There’s a new BSDTalk by way of the recently-completed BSDCan 2013 event, and it’s half an hour of talk with Matt Ahrens about ZFS and matters related.
A really packed week, this week.
- Interview with Donald Knuth (via ferz on EFNet #dragonflybsd)
- Garry’s Mod on DragonFly. We need that linuxulator working on x86_64. (thanks, tuxillo)
- Exxon used to be in the processor business? (via)
- PDP-11 in your pocket. (via)
- I’ve mentioned before how news aggregators go in cycles: Slashdot, then Digg, then Reddit, then Hacker News, which might be reaching the peak of its cycle. (via)
- Another review of Absolute OpenBSD, 2nd Edition.
- And I don’t think I’ve noticed that Unix column before.
- Dennis Ritchie’s earliest known C compiler, now on GitHub. (via)
- Why makefiles indent target lines with a single tab character. (via EFNet #dragonflybsd)
- Computer Beach Party, with backstory and interview (via) Not recognizably Unixish.
- A very in-depth exploration of SSH keys. (via)
- The Real Origins of Tumblr. Related: I often link here to Trivium. (via many places)
- UK readers may find this ZX joke funny.
Your unrelated link of the week: Superman’s Ultimate Crotch Kick.
Sascha Wildner’s added a man page for dports. Don’t forget the existing how-to page.
SO_REUSEPORT has been added and turned on by Sepherosa Ziehau. This is an implementation of a feature found in the Linux kernel. Check the very lengthy commit message for a description of what it does.
Rados?aw Szymczyszyn has manged to get support for DragonFly’s bootloader into GRUB. This is part of his Master’s project to make DragonFly multiboot capable, at least for i386.
(I love having new things show up from new people, out of the blue.)
We’re in the picking and choosing stage of Summer of Code. I posted a note to kernel@ describing the next dates to watch for.
Loïc BLOT posted about his benchmark of several operating systems using KVM and Postgres 9.1. Happily, DragonFly is the fastest, with one exception. Linux/ext4 comes out faster – if you run it with barrier=0, which can be dangerous in a non-battery-backed-up volume.
PC-BSD now has a hardware store, with equipment known to work under PC-BSD. Chances are good that if it works for PC-BSD, it’ll work for other BSDs or could be ported to do so… (via)
New builds of dports have been uploaded and updated, for x86_64 and i386. (x86_64 was already done; I linked the note about i386) This means you can change PACKAGESITE in /usr/local/etc/pkg.conf to point at LATEST instead of RELEASE and get newer packages. ‘pkg upgrade’ is all it takes, with dports.
The May issue of BSD Magazine is out with a number of pf articles, plus others.
Super-compact links week!
- New Vim 7.4, soon. It’s mostly because the patchlevel is going to exceed 999.
- 10 Golden Rules for Making the Perfect Cup of Tea. (via I forget)
- Stop Avoiding Regular Expressions Damn It. Iffy example, but correct sentiment. (via)
- Ode to a shipping label. (via)
- The Luck of the Listserv. (via)
- Introduction to Machine Code for Beginners. (PDF) (via)
- DragonFly-specific improvements in the Phoronix test suite.
- Hand-drawn Emacs instructions, and printable. (via)
Your unrelated comics link of the week: Tom Gauld, a U.K. artist who makes some very entertaining minimal cartoons (recently published), has the best inspirational poster.
vBSDCon, the newest BSD conference, happening in October and in Virginia, has a new website. (via)
There’s another BSDTalk episode up already, because Will Backman’s at BSDCan 2013 and talking to Scott Long, Alistair Crooks, and David Discher, about NetFlix. Apparently there’s streaming video available now from the convention, and some people’s presentation slides have shown up.
Michael W. Lucas has two bits of mostly-BSD-centric publishing news. One is that a physical version of his DNSSEC Mastery book is now available through Amazon.
The other bit is that, having just released an Absolute OpenBSD update, his Absolute FreeBSD book will not see an update… until the FreeBSD installer gets more coherent.
(If you manage DNS in any fashion, buy DNSSEC Mastery.)
BSDTalk 225 has 12 minutes of conversation with Kris Moore about PC-BSD, recorded at BSDCan 2013, which is going on right now.
The tpm(4) driver has been added by Sascha Wildner, ported from FreeBSD. What’s it do?
From the man page: “The tpm driver provides support for various trusted platform modules (TPM) that can store cryptographic keys.” Crypto keys stored in hardware, where they are in theory unmangleable, instead of on the disk. At least, that’s my impression after 30 seconds of research.
Sepherosa Ziehau has posted some numbers showing improvements in ip forwarding rates. He’s done this before, except this time it’s with bnx(4), probably because of his recent commits.
Michael W. Lucas recently wrote and self-published a new book, DNSSEC Mastery. He asked me to review it, and I’ve been reading it in bits and starts over the past few very busy weeks.
First, the background: If you’re not familiar with the acronym, it’s a method of securing DNS information so that you can trust that domain name information is actually from the machine that’s supposed to provide it. DNS information is basic to Internet operation, but it traditionally has been provided without any mechanisms to deal with misinformation or malicious use. This seems to happen with protocols that have been around for many years, as any mail administrator can tell you…
In any case, ‘DNS poisoning’ (or as Wikipedia calls it, ‘DNS Spoofing‘) attacks such a basic part of how the Internet works that it will completely bypass any security methods that assume name information is correct. DNSSEC is a way to deal with that. It introduces public-key encryption into the process of sharing and updating DNS information. The idea has been around for a while, but it’s only been completely implemented recently.
DNSSEC Mastery goes over this history, and through the setup required to get (recent) BIND working with DNSSEC. Lucas seems to be starting a series of ‘Mastery’ books, where he covers all the territory around a specific topic. This one, like his previous title, is exactly what it says. As long as you have some existing clue around zone files and DNS, the book will take you from no DNSSEC at all to fully implemented in less than 100 pages. (well, at least in the PDF version, but that gives you an idea of the size.)
Use it to learn, or use it as a quick reference – either way will work. If you have any DNS server(s) to manage, you’re the target audience. I expect DNS without these security extensions will go the way of telnet vs. ssh.
A book covering things like new encrypted hash zone record types is going to be a bit dry, but there’s an appropriate sprinkling of humor through the book. I’ve reviewed other Lucas books before, and I’ve got another on my plate right now, but this is the same: there’s plenty of funny to make the lessons go down easier.
DNSSEC Mastery: Securing the Domain Name System with BIND is available on Amazon, Barnes & Noble, Smashwords, and his self-publishing site. Also see Peter N. M. Hansteen’s review of the book.
I’m inexplicably short on links this week; I blame my schedule/the nice weather for much for much of the U.S./the class I’m teaching ending/my trip to TCAF for this. More Lazy Reading next week! Meanwhile, I have a book review coming up as an alternative.