December 13, 2016 brianradio2016

Certificate Transparency maintains publicly accessible logs listing TLS/SSL certificates, giving IT teams a way to track all the certificates associated with their domains. Until recently, searching CT logs has been difficult and costly, but Facebook’s new tool makes it easier for IT teams to find certificates they didn’t know about.

The previously internal-only Certificate Transparency Monitoring Developer tool lets anyone search major public CT logs for all certificates issued against a particular domain. Site owners can sift through the search results to identify certificates that were unknown (but are still legitimate) and flag those that were fraudulently or mistakenly issued so that they can be revoked.

Facebook has been using the tool to monitor Certificate Transparency logs for its domains and subdomains over the past year “and found it very useful,” said Facebook security engineer David Huang. “We are releasing it so that developers and site owners can now manage Certificate Transparency logs for their domains.”

Developed by Google, the CT framework outlines how certificate authorities and site owners submit records of TLS certificates to public logs, audit the logs to ensure the certificates are properly added, and monitor the logs to look for new entries. CT addresses several certificate-related threats, including mis-issued certificates, stolen certificates, and rogue certificate authorities because organizations will be able to detect problematic TLS records in the logs. Certificate Reputation is another approach on how enterprises can identify misused certificates listed in Certificate Transparency data.

December 13, 2016 brianradio2016

Linux gaming in 2016

Linux gamers have come a long way from the days when many people considered the platform to be a joke. These days Linux has a lot going for it in terms of games.

A writer at Gaming On Linux has an end of the year review of Linux gaming in 2016.

Liam Dawe reports for Gaming On Linux:

Probably one of the most important bits of news for us this year, was that the Vulkan API was finished up and released. Not long after we had driver releases with Vulkan enabled for people to play with. We also had The Talos Principle and Dota 2 release their Vulkan-enabled builds quite quickly too, which was really nice to see.

Mesa has come along something amazing this year, with it now supporting OpenGL 4.5. Not only that, but AMD now have the “radv” open source Vulkan driver and intel have their ANV Vulkan driver too. Mesa development has come on so fast it’s insane, I’m constantly surprised at just how quickly it has progressed this year.

We’ve had a number of letdowns this year, with The Witcher 3 having no sign of coming. I doubt that we will ever find out what happened there. Batman: Arkham Knight for Linux was cancelled, Homefront: The Revolution still hasn’t arrived, but it’s still planned for Linux. We have a wall of silence on Street Fighter V and the list of disappointments continues for a while. I won’t dwell on that too much, but it’s worth noting for clarity that things don’t always work out.

One thing I hope to see in 2017 is Valve do some more work to improve the Steam store specifically for Linux/SteamOS. The amount of times I’ve purchased a game and gone to download it, only to have it download nothing I’ve lost count of.

More at Gaming On Linux

Gaming On Linux readers responded to the article with their own thoughts in the comments section:

December 13, 2016 brianradio2016

Networking device manufacturer Netgear released firmware updates for several router models in order to patch a critical vulnerability that’s publicly known and could be exploited by hackers.

The vulnerability was disclosed by a researcher Friday and affects multiple Netgear router models, many from the company’s Nighthawk series. The company initially confirmed the flaw in three models—R6400, R7000, R8000—but it has since expanded the list to include five more.

The models confirmed to be affected so far are: R6250, R6400, R6700, R7000, R7100LG, R7300, R7900, and R8000. This list might not be complete as Netgear continues to analyze the flaw’s impact to its entire router portfolio.

The company is working on firmware updates for all affected router models, but for now it only released beta versions for R6400, R7000, and R8000. Beta firmware versions for some of the remaining models will be released as early as Tuesday, the company said in an advisory.

December 13, 2016 brianradio2016

apple-airpods.jpgApple AirPods (Jason Cipriani/ZDNet)

If you’ve been checking Apple’s AirPods store page, waiting and hoping for the “View Pricing” button to magically transform into a “Buy” button, refresh one more time.

December 13, 2016 brianradio2016

packing-full-30l.jpgImage: Peak Design

In order to hold my camera securely to my backpack on hikes to Mount Rainier, I purchased a Peak Design Capture clip, and it works perfectly. When I heard that Peak Design also had gear bags, I sought to find out more about its offerings.

Peak Design recently launched its Everday Backpack as a Kickstarter campaign. The Peak Design folks sent along a 30-liter size for me to test, and it has served as my primary bag for more than a month. It’s available now for $289.95 in two color options.

What’s Hot on ZDNet

While one of the primary purposes of the Everyday Backpack is to carry loads of gear for photographers, the innovative FlexFold dividers let you customize the internal compartment arrangement to fill a number of purposes. I have a rather small Olympus camera, but no lenses or other gear, so I use the backpack to carry mobile devices, my lunch, and more.

The backpack comes in charcoal or ash colors, with the charcoal one being sent to test. You can also purchase it in a 20-liter size or 30-liter size, with the larger 30-liter size being my test case. The 30-liter size weighs just 3.4lbs. Even the larger 30-liter size is designed to be carried under your seat in an airplane, so feel free to travel with it.

The outside material is a waxed Kodra synthetic canvas that has a DWR (durable water repellent) coating for weatherproof carry. I live in Washington State and wear the backpack regularly in a light drizzle for my walks in the morning and afternoon.

Peak Design has a unique closure mechanism for the primary compartment, called MagLatch. You can unlatch or secure it with one hand through the use of ladder lock points and a magnet. It’s quite slick and adjusts to the amount of gear you are carrying.

After opening up the main compartment, you will find a small magnetically sealed flat pocket on the back side (useful for a phone, wallet, or documents). I place my passport and business cards in this pocket.

The large main compartment can be subdivided through the use of three included Flexfold dividers. They have very strong Velcro sides, with a unique foldable system to create distinct compartments in your backpack. While the intent is that photographers create compartments for different lenses, batteries, etc., I used it to create a phone area, camera area, and lunch area for my daily commute.

One of the most interesting parts of the backpack to me is the side pocket design. Each side of the backpack is secured through zippers, with useful anti-theft zipper design, so that both sides completely open up for full access. This is extremely handy when using the internal pockets for gear you want stored low but cannot get to unless you move the Flexfold dividers.

These large, side-access flaps also contain several pockets behind zippers. You can use these for more phones, gear, batteries, cables, business cards, pens, notebooks, and more.

There are also outside pockets, with no closure devices, on the outer portion of these side flaps. One contains a key ring-securing lanyard with a handy dongle that makes attaching and removing your keys very quick and easy. You can place a tripod or bottle of water in these side compartments.

In addition to a top handle, there are also side handles, so you can carry the bag sideways if that works better for your content arrangement. Moving it sideways also lets you then slip it over your rolling luggage with the opening along the back to slide down on your luggage handle.

The chest straps are comfortable and easy to adjust. There is an interesting sternum strap that lets you attach and release it with one hand while also preventing a bunch of dangling straps. The bag is very comfortable, even with a load of gear.

The Everyday Backpack is also designed to support external carry of gear, including a drone. Long compression straps are stowed up under the back compartment, which can then be used to secure gear to the back of the backpack. There are six attachment points on the back for flexibility in strapping down your gear.

It’s wonderful to use a backpack that is comfortable and doesn’t have a ton of wasted pockets or features. I love the flexibility to change the entire large compartment, safely carry a laptop and tablet away from other gear, and access everything quickly and easily. The side handles and full zippered side access is an awesome feature that makes the bag very useful for photographers switching lenses out all the time.

I used to carry my homemade lunch in a plastic grocery bag and try not to forget it on the train. With the Peak Design Everyday Backpack, I can carry all of my mobile gear and my lunch in different sections of the primary compartment.

December 13, 2016 brianradio2016

According to a new study of the top one million domains, 46 percent are running vulnerable software, are known phishing sites, or have had a security breach in the past twelve months.

The big problem is that even when a website is managed by a careful company, it will often load content from other sites, said Kowsik Guruswamy, CTO at Menlo Park, Calif.-based Menlo Security, which sponsored the report, which was released this morning.

For example, news sites—50 percent of which were risky—typically run ads from third-party advertising networks.

And it’s not just ads.

December 13, 2016 brianradio2016

Microsoft has long desired to create universal Windows—Windows on every device imaginable. After several failed attempts, it’s trying again—this time with pocketable PCs that will be able to run standard desktop Windows apps, not just Windows Mobile apps.

Microsoft’s technology approach to universal Windows—in fact, to a universal PC where a smartphone transforms into a full PC when connected to large monitors and other periperhals at your desk—looks like it could actually work this time, unlike the failed attempt several years ago known as Windows RT whose limitations are too many to recap.

The new horizons of the universal PC

But say the universal PC ambitions work out this time. Does it matter?

I think it does, because both the PC and mobile worlds are simultaneously intertwining and seeking to blast off their current innovation plateaus. You can see that desire to morph in the hybrid tablet/laptop devices (aka 2-in-1s), keyboard-equipped tablets (aka tabtops, like the Surface Pro and iPad Pro), Chromebooks running Android apps, Windows Continuum-based pocketable PCs like HP’s Elite x3, and other experiments that have shown up in the last few years.

December 12, 2016 brianradio2016

​iOS 10.2

iOS 10.2

Apple has released iOS 10.2 for iPhone, iPad, and iPod touch devices. This is the second major update for iOS 10 since it was released in October.

Along with all the new features and fixes documented below, this update is also expected to contain additional diagnostic capability in order to help Apple track down the random shutdowns that have been plaguing some iPhone users.

See also: Apple iPad or Amazon Fire: Which is the best holiday tablet?

The update can be downloaded over-the-air (Settings > General > Software Update) to all iOS devices running iOS 10 (iPhone 5 and later, iPad fourth-generation and later, iPod touch sixth-generation and later).

Also out is watchOS 3.1.1 and tvOS 10.1.

December 12, 2016 brianradio2016

There have been various attempts to “skin” Android (such as Touchwiz by Samsung) but many people still prefer Google’s stock version of Android. Why is stock Android so popular with so many users around the world? A redditor asked that very question and got some interesting answers.

Anarchaotic started the thread with this post:

Why does everyone love stock Android so much?

Maybe I’m just not as picky, but I’ve used LGs skin, Touchwiz, MIUI, HTCs skin, and of course the vanilla Nexus builds.

I’m honestly confused why people make such a big deal about this, and I’m hoping you folks can fill me in.

Other than Touchwiz and MIUI, I didn’t find such a massive difference where I remotely cared about the changes. Nova changes the home screen, and the notification bar seems awfully similar to me in most builds.

More at Reddit

His fellow Android redditors replied with their thoughts:

Spdyrel: “I think it’s because of bloat, software speed, and update speed. I personally enjoy different phones having little bits of unique features in their launchers/software but sometimes there are just too many “features” that end up taking up space, slowing down the phone, and/or use up battery. Funny though because a lot of these extras end up in “stock” android.”

Birnikionni: “I hate the no bloat argument. You can say no bloat if you really dont have any like in Cyanogenmod wherr you actively decide how many Gapps you install. But my nexus came with a ton of apps I’m not using. One example is google photos. I don’t know of any other oem that has the guts to force a photo app on someone and not providing a gallery app. Or Hangouts in kitkat – I don’t want to use that crap, give me my sms back, thanks. Or Google plus, why can’t I uninstall it? ”

Punkidow: “When people say ‘bloat’ they don’t really mean some extra apps. The preinstalled apps you’re talking about, they mostly just sit there and don’t harm you if you don’t open them.

By bloat I think people usually mean the tons tons of extra background services. I can’t seem to find it, but there was a table made by some site comparing the number of running processes on different skins of Android. It was crazy how many processes were running on the Samsung phone.”

Armando_rod: “It’s simple and so lightweight that runs great on a 3 year old phone, remember that the Galaxy S3 international didn’t received an update because it had 1gb of RAM and couldn’t handle TouchWiz (Samsung own words) ”

Buildmethat: “Stock Android just keeps life simple for me:

I don’t have to worry about surprises when I change phones

Better support online for how tos

Easy to provide remote support to friends and family

Easier to get updates as it means less work for the OEM

I like the look and feel of stock Somehow I always felt stock to be faster than skinned version. May be because it won’t need much of the resources.”

Phprosperous: “Because I care about performance than excessive cosmetics.”

Nikait: “I have yet to see a OEM theme that looks better than stock. I tried the S7 once and the software looked awful imho, like a cheap fun fair phone, it was slower than my old OPO too. Which is a shame because they make great hardware.”

Holides_Ogzalis: “Mainly because it’s consistent in look and feel regardless of what device you use. I don’t want to have to re learn stuff when a particular OEM decided to gratuitously rearrange things. Also most skins just don’t look that good to me… Adding more colors and design elements just adds visual noise.”

TechnicallyErreDe: “Don’t forget that Nexus phones get the greatest and newest the quickest in part because of being stock. Having a skin on top of Android makes it harder to push updates in a quicker manner, because the skin have to be updated as well. And that takes time.”

Biersackarmy: “Along with the reasons others have mentioned, many people are simply scarred by skins of the past. Nowadays LG UI, HTC Sense, TouchWiz, etc. perform perfectly fine and often aren’t that big of a difference compared to stock Android, but a few years ago the difference was HUGE. You could go from Touchwiz JB on an S3 to stock Android, underclock the CPU to 700MHz, and it’d still be a night and day difference in smoothness.”

Pixelated666: “Because the performance on stock Android is unrivaled and I don’t care what anyone’s untrained eyes say. TouchWiz is a janky, laggy mess compared to stock Android. Similarly Sony, Huawei, LG, none of their interfaces can match stock Android in terms of performance.

Also, stock Android is far better looking in terms of aesthetics.”

More at Reddit

DistroWatch reviews SalentOS 1.0

What do you get when you combine Debian and the light-weight Openbox window manager? SalentOS. DistroWatch has a full review of SalentOS 1.0, and found that it had some rough edges that need to be fixed.

December 12, 2016 brianradio2016

CoreOS, creator of the Docker alternative rkt and many other container-centric innovations, is delivering a “self-driving” update to Kubernetes for its container-based Linux distribution. This self-updating methodology comes with the new version of Tectonic, a mix of CoreOS’s Linux (now known as Container Linux) with Kubernetes.

CoreOS is also watching this development to see how a cluster of systems that provide internet infrastructure can receive constant updates—whether for fast-moving projects like Kubernetes or Docker or for components like TLS, which are more static.

Let Kubernetes do the driving

The initial plan is to allow updates to Kubernetes to automatically deploy throughout a cluster running Container Linux. Kubernetes is subject to frequent changes, and in CoreOS’s view, its users have become accustomed to the idea of running the most recent production version as soon as it’s available.

Pushing out timely updates to Kubernetes is more than a matter of convenience. CoreOS CEO Alex Polvi described in a phone call that rapid deployment also means users don’t have to wait for, say, security updates to be double-checked before they’re distributed. In other words, it’s for patching nearly every part of the cluster, not Kubernetes alone.