I ran some network speed tests after the u-verse upgrade.
After connecting my iMac via wifi to our new wifi router downstairs, I get 200+ Mbps down AND up. For wifi, that’s really pretty good. I got over 600 MBps when my windows laptop was directly plugged into the new AT&T router gigabit ethernet port. Our ethernet over power line transceivers are apparently limiting the flow of traffic between floors to only 50 Mbps, so I’ll need to run some wires.
Also interesting, when I set the AT&T router 2.4 GHz and 5 GHz radios to the same SSID, my iMac connected to the lower, slower frequency range. I ended up setting them to different SSIDs, and picked the 5 GHz id to get the higher speed. So far, no video lag at all. What it does do is let you see which wifi devices see both frequencies, and which are 2.4 GHz only.
I had not heard of the ed25519 keys for ssh before. Going to start using them.
Upgrade to faster and more secure SSH keys. I promise a smooth transition to the use of your new keys.
Source: Upgrade your SSH keys! · blog.g3rt.nl
The world is moving towards various Linux Container technologies to manage their workload. Containers are a way of creating “virtual machines” (sort of) that contain “just enough” of the operating system to get the job done. If you need a web server, the container has to have it installed locally. The host operating system then has practically nothing installed. Now with un-privileged containers, each “tenant” of the server has it’s own userid namespace, and what appears to be “root” in their private namespace isn’t actually running as a privileged user in the host os, reducing security risks.
Because all the containers running on each host are actually just really regular processes on a shared server, you get all the benefits of having a single process, i/o, network scheduler, shared real and virtual memory pools. There are plenty of disk management tools and techniques that make deploying a new LXC container only consume a few seconds and a few MB.
Launching Docker or other containers are usually just as easy, although setting up the virtual networks at first can be challenging. Once you have a bridge for clients, either bridged directly to the external physical ethernet interface, or routing through a firewall container, you just need to point your containers at the bridge, and they should be able to reach what they need to reach.
I suppose another challenge is presenting a service to the external world. You probably need a reverse proxy server (running in your firewall container most likely, eg. nginx) where you define ports to listen on, and different URLs and which server(s) to send that traffic to. Like I said, setting up the network can be a little challenging.
Jacob, this is the kind of thing that perpetually interferes with shipping estimates. Call *ME* paranoid?
Unless you’re a stevedore or are involved in logistics, you’re probably not terribly familiar with Hanjin Shipping out of South Korea. So news of the company’s bankruptcy filing on Wednesday…
Source: The Bankruptcy Of A Company You’ve Probably Never Heard Of Could Make Christmas More Expensive – Consumerist
The biggest secret to my knowledge of technology and security holes.
Source: Daily Tech News Show | On your side.
Well done introduction to many useful utilities
Read it here
Source: New zine: Linux debugging tools you’ll love – Julia Evans
Even locked laptops are vulnerable to being quickly hacked. 15 seconds after someone plugs in a microcomputer masquerading as an ethernet device, while you’re in the restroom, and you are fricken p0wned!
I’ve heard of companies that apply hot glue to the usb ports of their company laptops, to prevent unauthorized devices from being plugged in, in particular, usb storage devices, but that would mostly work for this threat too. Have to block thunderbolt ports too, maybe even hdmi.
How to sniff credentials from locked laptops via Ethernet adapter on USB
Source: How to sniff credentials from locked laptops via Ethernet adapter on USB