nvK_naQ@mail.gmail.com>
References: <67055780-980e-954a-e9a4-36bc36327c6c@pobox.com>
 <CA+6mNepdmCYneMKbDhacozahHTLCLcd0yowD=zG-hsuqUc=4RA@mail.gmail.com>
 <20170711143300.GA84263@carbon.khaoz.org>
 <CAJU5ZBM4bb486c=2yH0i0V9P=0nJ=SbkA9GvO=AHh=5nvK_naQ@mail.gmail.com>
Message-ID: <CA+6mNeoNAhADxm1vRqcF_Ps1HNkkFTRLDcGgw2pMjKjnMfndXg@mail.gmail.com>

> https://wikileaks.org/vault7/
>
> Most of these exploits are Windows. It's just the easiest target. There's
> certainly at least this body of "tools" one can point to, and by inference
> on the art of war the bad guys doing ransomware are using similar
> technology. So far all ransomware attacks I've heard of (ever) target
> Windows networked storage.

What I simply don't understand in these attacks is how is a network storage
on a different network getting affected, unless there are some trojans etc
that have a back door to exploit. I have seen enough articles stating how
FBI had incoporated Back doors in Linux or for that matter *BSD's. Might be
I am wrong in stating that We are completely safe. But I find always poking
a jab at our weaker cousins like Windows should be a safe way out. As most
of the people exploiting Windows don't have an access to source code.

>
> I am certainly interested in how an office can use network storage without
> using Windows software, in a practical manner. Would be good to hear
> people's ideas on this. EG: How can you get a 20 person accounting firm to
> be more secure against such an attack while having to run Quickbooks and
> whatever their favorite tax software is, using shared document storage.

This is not correct though I cannot state where exactly or which software
supports this. One example is ixsystems.



From skreuzer at exit2shell.com  Tue Jul 11 13:01:04 2017
From: skreuzer at exit2shell.com (Steven Kreuzer)
Date: Tue, 11 Jul 2017 13:01:04 -0400
Subject: [talk] Suggest meeting topic: role of BSD in response to
 ransomware
In-Reply-To: <67055780-980e-954a-e9a4-36bc36327c6c@pobox.com>
References: <67055780-980e-954a-e9a4-36bc36327c6c@pobox.com>
Message-ID: <8FE2AC84-187A-45A0-AF4E-A26C12AC87E8@exit2shell.com>


> On Jul 11, 2017, at 9:31 AM, James E Keenan <jkeenan at pobox.com> wrote:
> 
> Suppose that you are a sysadmin or other, non-executive-level techie in such an organization.  You've heard about FreeBSD and OpenBSD and you wonder, "Would using these OSes have helped us either resist a ransomware attack?  Could they help us recover better from such an attack?"

So, just like everything else I think that the answer is both yes and no. For this very particular incident the exploit vector was taking advantage of a Windows specific issue. This attack would have been mitigated if you ran a patched version of Windows as Microsoft had already provided a fix for this. If your file services for windows clients were provided by Samba running on either a BSD or Linux box, a NetApp, Isilon or some other enterprise storage solution you also would not have been vulnerable to WannaCry.

The real issue here is that people either unknowingly ran vulnerable piece of software, or they knew and didn't/couldn't upgrade for one reason or another. For these types of incidents, it doesn't really matter what you are running because if you have infrastructure that has known vulnerabilities and you can't address those issues, its not if you have an 'incident', but more likely when.

About a year ago some other ransomware spread around the internet, but this one ran on plain old Windows desktops and encrypted files on any drive that the machine had mounted. When a user in my office got hit by this, because we have shared drives which are mounted and mapped to regular drive letters, all the files in these remote volumes got encrypted. However, because we implemented a very aggressive snapshot policy, recovery was just taking that workstation offline and just promoting the last snapshot taken on the storage server before the incident. You might be able to make the case that filesystems such as ZFS which offer very cheap snapshotting capabilities make it easier to recover from these types of events but that comes with the complexity of 'rolling your own' and having an IT department with the skill set to support that.

Its always really easy to point a finger at Microsoft and blame them for writing buggy, insecure software but more often than not the real underlying issue is that the company doesn't put an emphasis on security, values uptime more than upgrades or has components that are so critical to business continuity that people are afraid to touch them. In my experience its usually been a combination of all three. Unfortunately, no amount of technology can fix a broken culture.


From bcully at gmail.com  Tue Jul 11 13:23:13 2017
From: bcully at gmail.com (Brian Cully)
Date: Tue, 11 Jul 2017 13:23:13 -0400
Subject: [talk] Suggest meeting topic: role of BSD in response to
 ransomware
In-Reply-To: <8FE2AC84-187A-45A0-AF4E-A26C12AC87E8@exit2shell.com>
References: <67055780-980e-954a-e9a4-36bc36327c6c@pobox.com>
 <8FE2AC84-187A-45A0-AF4E-A26C12AC87E8@exit2shell.com>
Message-ID: <33C44CA5-E5D8-4BE4-B5DB-689860759EFE@gmail.com>


> On 11-Jul-2017, at 13:01, Steven Kreuzer <skreuzer at exit2shell.com> wrote:
> 
> 
>> On Jul 11, 2017, at 9:31 AM, James E Keenan <jkeenan at pobox.com> wrote:
>> 
>> Suppose that you are a sysadmin or other, non-executive-level techie in such an organization.  You've heard about FreeBSD and OpenBSD and you wonder, "Would using these OSes have helped us either resist a ransomware attack?  Could they help us recover better from such an attack?"
> 
> So, just like everything else I think that the answer is both yes and no. For this very particular incident the exploit vector was taking advantage of a Windows specific issue. This attack would have been mitigated if you ran a patched version of Windows as Microsoft had already provided a fix for this. If your file services for windows clients were provided by Samba running on either a BSD or Linux box, a NetApp, Isilon or some other enterprise storage solution you also would not have been vulnerable to WannaCry.

	MS didn?t provide a fix for XP, which was a huge vector, until after WannaCry hit. At least if you weren?t paying for support. It?s almost its own kind of ransomware: pay us to provide you security patches we?ve already developed because it?d be a real shame if something happened to your lovely MRI machine.

> Its always really easy to point a finger at Microsoft and blame them for writing buggy, insecure software but more often than not the real underlying issue is that the company doesn't put an emphasis on security, values uptime more than upgrades or has components that are so critical to business continuity that people are afraid to touch them. In my experience its usually been a combination of all three. Unfortunately, no amount of technology can fix a broken culture.
> 

	This, very much. But there?s one other angle that Zeynep Tufecki keeps hammering home: upgrading software often breaks things or introduces unwanted ?features?, such as Windows 10 deciding it?s time to spy on you for better advertising. You can?t /just/ get security updates in many cases. This is much less an issue in the *nix world, but it still happens. Throw in the thousand other constraints around a lot of software infrastructure in the wild and this becomes a really difficult to intractable issue for end-users. In the end, I gotta agree with her conclusions: it?s not the fault of the users that this stuff happens, it?s the fault of existing tech culture and processes, and it?s on us to change. After all, it?s our software that?s eating the world, so what are we doing to make sure that happens safely? The stuff we get away with would never fly in a proper engineering context.

-bjc


From pete at nomadlogic.org  Tue Jul 11 13:49:06 2017
From: pete at nomadlogic.org (Pete Wright)
Date: Tue, 11 Jul 2017 10:49:06 -0700
Subject: [talk] Suggest meeting topic: role of BSD in response to
 ransomware
In-Reply-To: <CA+6mNerW-jssQxNf+veGNAa_ALEO_FgNnqyRNAORPbf0MpEw5A@mail.gmail.com>
References: <67055780-980e-954a-e9a4-36bc36327c6c@pobox.com>
 <CA+6mNepdmCYneMKbDhacozahHTLCLcd0yowD=zG-hsuqUc=4RA@mail.gmail.com>
 <20170711143300.GA84263@carbon.khaoz.org>
 <CA+6mNerW-jssQxNf+veGNAa_ALEO_FgNnqyRNAORPbf0MpEw5A@mail.gmail.com>
Message-ID: <117fb1f2-7a0a-51fe-cf13-62b681f71241@nomadlogic.org>



On 07/11/2017 07:43, Sujit K M wrote:
>> I don't want to distract from the question James asked, but this statement
>> above is incorrect; I typically refain from responding to these, but this is
>> just wrong.
> This should be joke, stop complaining without facts. We have Cisco and Juniper
> where most of the networking routers are based on an FreeBSD Based OS. Most
> of web facing httpd servers are using FreeBSD.
When did IOS and NX/OS move over to FreeBSD?  Also Arista's run linux 
(and redhat at that yikes!), and most of the cloud infra (AWS, Google, 
Azure) are running software defined networks (SDN) which is most likely 
also running a linux kernel (and a debian userland - yikes again!).

now, i would rather see these above systems (esp the SDN vendors) *not* 
run Linux and run a BSD variant (OpenBSD specifically) - but it's the 
unfortunate truth that a majority of switching and routing is most 
likely done by either a linux kernel or a proprietary kernel.

-p

-- 
Pete Wright
pete at nomadlogic.org
@nomadlogicLA



From pete at nomadlogic.org  Tue Jul 11 13:55:10 2017
From: pete at nomadlogic.org (Pete Wright)
Date: Tue, 11 Jul 2017 10:55:10 -0700
Subject: [talk] Suggest meeting topic: role of BSD in response to
 ransomware
In-Reply-To: <67055780-980e-954a-e9a4-36bc36327c6c@pobox.com>
References: <67055780-980e-954a-e9a4-36bc36327c6c@pobox.com>
Message-ID: <bb1bca8f-51ff-8977-85c7-6e23b9128834@nomadlogic.org>


On 07/11/2017 06:31, James E Keenan wrote:
> Here's a topic I wouldn't mind seeing discussed at a future NYCBUG 
> meeting:
>
> Is there a role for the BSDs in response to massive ransomware attacks?
>
> In the last few months ransomware attacks such as WannaCry 
> (https://en.wikipedia.org/wiki/WannaCry_ransomware_attack) have had a 
> devastating effect on large organizations.  Organizations affected 
> include one of the largest law firms in the country and one of the 
> world's largest advertising agency networks.  Such organizations are, 
> typically, "Windows shops."
>
> Suppose that you are a sysadmin or other, non-executive-level techie 
> in such an organization.  You've heard about FreeBSD and OpenBSD and 
> you wonder, "Would using these OSes have helped us either resist a 
> ransomware attack?  Could they help us recover better from such an 
> attack?"
>
> I ask because I know such people.  Their organizations have decades of 
> investment in Windows, so, under normal circumstances, it's difficult 
> for them to argue the case for other OSes.  But these are not normal 
> circumstances.  Is there an "elevator pitch" we could provide them for 
> exploring BSD?
>
I think this would be a great topic for discussion.  I have found that 
most Windows IT teams I've worked with are as overworked as myself and 
really appreciate something that could make their lives easier (if 
presented to them correctly).  For example I turned the team at my old 
shop onto FreeNAS, and walked them through setting it up etc, and they 
were stoked.  It saved them budget and "just worked" and I got to build 
a collaborative relationship with them.

I guess the hard part is how do you convince an IT team to make sure 
netbios isn't reachable on the public internet, and proper network 
security hygiene is being followed?

Now if it was a linux shop we were talking about this would be a much 
easier elevator pitch:
"Hey, you guys trust systemd?  Have you ever tried debugging a hardware 
or OS fault on a systemd box?  Why don't you check out this nice BSD 
world, we have docs *and* no systemd." :^)

-pete

-- 
Pete Wright
pete at nomadlogic.org
@nomadlogicLA



From _ at thomaslevine.com  Tue Jul 11 16:03:49 2017
From: _ at thomaslevine.com (Thomas Levine)
Date: Tue, 11 Jul 2017 20:03:49 +0000
Subject: [talk] Suggest meeting topic: role of BSD in response to
 ransomware
In-Reply-To: <67055780-980e-954a-e9a4-36bc36327c6c@pobox.com>
References: <67055780-980e-954a-e9a4-36bc36327c6c@pobox.com>
Message-ID: <1499803429.659091.1037663656.0C3E211E@webmail.messagingengine.com>

On Tue, Jul 11, 2017, at 01:31 PM, James E Keenan wrote:
> Is there a role for the BSDs in response to massive ransomware attacks?

I suppose it should be a comparison of how a neglected network of
FreeBSD and OpenBSD computers would fare against a neglected network of
Cisco and Windows computers when attacked by software designed
specifically for the particular respective networks. I would love to see
that. I imagine that the *BSD network would do better, but I don't
really know why. For example, I don't have a good sense of how release
cycles, documentation, good defaults, general software correctness, user
permissions, and freedom of source code contribute to resistance against
contemporary software attacks.

But, while I do think inquiring into this inquiry would be interesting,
I must note that I find your motives to be disingenuous.

On Tue, Jul 11, 2017, at 01:31 PM, James E Keenan wrote:
> In the last few months ransomware attacks such as WannaCry 
> (https://en.wikipedia.org/wiki/WannaCry_ransomware_attack) have had a 
> devastating effect on large organizations.  Organizations affected 
> include one of the largest law firms in the country and one of the 
> world's largest advertising agency networks.  Such organizations are, 
> typically, "Windows shops."
> 
> Suppose that you are a sysadmin or other, non-executive-level techie in 
> such an organization.  You've heard about FreeBSD and OpenBSD and you 
> wonder, "Would using these OSes have helped us either resist a 
> ransomware attack?  Could they help us recover better from such an
> attack?"

I suspect that the use of OpenBSD could help in resisting some software
attacks, but I believe that such resistance has no place in business.
OpenBSD is more correct and simple than Windows, and this is problematic
for business;  a "techie" in a large organization is better off using
complex software that breaks a lot; this way, he or she can get stressed
out enough to make his or her bosses happy, he or she can plausibly
blame a vendor when things go wrong, he or she can feel like he or she
is being challenged, and he or she can more easily convince co-workers,
investors, and customers that the company is doing something magic,
difficult, and novel.

What's more, even if these various requirements were to be removed, I
think there would still be no benefit to using correct software in the
context of a large organization because the individual worker is likely
to have been fired or at least moved to a different project before the
value of the correctness would be realized. I find the benefits of
correct of software to come mostly from avoiding bugs rather than from
speeding up the initial writing of the software, so correct software has
no place in large organizations. And, on the other hand, the
consequences of incorrect software are not so bad in the context of
business, especially in the case of ransomware; the techie probably
won't lose any of his or her own data during the incident, so the worst
that might reasonably happen is that he or she will get fired.

Resisting such an attack would probably jeopardize the techie's career,
with no potential upside. I'm fine with people doing this if they are
aware of the risks, so the problem is only that they often are not. I
thus feel that it is important, ethically, to make the techie aware of
the danger of resisting attacks against his or her company. In case you
do not share my concern for the techie's career, perhaps you at least
share my interest in not losing valuable data: If someone is interested
in improving data security in society, I think that implementing it
within a large organization is a bad approach; resisting attacks is
probably against the interests of anyone in the organization, so there
are probably other places where one can more usefully apply his or her
knowledge.

And in case you do not share either ethical concern, here is a more
practical corollary:  I think it would be far less interesting to me to
discuss how such systems could be implemented in large organizations in
particular, as that such a discussion would have to focus on how to
write good software while maintaining an illusion of stress and
complexity and normalcy that comes with using popular bad software; it
would be more interesting to consider situations where good software is
in fact beneficial and thus does not have to be hidden.



When I consider all of the different ideas that we have presented on
this topic, it in fact sounds more like a doctoral thesis than a NYCBUG
talk.



From jkeenan at pobox.com  Tue Jul 11 21:19:30 2017
From: jkeenan at pobox.com (James E Keenan)
Date: Tue, 11 Jul 2017 21:19:30 -0400
Subject: [talk] Vagrant Cloud boxes for BSDs
Message-ID: <362863c6-d7b4-2e11-fc94-794517d4089f@pobox.com>

This post is directed toward anyone on list who has had experience using 
the Vagrant boxes available on the "Vagrant Cloud" 
(https://app.vagrantup.com/boxes/search) for working with the BSDs.

Specifically:

1. FreeBSD-12.0-CURRENT

At https://app.vagrantup.com/freebsd/boxes/FreeBSD-12.0-CURRENT, I find 
what appears to be links to weekly snapshot builds of 12.0-CURRENT, e.g.:

https://app.vagrantup.com/freebsd/boxes/FreeBSD-12.0-CURRENT/versions/2017.07.11
https://app.vagrantup.com/freebsd/boxes/FreeBSD-12.0-CURRENT/versions/2017.07.04
...

Each of these has a "vmware_desktop" version and a "virtualbox" version. 
  I have experience in both kinds of VM.

What I would like to do with these boxes is:

* Install one each week.
* Configure as necessary to be able to test Perl 5 blead.  This would 
require using 'pkg' to install perl, git, vim, certain perl libraries, 
etc., in an automated way.
* Generate smoke test reports of perl 5 blead on FreeBSD-12.0-CURRENT.
* Discard boxes after, say, 4 weeks.

Has anyone experience with something like this?  What have you learned 
from that experience?

2. OpenBSD

I've never succeeded in getting a working (meaning:  connected to the 
Internet) OpenBSD VM, but I see that boxes are available here:

https://app.vagrantup.com/boxes/search?utf8=%E2%9C%93&sort=created&provider=&q=OpenBSD

I could use such a box to familiarize myself with OpenBSD as well as to 
smoke test Perl.

Has anyone used such boxes to keep up with OpenBSD development?

3. NetBSD

I've never touched NetBSD at all, but boxes are available here:

https://app.vagrantup.com/boxes/search?utf8=%E2%9C%93&sort=created&provider=&q=NetBSD

Same concern and questions as for OpenBSD.

Thank you very much.
Jim Keenan



From _ at thomaslevine.com  Wed Jul 12 05:59:38 2017
From: _ at thomaslevine.com (Thomas Levine)
Date: Wed, 12 Jul 2017 09:59:38 +0000
Subject: [talk] Receiving the output of a terminal
Message-ID: <20170712095940.1C12E7E4AA@mailuser.nyi.internal>

How can I receive the output of a tty in another program? Or, perhaps
an easier way of asking this: is there good documentation on how to
implement a terminal emulator?

To give you an idea of what I am looking for, it could na?vely sort of
make sense that the following procedure would accomplish what I want.
Inside the sending virtual terminal, run this.

  ln -s $(tty) /tmp/tty
  
Then, inside the receiving program, run this

  cat /tmp/tty

Of course it does not do what I want, probably because both the first
terminal and the cat are consuming output of the tty.



I want this so I can improve my screen reader software. In the present
implementation I have patched script(1) so that output to the file is
less buffered and so that header and footer messages are not printed.
https://thomaslevine.com/scm/tsh/artifact/ab625a43ee958dba

Then I send the output from the resulting patched script(1) to a FIFO,
and I read from the FIFO into espeak.
https://thomaslevine.com/scm/tsh/artifact/75f981520a431d96

I think I should be able to implement this far more simply by reading
directly from an ordinary tty rather than using script(1).

My present implementation is still much better than that of any other
screen reader that I am aware of. Mine is far simpler than all the
others that I have read about because the others all implement
unnecessary non-standard alternatives to things that already already
exist in shells or in Unix-style programs that can easily be called from
shells. The main benefit of doing this without patching script(1) is
thus to make it easier to port to other systems.



From skreuzer at exit2shell.com  Wed Jul 12 09:51:03 2017
From: skreuzer at exit2shell.com (Steven Kreuzer)
Date: Wed, 12 Jul 2017 09:51:03 -0400
Subject: [talk] Vagrant Cloud boxes for BSDs
In-Reply-To: <362863c6-d7b4-2e11-fc94-794517d4089f@pobox.com>
References: <362863c6-d7b4-2e11-fc94-794517d4089f@pobox.com>
Message-ID: <554AE927-A874-4964-8A5E-B788145A0E8D@exit2shell.com>

Hi Jim-

> On Jul 11, 2017, at 9:19 PM, James E Keenan <jkeenan at pobox.com> wrote:
> 
> What I would like to do with these boxes is:
> 
> * Install one each week.
> * Configure as necessary to be able to test Perl 5 blead.  This would require using 'pkg' to install perl, git, vim, certain perl libraries, etc., in an automated way.
> * Generate smoke test reports of perl 5 blead on FreeBSD-12.0-CURRENT.
> * Discard boxes after, say, 4 weeks.
> 
> Has anyone experience with something like this?  What have you learned from that experience?

The use case you described is one of the areas that vagrant really shines. For FreeBSD you would just need to create a Vagrantfile that looks something like this: 

# -*- mode: ruby -*-
# vi: set ft=ruby :

Vagrant.configure("2") do |config|
  config.vm.box = "freebsd/FreeBSD-12.0-CURRENT"
  config.vm.base_mac = "080027D14C66"
  config.ssh.shell = "sh"
  config.vm.synced_folder ".", "/vagrant", disabled: true
  config.vm.provision "shell", inline: <<-SHELL
	pkg -y install perl5 git vim-lite
  SHELL
end

After the file has been created, just do `vagrant up` which will download the base image, provision a new VM for it and boot that VM up.
Once its up and running you can make use of the config.vm.provision functionality to perform any post install configuration such as installing
packages and whatnot. After that its just `vagrant ssh` to connect to the box and once you are done with you can discard it with `vagrant destroy`


From bonsaime at gmail.com  Wed Jul 12 10:48:30 2017
From: bonsaime at gmail.com (Jesse Callaway)
Date: Wed, 12 Jul 2017 07:48:30 -0700
Subject: [talk] Receiving the output of a terminal
In-Reply-To: <20170712095940.1C12E7E4AA@mailuser.nyi.internal>
References: <20170712095940.1C12E7E4AA@mailuser.nyi.internal>
Message-ID: <CAJU5ZBMeivjJoTadp1F7muDma97o9iWxNDMVD-kfTfisfyTRrw@mail.gmail.com>

On Wed, Jul 12, 2017 at 2:59 AM, Thomas Levine <_ at thomaslevine.com> wrote:

> How can I receive the output of a tty in another program? Or, perhaps
> an easier way of asking this: is there good documentation on how to
> implement a terminal emulator?
>
> To give you an idea of what I am looking for, it could na?vely sort of
> make sense that the following procedure would accomplish what I want.
> Inside the sending virtual terminal, run this.
>
>   ln -s $(tty) /tmp/tty
>
> Then, inside the receiving program, run this
>
>   cat /tmp/tty
>
> Of course it does not do what I want, probably because both the first
> terminal and the cat are consuming output of the tty.
>
>
>
> I want this so I can improve my screen reader software. In the present
> implementation I have patched script(1) so that output to the file is
> less buffered and so that header and footer messages are not printed.
> https://thomaslevine.com/scm/tsh/artifact/ab625a43ee958dba
>
> Then I send the output from the resulting patched script(1) to a FIFO,
> and I read from the FIFO into espeak.
> https://thomaslevine.com/scm/tsh/artifact/75f981520a431d96
>
> I think I should be able to implement this far more simply by reading
> directly from an ordinary tty rather than using script(1).
>
> My present implementation is still much better than that of any other
> screen reader that I am aware of. Mine is far simpler than all the
> others that I have read about because the others all implement
> unnecessary non-standard alternatives to things that already already
> exist in shells or in Unix-style programs that can easily be called from
> shells. The main benefit of doing this without patching script(1) is
> thus to make it easier to port to other systems.
>
> _______________________________________________
> talk mailing list
> talk at lists.nycbug.org
> http://lists.nycbug.org/mailman/listinfo/talk


Funny I was looking to do something similar the other day. Wanted to pipe
stdout via a tee to netcat. I think creative use of the "screen" program
could do it, but haven't spent enough time in the gedankenwelt to get it
done.

-- 
-jesse
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.nycbug.org:8443/pipermail/talk/attachments/20170712/e6d1ffad/attachment.htm>

From bonsaime at gmail.com  Wed Jul 12 10:49:30 2017
From: bonsaime at gmail.com (Jesse Callaway)
Date: Wed, 12 Jul 2017 07:49:30 -0700
Subject: [talk] Receiving the output of a terminal
In-Reply-To: <CAJU5ZBMeivjJoTadp1F7muDma97o9iWxNDMVD-kfTfisfyTRrw@mail.gmail.com>
References: <20170712095940.1C12E7E4AA@mailuser.nyi.internal>
 <CAJU5ZBMeivjJoTadp1F7muDma97o9iWxNDMVD-kfTfisfyTRrw@mail.gmail.com>
Message-ID: <CAJU5ZBOW7UNGrp=BAd5EBkXc1sd-Ecbw=jZdEz=uLeUVJnej=Q@mail.gmail.com>

On Wed, Jul 12, 2017 at 7:48 AM, Jesse Callaway <bonsaime at gmail.com> wrote:

>
>
> On Wed, Jul 12, 2017 at 2:59 AM, Thomas Levine <_ at thomaslevine.com> wrote:
>
>> How can I receive the output of a tty in another program? Or, perhaps
>> an easier way of asking this: is there good documentation on how to
>> implement a terminal emulator?
>>
>> To give you an idea of what I am looking for, it could na?vely sort of
>> make sense that the following procedure would accomplish what I want.
>> Inside the sending virtual terminal, run this.
>>
>>   ln -s $(tty) /tmp/tty
>>
>> Then, inside the receiving program, run this
>>
>>   cat /tmp/tty
>>
>> Of course it does not do what I want, probably because both the first
>> terminal and the cat are consuming output of the tty.
>>
>>
>>
>> I want this so I can improve my screen reader software. In the present
>> implementation I have patched script(1) so that output to the file is
>> less buffered and so that header and footer messages are not printed.
>> https://thomaslevine.com/scm/tsh/artifact/ab625a43ee958dba
>>
>> Then I send the output from the resulting patched script(1) to a FIFO,
>> and I read from the FIFO into espeak.
>> https://thomaslevine.com/scm/tsh/artifact/75f981520a431d96
>>
>> I think I should be able to implement this far more simply by reading
>> directly from an ordinary tty rather than using script(1).
>>
>> My present implementation is still much better than that of any other
>> screen reader that I am aware of. Mine is far simpler than all the
>> others that I have read about because the others all implement
>> unnecessary non-standard alternatives to things that already already
>> exist in shells or in Unix-style programs that can easily be called from
>> shells. The main benefit of doing this without patching script(1) is
>> thus to make it easier to port to other systems.
>>
>> _______________________________________________
>> talk mailing list
>> talk at lists.nycbug.org
>> http://lists.nycbug.org/mailman/listinfo/talk
>
>
> Funny I was looking to do something similar the other day. Wanted to pipe
> stdout via a tee to netcat. I think creative use of the "screen" program
> could do it, but haven't spent enough time in the gedankenwelt to get it
> done.
>
> --
> -jesse
>

Nevermind, I see you have the raw case handled.

-- 
-jesse
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.nycbug.org:8443/pipermail/talk/attachments/20170712/77a44678/attachment.htm>

From mcevoy.pat at gmail.com  Thu Jul 13 15:15:47 2017
From: mcevoy.pat at gmail.com (Patrick McEvoy)
Date: Thu, 13 Jul 2017 15:15:47 -0400
Subject: [talk] pkgsrcCon 2017 London, stream / schedule (1/07/2017)
In-Reply-To: <f2eb5275-987f-58c6-1fe5-f2634243b093@geeklan.co.uk>
References: <9b4f6fe2-72c2-91e5-91b1-74e53dfebfca@geeklan.co.uk>
 <f2eb5275-987f-58c6-1fe5-f2634243b093@geeklan.co.uk>
Message-ID: <5967C6E3.8070209@gmail.com>

evan Janiyan wrote:
> Hello,
> Thank for the tips, Saturday was a bit of rush and though a feed via XLR
> connectors was possible, we couldn't get it working, settling on using
> the mic on the webcam to capture from the PA.
> 
> Rookie mistakes, I should've adjusted the microphone on the speaking
> stand for each speaker to capture their voice better and lighting but
> that'll have to be next time, now.
> 
> I'm trying to get the videos uploaded to archive.org but boy is their
> upload function terrible. I don't have flash installed and their
> alternative uploader keeps on barfing. I'm now on day 3 of trying get
> the videos on there. Tried Safari, Chrome & FireFox :(
> 
> Luckily, the videos and slides are available here
> http://pkgsrc.org/pkgsrcCon/2017/talks.html
> and a report here
> https://blog.netbsd.org/tnf/entry/pkgsrccon_2017_report
> 
> Thanks again for the help on getting setup :)
> 
> Regards,
> 
> 
> Sevan
> 
> _______________________________________________
> talk mailing list
> talk at lists.nycbug.org
> http://lists.nycbug.org/mailman/listinfo/talk


Glad you found it helpful. Cons offer a special type of chaos.
I look forward to meeting up with you at one in the future and actually
having the time to share a beer. I will be working out some more
streaming & recording kinks in the future and would be happy to share.
Till then, take care.
P



From george at ceetonetechnology.com  Thu Jul 13 15:20:00 2017
From: george at ceetonetechnology.com (George Rosamond)
Date: Thu, 13 Jul 2017 19:20:00 +0000
Subject: [talk] pkgsrcCon 2017 London, stream / schedule (1/07/2017)
In-Reply-To: <5967C6E3.8070209@gmail.com>
References: <9b4f6fe2-72c2-91e5-91b1-74e53dfebfca@geeklan.co.uk>
 <f2eb5275-987f-58c6-1fe5-f2634243b093@geeklan.co.uk>
 <5967C6E3.8070209@gmail.com>
Message-ID: <a84503b8-e701-beb8-918c-6b0fd368d519@ceetonetechnology.com>

Patrick McEvoy:
> evan Janiyan wrote:
>> Hello,
>> Thank for the tips, Saturday was a bit of rush and though a feed via XLR
>> connectors was possible, we couldn't get it working, settling on using
>> the mic on the webcam to capture from the PA.
>>
>> Rookie mistakes, I should've adjusted the microphone on the speaking
>> stand for each speaker to capture their voice better and lighting but
>> that'll have to be next time, now.
>>
>> I'm trying to get the videos uploaded to archive.org but boy is their
>> upload function terrible. I don't have flash installed and their
>> alternative uploader keeps on barfing. I'm now on day 3 of trying get
>> the videos on there. Tried Safari, Chrome & FireFox :(
>>
>> Luckily, the videos and slides are available here
>> http://pkgsrc.org/pkgsrcCon/2017/talks.html
>> and a report here
>> https://blog.netbsd.org/tnf/entry/pkgsrccon_2017_report
>>
>> Thanks again for the help on getting setup :)
>>
>> Regards,
>>
>>
>> Sevan
>>
>> _______________________________________________
>> talk mailing list
>> talk at lists.nycbug.org
>> http://lists.nycbug.org/mailman/listinfo/talk
> 
> 
> Glad you found it helpful. Cons offer a special type of chaos.
> I look forward to meeting up with you at one in the future and actually
> having the time to share a beer. I will be working out some more
> streaming & recording kinks in the future and would be happy to share.
> Till then, take care.

Oh, everyone knows cons are easy.  Demos and streaming are the easiest part!

When we did the first con, Ike argued video recording only worked if you
hired an outside firm, particularly in open source land.

I argued against it.  We didn't get actually uploaded video or streaming
until Patrick, I think. In the process of me recognizing I was wrong, we
never had any recordings. I could be wrong, but I'm pretty sure nothing
worked until Patrick took control.

g



From justin at shiningsilence.com  Tue Jul 18 20:08:34 2017
From: justin at shiningsilence.com (Justin Sherrill)
Date: Tue, 18 Jul 2017 20:08:34 -0400
Subject: [talk] Vagrant Cloud boxes for BSDs
In-Reply-To: <362863c6-d7b4-2e11-fc94-794517d4089f@pobox.com>
References: <362863c6-d7b4-2e11-fc94-794517d4089f@pobox.com>
Message-ID: <CA+YR8=37OGJzS9_fLWWRezrT01J=ojSG5GFd+hJrneAQz8GJhQ@mail.gmail.com>

I'm stumbling into this a bit late, but: if you wanted to do the same
thing with DragonFly, you can use nrelease (usr/src/nrelease) on
DragonFly to build an image that includes various items via pkg
automatically.  Configuration afterwards could be done with rconfig
too, possibly, though I have not tried it.

( https://leaf.dragonflybsd.org/cgi/web-man has details on both
nrelease and rconfig)

On Tue, Jul 11, 2017 at 9:19 PM, James E Keenan <jkeenan at pobox.com> wrote:
> This post is directed toward anyone on list who has had experience using the
> Vagrant boxes available on the "Vagrant Cloud"
> (https://app.vagrantup.com/boxes/search) for working with the BSDs.
>
> Specifically:
>
> 1. FreeBSD-12.0-CURRENT
>
> At https://app.vagrantup.com/freebsd/boxes/FreeBSD-12.0-CURRENT, I find what
> appears to be links to weekly snapshot builds of 12.0-CURRENT, e.g.:
>
> https://app.vagrantup.com/freebsd/boxes/FreeBSD-12.0-CURRENT/versions/2017.07.11
> https://app.vagrantup.com/freebsd/boxes/FreeBSD-12.0-CURRENT/versions/2017.07.04
> ...
>
> Each of these has a "vmware_desktop" version and a "virtualbox" version.  I
> have experience in both kinds of VM.
>
> What I would like to do with these boxes is:
>
> * Install one each week.
> * Configure as necessary to be able to test Perl 5 blead.  This would
> require using 'pkg' to install perl, git, vim, certain perl libraries, etc.,
> in an automated way.
> * Generate smoke test reports of perl 5 blead on FreeBSD-12.0-CURRENT.
> * Discard boxes after, say, 4 weeks.
>
> Has anyone experience with something like this?  What have you learned from
> that experience?
>
> 2. OpenBSD
>
> I've never succeeded in getting a working (meaning:  connected to the
> Internet) OpenBSD VM, but I see that boxes are available here:
>
> https://app.vagrantup.com/boxes/search?utf8=%E2%9C%93&sort=created&provider=&q=OpenBSD
>
> I could use such a box to familiarize myself with OpenBSD as well as to
> smoke test Perl.
>
> Has anyone used such boxes to keep up with OpenBSD development?
>
> 3. NetBSD
>
> I've never touched NetBSD at all, but boxes are available here:
>
> https://app.vagrantup.com/boxes/search?utf8=%E2%9C%93&sort=created&provider=&q=NetBSD
>
> Same concern and questions as for OpenBSD.
>
> Thank you very much.
> Jim Keenan
>
> _______________________________________________
> talk mailing list
> talk at lists.nycbug.org
> http://lists.nycbug.org/mailman/listinfo/talk



From kmsujit at gmail.com  Sat Jul 22 04:06:48 2017
From: kmsujit at gmail.com (Sujit K M)
Date: Sat, 22 Jul 2017 13:36:48 +0530
Subject: [talk] Personalization
Message-ID: <CA+6mNeo9o3NYwvzKCdOkKboidNANfBynEtqsT+1CjL50sHBGaQ@mail.gmail.com>

Hi All,

I find that a lot of details which we thought were because of cookies in our
web browser is no longer true. I find sites are much more intelligent than that,
They seem to be third party api's which might say a Site A To Site B. You could
be buying something on Site A where a personalization of Site B might be shown.
Though I have never worked on this but seems to be a case for atleast in theory.

Regards,
Sujit K M



From jpb at jimby.name  Mon Jul 24 10:13:39 2017
From: jpb at jimby.name (jpb)
Date: Mon, 24 Jul 2017 10:13:39 -0400
Subject: [talk] (forw) FW: Open Security Roles at Jet
Message-ID: <20170724141339.GA42748@jimby.name>

Not sure if jobs@ is still active.

Best,
Jim B.


[snip]

Below are links to the current open security positions at Jet.  All the roles are based in Hoboken other than the last one which is Dublin, Ireland.

[snip]

1.      Application Security Engineer https://jet.com/about-us/working-at-jet/jobs?gh_jid=610235

2.      Director of Security, Infrastructure/Cloud https://jet.com/about-us/working-at-jet/jobs?gh_jid=721283

3.      Information Security Engineer https://jet.com/about-us/working-at-jet/jobs?gh_jid=98767

4.      Principal Security Engineer https://jet.com/about-us/working-at-jet/jobs?gh_jid=713715

5.      Principal Security Engineer in Dublin, Ireland  https://jet.com/about-us/working-at-jet/jobs?gh_jid=504876





From pete at nomadlogic.org  Mon Jul 24 17:01:17 2017
From: pete at nomadlogic.org (Pete Wright)
Date: Mon, 24 Jul 2017 14:01:17 -0700
Subject: [talk] Personalization
In-Reply-To: <CA+6mNeo9o3NYwvzKCdOkKboidNANfBynEtqsT+1CjL50sHBGaQ@mail.gmail.com>
References: <CA+6mNeo9o3NYwvzKCdOkKboidNANfBynEtqsT+1CjL50sHBGaQ@mail.gmail.com>
Message-ID: <669b88d8-456b-ebf9-a333-609f9bb138f4@nomadlogic.org>


On 07/22/2017 01:06, Sujit K M wrote:
> Hi All,
>
> I find that a lot of details which we thought were because of cookies in our
> web browser is no longer true. I find sites are much more intelligent than that,
> They seem to be third party api's which might say a Site A To Site B. You could
> be buying something on Site A where a personalization of Site B might be shown.
> Though I have never worked on this but seems to be a case for atleast in theory.

while cookie data (and to a limited extent - local storage) is used by 
adtech sites, a majority of the tracking that happens is via 3rd party 
tracking pixels publishers inject into their websites.  for example if i 
load www.latimes.com there will be *lots* of calls to 3rd parties which 
will then obviously collect and analyzie your browsing behavior as you 
go from page to page and site to site. cookies tend to be used as a 
placeholder for a UUID associated with whatever device you are using at 
the time, although for mobile devices that's not even really needed anymore.

tl;dr just use "privacy mode" in your browser + ublock + ghostery (plus 
other extensions i'm sure) and you have a decent shot in being 
semi-private on the commercial internet.

-p

-- 
Pete Wright
pete at nomadlogic.org
@nomadlogicLA



From mcevoy.pat at gmail.com  Mon Jul 24 22:34:11 2017
From: mcevoy.pat at gmail.com (Pat McEvoy)
Date: Mon, 24 Jul 2017 22:34:11 -0400
Subject: [talk] See this on twitter?
Message-ID: <BC3E80C8-5577-4F96-9181-29AADD1DB420@gmail.com>

https://twitter.com/bcantrill/status/889630922412355586

Thoughts?

Patrick 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.nycbug.org:8443/pipermail/talk/attachments/20170724/a1d0522b/attachment.htm>

From bcully at gmail.com  Tue Jul 25 09:16:33 2017
From: bcully at gmail.com (Brian Cully)
Date: Tue, 25 Jul 2017 09:16:33 -0400
Subject: [talk] Personalization
In-Reply-To: <669b88d8-456b-ebf9-a333-609f9bb138f4@nomadlogic.org>
References: <CA+6mNeo9o3NYwvzKCdOkKboidNANfBynEtqsT+1CjL50sHBGaQ@mail.gmail.com>
 <669b88d8-456b-ebf9-a333-609f9bb138f4@nomadlogic.org>
Message-ID: <585AEE92-7B29-4021-8086-AD556C905BBF@gmail.com>


> On 24-Jul-2017, at 17:01, Pete Wright <pete at nomadlogic.org> wrote:
> 
> while cookie data (and to a limited extent - local storage) is used by adtech sites, a majority of the tracking that happens is via 3rd party tracking pixels publishers inject into their websites.  for example if i load www.latimes.com there will be *lots* of calls to 3rd parties which will then obviously collect and analyzie your browsing behavior as you go from page to page and site to site. cookies tend to be used as a placeholder for a UUID associated with whatever device you are using at the time, although for mobile devices that's not even really needed anymore.
> 
> tl;dr just use "privacy mode" in your browser + ublock + ghostery (plus other extensions i'm sure) and you have a decent shot in being semi-private on the commercial internet.
> 

	If you use a Mac as your primary personal machine, I?d highly recommend using Little Snitch, an outbound firewall, as well as your standard suite of ad/tracker blocking. It can be annoying at first as you have to approve/deny a ton of connections, but that settles down after a while. You can also just put it in passive mode and go through it?s logs later to create rules.

	I?ve found a lot of things that AdBlock doesn?t catch, and you can use it for any application, which, more and more, have started integrating trackers into themselves.

-bjc


From viewtiful.icchan at gmail.com  Tue Jul 25 09:26:11 2017
From: viewtiful.icchan at gmail.com (Robert Menes)
Date: Tue, 25 Jul 2017 09:26:11 -0400
Subject: [talk] Any meetings soon?
Message-ID: <CA+TaHT1ze+z9QLvcFYmMnw90dhRLoA3cC1=LHDo2WVe2cLKp8g@mail.gmail.com>

Hey guys,

It's been a couple of months since the last meetup. Anything in the works
soon?
An installfest? Talk? Just get together for beers and shoot the shit?

--Robert

-- 
Nobody's ever lost in life...they're merely taking the scenic route.
==============================
Please avoid sending me Word or PowerPoint attachments.
See http://www.gnu.org/philosophy/no-word-attachments.html
==============================
-----BEGIN GEEK CODE BLOCK-----
Version: 3.1.2
GCS/S/M/MU d- s+: a37 C++(+++) UL++++>$ P++ L+++ E+ W+ N+ o+ K++ w--- O-
M !V PS+ PE Y+ PGP(+) t+ 5++ X++ R tv b+++ DI+++ D++(---) G++ e+ h-
r++ y+
------END GEEK CODE BLOCK------
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.nycbug.org:8443/pipermail/talk/attachments/20170725/8e709a97/attachment.htm>

From edlinuxguru at gmail.com  Wed Jul 26 08:02:00 2017
From: edlinuxguru at gmail.com (Edward Capriolo)
Date: Wed, 26 Jul 2017 08:02:00 -0400
Subject: [talk] Personalization
In-Reply-To: <585AEE92-7B29-4021-8086-AD556C905BBF@gmail.com>
References: <CA+6mNeo9o3NYwvzKCdOkKboidNANfBynEtqsT+1CjL50sHBGaQ@mail.gmail.com>
 <669b88d8-456b-ebf9-a333-609f9bb138f4@nomadlogic.org>
 <585AEE92-7B29-4021-8086-AD556C905BBF@gmail.com>
Message-ID: <CAENxBwyXhMMOJoMe2OfLJJNJR8X4A4wyyU6AZ_UGLFTKiX0KVg@mail.gmail.com>

The advertisers never needed cookies. Browsers can be fingerprinted in a
number of ways. 1) drawing a shape in hardware 2) unique lists of user
agent, plugins

Some companies can match offline data, your phone went to a best buy via ip
data, access to merchant credit data. Then you go home and that phone
reconnects to your access point, you use weathe app, app sells data , now
group the devices in your house to the tx. No cookies needed.

Cookies

On Tuesday, July 25, 2017, Brian Cully <bcully at gmail.com> wrote:

>
> > On 24-Jul-2017, at 17:01, Pete Wright <pete at nomadlogic.org
> <javascript:;>> wrote:
> >
> > while cookie data (and to a limited extent - local storage) is used by
> adtech sites, a majority of the tracking that happens is via 3rd party
> tracking pixels publishers inject into their websites.  for example if i
> load www.latimes.com there will be *lots* of calls to 3rd parties which
> will then obviously collect and analyzie your browsing behavior as you go
> from page to page and site to site. cookies tend to be used as a
> placeholder for a UUID associated with whatever device you are using at the
> time, although for mobile devices that's not even really needed anymore.
> >
> > tl;dr just use "privacy mode" in your browser + ublock + ghostery (plus
> other extensions i'm sure) and you have a decent shot in being semi-private
> on the commercial internet.
> >
>
>         If you use a Mac as your primary personal machine, I?d highly
> recommend using Little Snitch, an outbound firewall, as well as your
> standard suite of ad/tracker blocking. It can be annoying at first as you
> have to approve/deny a ton of connections, but that settles down after a
> while. You can also just put it in passive mode and go through it?s logs
> later to create rules.
>
>         I?ve found a lot of things that AdBlock doesn?t catch, and you can
> use it for any application, which, more and more, have started integrating
> trackers into themselves.
>
> -bjc
> _______________________________________________
> talk mailing list
> talk at lists.nycbug.org <javascript:;>
> http://lists.nycbug.org/mailman/listinfo/talk



-- 
Sorry this was sent from mobile. Will do less grammar and spell check than
usual.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.nycbug.org:8443/pipermail/talk/attachments/20170726/84bbbaef/attachment.htm>

From mmatalka at gmail.com  Wed Jul 26 08:29:01 2017
From: mmatalka at gmail.com (Malcolm Matalka)
Date: Wed, 26 Jul 2017 14:29:01 +0200
Subject: [talk] Personalization
In-Reply-To: <CAENxBwyXhMMOJoMe2OfLJJNJR8X4A4wyyU6AZ_UGLFTKiX0KVg@mail.gmail.com>
References: <CA+6mNeo9o3NYwvzKCdOkKboidNANfBynEtqsT+1CjL50sHBGaQ@mail.gmail.com>
 <669b88d8-456b-ebf9-a333-609f9bb138f4@nomadlogic.org>
 <585AEE92-7B29-4021-8086-AD556C905BBF@gmail.com>
 <CAENxBwyXhMMOJoMe2OfLJJNJR8X4A4wyyU6AZ_UGLFTKiX0KVg@mail.gmail.com>
Message-ID: <CAKziXDUAZxHx6YsopxDWxAz9K_1zw3uWhKRms+OuCDxLPvfgew@mail.gmail.com>

Den 26 juli 2017 2:02 em skrev "Edward Capriolo" <edlinuxguru at gmail.com>:

The advertisers never needed cookies. Browsers can be fingerprinted in a
number of ways. 1) drawing a shape in hardware 2) unique lists of user
agent, plugins


What does drawing a shape in hardware mean?


Some companies can match offline data, your phone went to a best buy via ip
data, access to merchant credit data. Then you go home and that phone
reconnects to your access point, you use weathe app, app sells data , now
group the devices in your house to the tx. No cookies needed.

Cookies


On Tuesday, July 25, 2017, Brian Cully <bcully at gmail.com> wrote:

>
> > On 24-Jul-2017, at 17:01, Pete Wright <pete at nomadlogic.org> wrote:
> >
> > while cookie data (and to a limited extent - local storage) is used by
> adtech sites, a majority of the tracking that happens is via 3rd party
> tracking pixels publishers inject into their websites.  for example if i
> load www.latimes.com there will be *lots* of calls to 3rd parties which
> will then obviously collect and analyzie your browsing behavior as you go
> from page to page and site to site. cookies tend to be used as a
> placeholder for a UUID associated with whatever device you are using at the
> time, although for mobile devices that's not even really needed anymore.
> >
> > tl;dr just use "privacy mode" in your browser + ublock + ghostery (plus
> other extensions i'm sure) and you have a decent shot in being semi-private
> on the commercial internet.
> >
>
>         If you use a Mac as your primary personal machine, I?d highly
> recommend using Little Snitch, an outbound firewall, as well as your
> standard suite of ad/tracker blocking. It can be annoying at first as you
> have to approve/deny a ton of connections, but that settles down after a
> while. You can also just put it in passive mode and go through it?s logs
> later to create rules.
>
>         I?ve found a lot of things that AdBlock doesn?t catch, and you can
> use it for any application, which, more and more, have started integrating
> trackers into themselves.
>
> -bjc
> _______________________________________________
> talk mailing list
> talk at lists.nycbug.org
> http://lists.nycbug.org/mailman/listinfo/talk



-- 
Sorry this was sent from mobile. Will do less grammar and spell check than
usual.

_______________________________________________
talk mailing list
talk at lists.nycbug.org
http://lists.nycbug.org/mailman/listinfo/talk
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.nycbug.org:8443/pipermail/talk/attachments/20170726/2cd0219f/attachment.htm>

From edlinuxguru at gmail.com  Wed Jul 26 08:39:42 2017
From: edlinuxguru at gmail.com (Edward Capriolo)
Date: Wed, 26 Jul 2017 08:39:42 -0400
Subject: [talk]  Personalization
In-Reply-To: <CAKziXDUAZxHx6YsopxDWxAz9K_1zw3uWhKRms+OuCDxLPvfgew@mail.gmail.com>
References: <CA+6mNeo9o3NYwvzKCdOkKboidNANfBynEtqsT+1CjL50sHBGaQ@mail.gmail.com>
 <669b88d8-456b-ebf9-a333-609f9bb138f4@nomadlogic.org>
 <585AEE92-7B29-4021-8086-AD556C905BBF@gmail.com>
 <CAENxBwyXhMMOJoMe2OfLJJNJR8X4A4wyyU6AZ_UGLFTKiX0KVg@mail.gmail.com>
 <CAKziXDUAZxHx6YsopxDWxAz9K_1zw3uWhKRms+OuCDxLPvfgew@mail.gmail.com>
Message-ID: <CAENxBwxAo=DvppRPdvDjAmAiixWyLKjZZXRxcnytV_dn=RFAcA@mail.gmail.com>

here are many techniques to fingerprint.

http://spectrum.ieee.org/tech-talk/telecom/internet/new-online-fingerprinting-technique-works-across-browsers

https://www.google.com/amp/s/arstechnica.com/security/2017/02/now-sites-can-fingerprint-you-online-even-when-you-use-multiple-browsers/%3famp=1

For instance, the cross-browser fingerprinting carries out 20 carefully
selected tasks that use the WebGL standard for rendering 3D graphics in
browsers <https://get.webgl.org/>. In all, 36 new features work
independently of a specific browser.

Use webgl to draw shapes. Each pc does it differently, and the result can
be a feature of your system to fingerprint the browser.


On Jul 26, 2017 8:29 AM, "Malcolm Matalka" <mmatalka at gmail.com
<javascript:_e(%7B%7D,'cvml','mmatalka at gmail.com');>> wrote:

>
>
> Den 26 juli 2017 2:02 em skrev "Edward Capriolo" <edlinuxguru at gmail.com
> <javascript:_e(%7B%7D,'cvml','edlinuxguru at gmail.com');>>:
>
> The advertisers never needed cookies. Browsers can be fingerprinted in a
> number of ways. 1) drawing a shape in hardware 2) unique lists of user
> agent, plugins
>
>
> What does drawing a shape in hardware mean?
>
>
> Some companies can match offline data, your phone went to a best buy via
> ip data, access to merchant credit data. Then you go home and that phone
> reconnects to your access point, you use weathe app, app sells data , now
> group the devices in your house to the tx. No cookies needed.
>
> Cookies
>
>
> On Tuesday, July 25, 2017, Brian Cully <bcully at gmail.com
> <javascript:_e(%7B%7D,'cvml','bcully at gmail.com');>> wrote:
>
>>
>> > On 24-Jul-2017, at 17:01, Pete Wright <pete at nomadlogic.org> wrote:
>> >
>> > while cookie data (and to a limited extent - local storage) is used by
>> adtech sites, a majority of the tracking that happens is via 3rd party
>> tracking pixels publishers inject into their websites.  for example if i
>> load www.latimes.com there will be *lots* of calls to 3rd parties which
>> will then obviously collect and analyzie your browsing behavior as you go
>> from page to page and site to site. cookies tend to be used as a
>> placeholder for a UUID associated with whatever device you are using at the
>> time, although for mobile devices that's not even really needed anymore.
>> >
>> > tl;dr just use "privacy mode" in your browser + ublock + ghostery (plus
>> other extensions i'm sure) and you have a decent shot in being semi-private
>> on the commercial internet.
>> >
>>
>>         If you use a Mac as your primary personal machine, I?d highly
>> recommend using Little Snitch, an outbound firewall, as well as your
>> standard suite of ad/tracker blocking. It can be annoying at first as you
>> have to approve/deny a ton of connections, but that settles down after a
>> while. You can also just put it in passive mode and go through it?s logs
>> later to create rules.
>>
>>         I?ve found a lot of things that AdBlock doesn?t catch, and you
>> can use it for any application, which, more and more, have started
>> integrating trackers into themselves.
>>
>> -bjc
>> _______________________________________________
>> talk mailing list
>> talk at lists.nycbug.org
>> http://lists.nycbug.org/mailman/listinfo/talk
>
>
>
> --
> Sorry this was sent from mobile. Will do less grammar and spell check than
> usual.
>
> _______________________________________________
> talk mailing list
> talk at lists.nycbug.org
> <javascript:_e(%7B%7D,'cvml','talk at lists.nycbug.org');>
> http://lists.nycbug.org/mailman/listinfo/talk
>
>
>

-- 
Sorry this was sent from mobile. Will do less grammar and spell check than
usual.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.nycbug.org:8443/pipermail/talk/attachments/20170726/3dc0d811/attachment.htm>

From kmsujit at gmail.com  Wed Jul 26 10:26:34 2017
From: kmsujit at gmail.com (Sujit K M)
Date: Wed, 26 Jul 2017 19:56:34 +0530
Subject: [talk] Personalization
In-Reply-To: <CAKziXDUAZxHx6YsopxDWxAz9K_1zw3uWhKRms+OuCDxLPvfgew@mail.gmail.com>
References: <CA+6mNeo9o3NYwvzKCdOkKboidNANfBynEtqsT+1CjL50sHBGaQ@mail.gmail.com>
 <669b88d8-456b-ebf9-a333-609f9bb138f4@nomadlogic.org>
 <585AEE92-7B29-4021-8086-AD556C905BBF@gmail.com>
 <CAENxBwyXhMMOJoMe2OfLJJNJR8X4A4wyyU6AZ_UGLFTKiX0KVg@mail.gmail.com>
 <CAKziXDUAZxHx6YsopxDWxAz9K_1zw3uWhKRms+OuCDxLPvfgew@mail.gmail.com>
Message-ID: <CA+6mNeo6RG2Sk2+TvJCFtuCjBTzW-iJYp9A8edjhKwQKCJcFww@mail.gmail.com>

> What does drawing a shape in hardware mean?

By what I see it might a push notification without login, like g+/facebook etc.



From pete at nomadlogic.org  Wed Jul 26 11:25:18 2017
From: pete at nomadlogic.org (Pete Wright)
Date: Wed, 26 Jul 2017 08:25:18 -0700
Subject: [talk] Personalization
In-Reply-To: <CAENxBwxAo=DvppRPdvDjAmAiixWyLKjZZXRxcnytV_dn=RFAcA@mail.gmail.com>
References: <CA+6mNeo9o3NYwvzKCdOkKboidNANfBynEtqsT+1CjL50sHBGaQ@mail.gmail.com>
 <669b88d8-456b-ebf9-a333-609f9bb138f4@nomadlogic.org>
 <585AEE92-7B29-4021-8086-AD556C905BBF@gmail.com>
 <CAENxBwyXhMMOJoMe2OfLJJNJR8X4A4wyyU6AZ_UGLFTKiX0KVg@mail.gmail.com>
 <CAKziXDUAZxHx6YsopxDWxAz9K_1zw3uWhKRms+OuCDxLPvfgew@mail.gmail.com>
 <CAENxBwxAo=DvppRPdvDjAmAiixWyLKjZZXRxcnytV_dn=RFAcA@mail.gmail.com>
Message-ID: <e7df7d2d-d11e-8b55-ab2a-28b909f89fe1@nomadlogic.org>



On 07/26/2017 05:39, Edward Capriolo wrote:
> here are many techniques to fingerprint.
>
> http://spectrum.ieee.org/tech-talk/telecom/internet/new-online-fingerprinting-technique-works-across-browsers
>
> https://www.google.com/amp/s/arstechnica.com/security/2017/02/now-sites-can-fingerprint-you-online-even-when-you-use-multiple-browsers/%3famp=1
>
> For instance, the cross-browser fingerprinting carries out 20 
> carefully selected tasks that use the WebGL standard for rendering 3D 
> graphics in browsers <https://get.webgl.org/>. In all, 36 new features 
> work independently of a specific browser.
>
> Use webgl to draw shapes. Each pc does it differently, and the result 
> can be a feature of your system to fingerprint the browser.
>

heh interesting.  i wonder how long it takes for this work.  when i 
helped run one of the largest independent RTB exchanges our SLA from 
time to impression, auction and returning a shitty banner ad was ~150ms 
total - i guess it could be cached client side in some sort of 
user-storage bucked in the browser but that would seem to defeat the 
intent of this.

i think the only safe way to win this game is to not play :)

-p

-- 
Pete Wright
pete at nomadlogic.org
@nomadlogicLA

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.nycbug.org:8443/pipermail/talk/attachments/20170726/f19fccaa/attachment.htm>

From kmsujit at gmail.com  Sun Jul 30 09:12:51 2017
From: kmsujit at gmail.com (Sujit K M)
Date: Sun, 30 Jul 2017 18:42:51 +0530
Subject: [talk] Personalization II
Message-ID: <CA+6mNeru6b4itt-oLT0usrLExCM2UdM4_aPMgW3NMEE4mQ4Pww@mail.gmail.com>

On furthur analysis of the sort of ads I am getting. I saw on a third party
site a mobile which I have purchased and also the mobile which my
wife had purchased. So how did this happen?



From njt at ayvali.org  Mon Jul 31 14:55:46 2017
From: njt at ayvali.org (N.J. Thomas)
Date: Mon, 31 Jul 2017 11:55:46 -0700
Subject: [talk] Personalization II
In-Reply-To: <CA+6mNeru6b4itt-oLT0usrLExCM2UdM4_aPMgW3NMEE4mQ4Pww@mail.gmail.com>
References: <CA+6mNeru6b4itt-oLT0usrLExCM2UdM4_aPMgW3NMEE4mQ4Pww@mail.gmail.com>
Message-ID: <20170731185545.GG84110@ayvali.org>

* Sujit K M <kmsujit at gmail.com> [2017-07-30 18:42:51+0530]:
> On furthur analysis of the sort of ads I am getting. I saw on a third party
> site a mobile which I have purchased and also the mobile which my
> wife had purchased. So how did this happen?

A coworker who is fastidious about online privacy and security had the
same thing happen to him. His wife purchased something online that he
very shortly after received ads for.

He suspects the credit card transaction data was sold to Google.

OBC (Obligatory BSD Content): If you're browser supports it, run the
uBlock Origin browser plugin. It runs great on Firefox on FreeBSD and
macOS (I believe it runs on other browsers as well). While this wouldn't
prevent the sale of your credit card data, it does a pretty good job of
blocking ads.

Thomas