LinuxPlanet Casts

Media from the Linux Moguls

Archive for the ‘Hacks’ Category

Ubuntu & Kubuntu 11.10 Review | LAS | s19e01

without comments

post thumbnail

Fresh off the mirrors we load up Ubuntu and Kubuntu 11.1 and give you our review for both in this ACTION packed episode!

Plus – We observe the passing of a industry legend, help boost your memory, and give you our take on Richard Stallman’s Steve Jobs comments!

All this week on, The Linux Action Show!


Thanks to:

GoDaddy.com Use our codes LINUX to save 10% at checkout, or LINUX20 to save 20% on hosting!

Direct Episode Download Links:

HD Video | Large Video | Mobile Video | MP3 | OGG Audio | OGG Video | WebM Video | YouTube



Show Notes:

Runs Linux:

HP’s new Cloud Service, runs Linux!

Android Pick:

Universal Pick:

Picks so far. Thanks to Madjo!

Linux Action Show Subreddit

News:
Kubuntu & Ubuntu 11.10 Review:
  • Ubuntu 11.10 Finds it self in a hard spot. The steady, and very needed improvements in Unity cost them in overall “on the box” bullet points for Ubuntu. Overall, the end result of this release is something that feels much better built than 11.04 did, but there’s no buzz term for you to hang that hat on.
  • Chris suspects this could be an ongoing perception issue for Ubuntu. They have additional work to do on Unity, and that will undoubtly take a great deal of their developer focus. This meas other fancy buzz features might get missed.
  • Perhaps Ubuntu could name, Unity releases. “Ubuntu 12.04 featuring Unity 3”. Then they could focus on all the improvements in that version of Unity that ships with that Ubuntu release.
  • Linux 3.0
  • Gnome 3.2


Ubuntu 11.10


Kubuntu 11.10

Find us on Google+

Find us on Twitter:

Follow the network on Facebook:

Catch the show LIVE Sunday 10am PDT:

Khitomer According to Us | STOked 88

without comments

post thumbnail

We’re back with part three of our STF guide, this time we arm you with our tips and tricks to beat STO’s Khitomer Accord Special Task Force!

Plus we’ll cover the latest changes in Season 4, the latest with the Enterprise F, and spend some love coins on the Klingons this week!

And much, much more!

Direct Download Links

HD Video | Large Video | Mobile Video | MP3 Audio | OGG Audio | YouTube

Subscribe via RSS and iTunes:


Our STOked App:

STOked App Grab the STOked iPhone/iPod App and download STOked on the go!


Show Notes:

NEWS:

Community Event: KDF Awareness Week
A week-long push for higher active population on the KDF side of the fence.
Tutors available in zone chat. Missions, Ship discussions, etc etc.
Group leaders/members for whatever you need ran. (maybe not STFs…)

KDF auto-decloak has been fixed!

Salami Inferno:

“The fix for this issue is not as simple as it sounds. It involves touching every single map in the game, which is a ridiculously high number.

That being said, we did it and the fix will be in the next tribble push.”

The new Diplomatic Immunity
(Since DSEs no longer pull you in)
Tentatively, it allows Feds to enter the KDF home sector
This opens up new assignments in the Doff system, since it’s location-based
KDF will have a similar ability available. No word on how you earn it (no Diplomacy).

Part 2: DTNE Dev Diary
CapnLogan pops in to answer a few questions…

Season 4 Update:

  • Players can now create a private PvE queue lobby
  • The borg are adapting to players too infrequently, resistance will be futile again very soon.

TWEET LEAKS:
CrypticEQAH: “Quick look at the new borg adaptation visual FX. Hope you brought a remodulator!” http://yfrog.com/z/kh1alyj
Gozer: “Updated Infected Boss Room.. New Shields animate around the generator and consoles..” http://twitpic.com/5gct8e
Gozer: “New “Normal” Mode Infected Boss Room… Walkways added for the Jumping “impaired” :) .. No walkways however on Elite”  http://twitpic.com/5f94tz/full
(ALSO WHAT HAPPENED TO OUR ALCOVES?!)

Star Trek Captain meet up in “The Captains”

KHITOMER ACCORD:

Don’t expect to be able to destroy the place JUST because you read a guide, or get tips. You need good gear, good specs, knowledgable players, and PRACTICE. But we’ll give you what help we can!

I’ve heard of skilled teams completing this entire mission in <1.5 hours, but the standard for even experienced groups seems to be between 2 and 3 hours, depending on a lot of various factors. To be safe, allot yourself 4 solid hours of gameplay, or be prepared to have an assigned break at some point, agreed-upon by your entire team.

MOIST walkthrus: http://www.youtube.com/watch?v=iMnx7IPi_Ck
Sanctuary of Wanderhome Guides: http://www.youtube.com/watch?v=MlaHzeZbZA4

Space – Two Gates
Both will activate as soon as you kill the last of the baddies that start at the center.
- Kill all except the Tac Cube, and draw it toward one of the two gates.
- Kill the Tac Cube on top of one of the gates, to get a nice boost to its damage from the cube’s warp core explosion.

  • After the two gates are active, you will need to destroy BOTH simultaneously, while also fending off waves of drones and spheres.
    • If you let 6 probes reach the central structure, you FAIL and the universe implodes.
  • You must have sufficient DPS to split your team into two groups, and one of those groups must be capable of BOTH clearing the spawns AND killing the gate.
    • The other half of the team only has to be able to kill the spawns, and the gate is an added bonus.
    • Once you destroy one gate, you can work together on the other if necessary.
    • Once one gate drops, Cubes are added to the spawns of the remaining gate.
      • If you can manage it, keep a Cube alive until the next wave and use its Warp Core as a weapon against gate/spawns.
  • Gravity Well, Tractor Beam Mines, Tractor Beam Repulsors, Photonic Shockwave (hold Probes in place, or push AWAY from central gate).
  • Tricobalt Mines!

3 minutes between waves of Borg, each time with 15 seconds of vulnerability.

Ground – Phase 1 (clearing)
Usual tactics:
Observe the kill order (Nodes first)
- Some nodes are very cleverly hidden on this map. A few even require diversionary tactics to reach (pulling the borg team THEN sending in a Sniper to eliminate the Node).
Expose/Exploit
- Might as well practice now, this will become even more crucial when the Borg start adapting more.

Borg are not in place, they beam in. Don’t send scouts, advance together and cautiously.
Best if you have at least one team member that knows the spawns/nodes.

Ground – Phase 2 (forcefield room, split team)

  • Endurance Team stays in the room with 6 nodes, and deactivates the shields.
    • The Borg that will spawn in this chamber are relatively wimpy.
    • Each shield node corresponds to a node in the main room you came from.
  • DPS Team stays in the main chamber and targets the nodes, as the shields drop (by other team)
    • You only have 3-4 seconds to drop the node before the shield reactivates, THEN you have to clear out the Borg that spawned in. THIS IS A DPS RACE.

After deactivating the 6th Node, you’ll be assaulted by dozens and dozens of borgs, including some Elite Tacticals that seem especially beefy. This is an endurance test, not a DPS race. STAY ALIVE.

Destroy the two “IMR Chambers” (top floor, and bottom floor)
Before destroying them, you can step inside to earn your Borg Sci Boff and an Accolade.
Step in SLOWLY, and a groupmate can rez you.

BOSS ROOM!
Poke in and kill the nodes first, then clear his buddies, then DPS him down.
Seal off the entry with Force Domes / Cover Shields, to prevent flanking.
He’s resilient, but doesn’t hit any harder than an Elite Tactical.

Space – Boss Battle
Step 1 – beat up Scimmy
Step 2 – destroy massive wave of Probes
Step 3 – CLICK FOLLOW

  • You may have to find a way to drop Red Alert, in order to be able to follow. My team managed this by using a Photonic Fleet to destroy the last few probes, while we retreated.
  • If you do not CLICK FOLLOW, you may be left behind and unable to participate in the next encounter. It’s not an actual map transfer, and there’s an invisible wall blocking you from manually travelling to the next area.

Be prepared for a lengthy battle against the final Space Boss.

  • Her CLOAK cannot be counter-acted, so just suck it up.
  • Keep your Evasive Maneuvers active to avoid the Thalaron Cannon, if you can.
    • A decent stack of resist buff can also turn it into a Thalaron Tickler (Hazard Emitters, Aux to SIF, Brace for Impact)
      • Extend Shields / Emergency to Shields
  • Good idea to have a skilled Gravity Well, can suck in groups of Probes to cause chain explosions.
  • Tractor Beam can also come in handy, as the boss likes to run away. Won’t cancel her Cloak, but may keep her nearby while she’s uncloaked. Some guides say toss this power, others say use it. Looks like a matter of taste.

Written by chris

June 28th, 2011 at 6:00 am

Let’s Go Phishing | TechSNAP 7

without comments

post thumbnail

Our very own Allan got caught in the wake of a data breach, and he’ll share the details

In the recent weeks there have been 10 separate attacks against Sony, the details are like nothing we’ve ever seen before. Plus we’ve got a new batch of viewer emails and I’ll share my near disaster war story!

All that & much more on this week’s TechSNAP!

Please send in more questions so we can continue doing the Q&A section every week! techsnap@jupiterbroadcasting.com


Direct Download Links:

HD Video | Large Video | Mobile Video | MP3 Audio | OGG Audio | YouTube

Subscribe via RSS and iTunes:

Show Notes:


Topic: DirectAdmin customer database compromised

  • DirectAdmin (by JBMC Software) is a unix web hosting control panel much like cPanel
  • DirectAdmin allows more customization, and scripting than cPanel
  • DirectAdmin provides official support for FreeBSD
  • Customer information was compromised (name, address, email, username, hashed password)
  • Billing information was not compromised (Credit Cards are processed via a gateway and never pass through DirectAdmin’s servers)
  • Unauthorized code was run on the DirectAdmin servers, sending a targeted phishing email to all customers using their real names from the customer database, stating that the version of directadmin they are using was compromised and directing them to a link that would take advantage of a PDF vulnerabilities to install malware on their computer.

http://www.directadmin.com/forum/showthread.php?p=204094#post204094


Topic: Sony suffers a series of compromises around the globe

  1. PSN Compromised and shutdown
  2. SOE compromised and shutdown
  3. So-Net, a Japanese ISP owned by Sony was compromised, and virtual points were stolen from paying customers
  4. Sony Thailand defaced, replacing with credit card phishing site
  5. Sony Online Sweepstakes (2500 Contestants’ personal details leaked)
  6. PSN password reset page exploit (allowed anyone to reset another users’ password)
  7. Sony BMG Music Greece (8500 Usernames, emails, passwords and phone numbers)
    • SQL Injection was used to dump the database and deface the site by hacker b4d_vipera
  8. Sony Music Indonesia (Defaced By k4L0ng666)
  9. Sony Music Japan
    • SQL Injection attack, credit claimed by LulzSec
  1. Sony Ericsson Canada (2000 Usernames, email addresses and hashed passwords)
    • SQL Injection used to expose the database, credit claimed by the Lebanese hacker group Idahca
    • Sony has not notified customers, nor released a comment to the media about the compromise
    • Canadian Privacy Commissioner as of yet not contacted by Sony about the recent breach, and noted that Sony did not proactively notify them about the PSN/SOE breach.
    • OpenSSH 4.4 (Released Sep 2006, Latest: 5.8 Feb 2011)
    • Apache 2.2.10 (Released Oct 2008, Latest: 2.2.19 May 2011, 2.2.17 Oct 2010)
    • Apache 2.2.10 was subject to multiple known vulnerabilities
    • Excessively outdated software such as this indicates that the OS and packages were not being regularly updated or audited.
  2. Timeline Inforgraphic of Sony security woes: http://www.creditcardfinder.com.au/the-sony-playstation-hack-what-it-means-outside-the-gaming-world.html
    Details have come out about specifically what outdated software Sony was running for the PSN/SOE servers:
    As mentioned before on TechSNAP, security researches warned Sony about the problems months ahead of time.


    Q: (Adam) Is there a simple way to handle email encryption in Mozilla Thunderbird
    A: Yes, there is a plugin for Thunderbird called ‘EnigMail’ that allows you to easily implement GPG/OpenPGP in a cross platform way. It requires you to install GPG, you can get it from the official gpg website, or through your favourite package repository for your OS. For windows, there is also GPG4Win which provides an easy installed and some basic GUI utilities. Of course, with email encryption, it is only really useful if the person on the other end is encrypting their email as well. To send an encrypted email, you need the public key of the person you are sending the email to, then they use their private key to decrypt it. While not everyone will have email encryption setup, you can still sign all of your emails, this hash of your email encrypted to your public key means that anyone can use your public key to verify that only you, and no one else, could have sent a particular email, and that the email was not modified in transit.


    Q: (dstoeberl) Since dropbox has proven to be plagued with security design flaws, what about other services like Wuala
    A: Wuala used to be almost as bad as dropbox, but they have improved since then.
    Colin Percival, the FreeBSD Security Officer, makes a competing product, for unix called TarSnap. He talks about some of the problems with wuala and the claims they made:
    http://www.daemonology.net/blog/2007-10-21-wuala-willful-ignorance.html
    http://www.daemonology.net/blog/2007-10-26-wuala-update.html
    http://www.daemonology.net/blog/2008-11-07-wuala-security.html

    They used to make quite a few mistakes, however their system is not fundamentally flawed like dropbox, they encrypt each users’ files before they leave that users machine, so things are far more secure

    I would say they have learned some of the lessons dropbox is now learning. But if you really want secure online backups, you really have to understand the issues, and decide how much you trust the claims the service is making.


    Q: (DreamsVoid) I am building a home file server to go under my bed. It will have 5 hard drives, but I am concerned about cooling vs noise level, and power usage.
    A: There are a few basic principals to consider for cooling any computer. The first is airflow, specifically, you want to make sure you are always drawing cool air in the front of the machine, the exhausting the hot air out the back. Maintaining a consistent directional flow of fresh air will allow the components to displace their heat. Make sure the front intakes of your case have access to plenty of fresh air and keep them clear of dust and debris. Make sure you also gave the machine a decent margin for exhaust, don’t shove the machine tight against a wall, the fans won’t be able to push the hot air as far away from the machine. For noise considerations, where possible, use larger diameter fans, they can move the same amount of air with significantly less noise. Most fans will include 3 importat measurements on the package; Airflow (Cubic Feet per Minute), Air Pressure (millimeters of H2O) and dB(A) (Weighted noise level). You have to compare the numbers and make the tradeoffs that work best for you, a lower noise level fan will move less air, and likely with less pressure. As far as power usage, hard drives only use a few watts, even when active, their largest consumption is during boot up. Hard drives with a lower RPM will use less power, and there are also specific models designed to offer lower power consumption.

    LAS Episode covering Home Server Buils


    Chris War Story:

    http://www.drbd.org/
    Evernote infrastructure


Download & Comment: