![\"Main](\"https://hackerpublicradio.org/eps/hpr3724/main_sm.png\"\ntitle=\"Main)
In this episode: Open source CMS applications go head-to-head, open source tools for making presentations, and WikiProject Med.
\nLinks:
\nDo you know the Sanctum games? You should! Listen to Armin from Coffee Stain Studios on todays episode of Hacker Public Radio!
\n\"We\'re actually working on Linux support. *pause* I don\'t know if I\'m supposed to say that.\"
-- Armin
In 2010 a few students from the University of Skövde created the Indie game developing company \"Coffee Stain Studios\". In 2011 they released the game \"Sanctum\" on Steam, and in May of 2013 they released \"Sanctum 2\". These games are most often described as a mix between First-person shooter and Tower defense. You find yourself in a futuristic setting, fighting aliens with a fair bit of humor. The player chooses how much resources to distribute on automatic towers or his or her own weapons. Both games featured the possibility to collaborate with your friends to beat the levels.
\nOne of the founders, Armin Ibrisagic, was at DreamHack in November 2013, where I got a chance to talk to him.
\n\"What is DreamHack?\" you ask? Only the world\'s largest computer festival, held multiple times a year in Jönköping, Sweden. According to Wikipedia \"It holds the world record (as recognized by the Guinness Book of Records and Twin Galaxies) for the world\'s largest LAN party and computer festival, and has held the record for the world\'s fastest Internet connection, and the record in most generated traffic.\"
\nI also got an interview with one of the organizers of DreamHack, but that you will hear another day. Today we focus on Sanctum, and how the market looks for smaller game developers.
\nYou should follow me and subscribe to All In IT Radio:
\n\r\nIn this episode I go through how I set up SSH and SOCKS. This is very useful when you need to feel a bit more secure in your internet traffic and need to keep out of prying eyes. I also go over some tools used to access your home network from a Windows computer.\r\n
\r\n\r\nLinks:\r\n
\r\n\r\n\r\nThis continues our look at frames by looking at frame styles for things other than text.\r\n
\r\n\r\nIn the previous tutorial we looked at using the frame style for text, which is not called the Text style, but the Frame style, which may be confusing. This is a very common use of frames, but there are others. To start the discussion, let’s get back to the basic concept of objects. LibreOffice is an object-oriented program and you should keep this in mind when dealing with this software.
\r\nA piece of text can be an object, and it can contain other objects (paragraphs, sentences, words, characters), or it can be contained within other objects (section, chapter, document). In the case we are looking at, a frame is an object, which contains other objects, and is in turn contained within larger objects (page, section, document). Depending on the objects being contained, the frame styles can be different, and that is what we need to look at now.
\r\n\r\nPlease see https://www.ahuka.com/?page_id=671 for the rest of the article\r\n
',198,70,0,'CC-BY-SA','LibreOffice, Writer, Word Processing, Page Layout',0,1312,1), diff --git a/sql/hpr-db-part-12.sql b/sql/hpr-db-part-12.sql index b8eeed2..be46d9c 100644 --- a/sql/hpr-db-part-12.sql +++ b/sql/hpr-db-part-12.sql @@ -1,3 +1,4 @@ +(1445,'2014-02-14','22 - LibreOffice Writer Other Frame Styles',606,'This continues our look at frames by looking at frame styles for things other than text.','\r\nThis continues our look at frames by looking at frame styles for things other than text.\r\n
\r\n\r\nIn the previous tutorial we looked at using the frame style for text, which is not called the Text style, but the Frame style, which may be confusing. This is a very common use of frames, but there are others. To start the discussion, let’s get back to the basic concept of objects. LibreOffice is an object-oriented program and you should keep this in mind when dealing with this software.
\r\nA piece of text can be an object, and it can contain other objects (paragraphs, sentences, words, characters), or it can be contained within other objects (section, chapter, document). In the case we are looking at, a frame is an object, which contains other objects, and is in turn contained within larger objects (page, section, document). Depending on the objects being contained, the frame styles can be different, and that is what we need to look at now.
\r\n\r\nPlease see https://www.ahuka.com/?page_id=671 for the rest of the article\r\n
',198,70,0,'CC-BY-SA','LibreOffice, Writer, Word Processing, Page Layout',0,1312,1), (1465,'2014-03-14','24 - LibreOffice Writer A Brochure Project',1572,'This concludes our look at page layout by showing these techniques at use in creating a Tri-fold bro','\r\nThe written version of this show can be found at https://www.ahuka.com/?page_id=676\r\nThe European version of the brochure.\r\nThe American version of the brochure.\r\n
',198,70,0,'CC-BY-SA','LibreOffice, Writer, Word Processing, Page Layout',0,1339,1), (1475,'2014-03-28','25 - LibreOffice Calc What Is A Spreadsheet',820,'The origins and history of the spreadsheet','There are different ways to answer this question. Functionally, spreadsheets are a tool for mathematical calculations, but have branched out into related areas like data analysis. Some people even use them as a quick-and-dirty database tool. If you are in a financial profession of some kind you probably live in spreadsheets all day.
\r\nSpreadsheets are original “killer app”. Early examples were implemented on mainframe computers in the 1960s, but the big step was the creation of VisiCalc for the Apple II in 1979, which was then ported to the IBM PC in 1981. VisiCalc set the conventions that guided all subsequent spreadsheets, and the essential methods have not changed since then. VisiCalc was called the first killer app because people would buy the computer just to run the program, and the usefulness of spreadsheets is what promoted the initial entry of personal computers into the corporate world, with all of the change that has caused.
\r\n\r\nFor the remainder of this article please see https://www.ahuka.com/?page_id=699\r\n
',198,70,0,'CC-BY-SA','LibreOffice, Calc, Spreadsheet',0,1454,1), (1455,'2014-02-28','23 - LibreOffice Writer Other Page Layout Options',952,'This continues our look at page layout by looking at ways to do this other than by using frames.','As we mentioned in beginning our look at Page Layout, you have some options other than just Page Styles and Frame Styles, useful though they are. So let’s spend a few moments looking at these other options and see how they work.
\r\nTables can be a useful tool for more than just displaying tabular data. You can place different object in each cell of a table and so have some control over how things are laid out on the page. You could, for instance, place your sub-heads in a left-hand column, and the associated text in an adjoining column, which gives you the same effect as using the Marginalia style. And you can add pictures, charts, and other objects as well. You can even insert a table into a cell of another table to get more fine-grained control. In fact, in the days before Cascading Style Sheets and Javascript, tables were the primary way of laying out Web pages, though these days that is frowned upon, and in any case most Web pages are now created using some kind of CMS software like WordPress, or Drupal. The idea of using tables was more attractive when we realized you could turn-off the cell borders and make them invisible. Of course, in Writer documents that only works when they are printed. When opened on a computer the table borders are still visible, as indeed they would have to be for you to edit the document.
\r\n\r\nFor the remainder of this article please see https://www.ahuka.com/?page_id=676\r\n
',198,70,0,'CC-BY-SA','LibreOffice, Writer, Word Processing, Page Layout',0,1325,1), @@ -997,4 +998,3 @@ INSERT INTO `eps` (`id`, `date`, `title`, `duration`, `summary`, `notes`, `hosti (2441,'2017-12-11','Server Basics 103',1773,'Firewalls and fail2ban','Klaatu walks you through installing, configuring, and running fail2ban, and discusses the basics about firewalls.
\r\n\r\n',78,0,0,'CC-BY-SA','server,admin,sys admin,linux',0,0,1), (2433,'2017-11-29','You were right, I was wrong',519,'Ken eats humble pie','\r\nKen puts the record straight after inaccurate comments during hpr2416 :: HPR Community News for October 2017 about \r\n hpr2406 :: Putting Ends onto CAT6 Ethernet Cables by Shane Shennan.
\r\n\r\nI’ve now been using the Nokia 6 for about 2 months and just wanted to update listeners to my thoughts on the phone.
\r\nFirst a response to Dave who said on the Community News that as he had a OnePlus 1 he was surprised I found it inadequate. The One+1 is a great phone, my problem with it was it does not support O2’s 4G network although it supports EE’s and 3’s 4G networks here in the UK, as I use GiffGaff which runs on the O2 network I have not been able to benefit from their 4G offer and I don’t want to change provider. Also the One+1 was stuck on CyanogenMod 13.1 (Android 6) and no longer got updates, so this was the reason for the new phone purchase. I’ve now flashed Lineage OS onto the One+1 and have a secure backup phone or one I can pass on to my Wife at some stage.
\r\nBack to the Nokia, now I’ve lived with the phone for a few weeks I can say I am more than happy with it, and some of the issues with battery life I have found are unfounded once you configure some of the settings to be more battery friendly, such as restricting background access to the net for most aps the battery life is well over a day\'s use. At night in stand by mode over 8 hours battery use is less than 1% so even with moderate to heavy use I can get a day out of the phone without any risk of running out. Also if the official charger and cable are used a 1 hour charge gives about a 30-40% battery capacity, so not as slow as the reviews I’ve read. Would I still buy it having used it for 2 months, I would say yes to that, and I also have no issues with recommending it as a large format phone at a budget price.
',338,57,0,'CC-BY-SA','Android, Nokia 6, Phones, New Kit, OnePlus1',0,0,1), -(2437,'2017-12-05','Interface Zero Play-through Part 3',2543,'Klaatu, Lobath, and Thaj play the Interface Zero RPG','\r\nKlaatu, Lobath, and Thaj continue their play-through of the Interface Zero RPG, using the Job InSecurity adventure.\r\n
\r\n\r\n\r\nLyphrygerator composed by William Kenlon, used with permission.\r\n
\r\n\r\n\r\nAll other music by Klaatu.\r\n
\r\n\r\nSome sounds from freesound.org used for texture. Obligatory credits will appear in final episode.\r\n
',78,95,1,'CC-BY-SA','Interface Zero,cyberpunk,rpg,game',0,0,1), diff --git a/sql/hpr-db-part-13.sql b/sql/hpr-db-part-13.sql index 4b3fc89..e5d5e58 100644 --- a/sql/hpr-db-part-13.sql +++ b/sql/hpr-db-part-13.sql @@ -1,3 +1,4 @@ +(2437,'2017-12-05','Interface Zero Play-through Part 3',2543,'Klaatu, Lobath, and Thaj play the Interface Zero RPG','\r\nKlaatu, Lobath, and Thaj continue their play-through of the Interface Zero RPG, using the Job InSecurity adventure.\r\n
\r\n\r\n\r\nLyphrygerator composed by William Kenlon, used with permission.\r\n
\r\n\r\n\r\nAll other music by Klaatu.\r\n
\r\n\r\nSome sounds from freesound.org used for texture. Obligatory credits will appear in final episode.\r\n
',78,95,1,'CC-BY-SA','Interface Zero,cyberpunk,rpg,game',0,0,1), (2428,'2017-11-22','git Blobs',1982,'Klaatu talks about git-media and git-annex','How do you manage large binary blobs, like pictures or video or sounds, when using git?
\r\n\r\nIn this episode, Klaatu explains two popular options:
\r\n\r\n\r\n\r\nThanks to CapsLok at freesound.org for the sound effect.
\r\n',78,81,0,'CC-BY-SA','git',0,0,1), (2444,'2017-12-14','Interface Zero Play-through Part 4',1927,'Klaatu, Lobath, and Thaj play the Interface Zero RPG','The investigation continues!
\r\nGuest voice in this and episode 3 by Gort.
',78,95,0,'CC-BY-SA','Interface Zero,rpg,game,play,pathfinder,dnd',0,0,1), (2438,'2017-12-06','Gnu Awk - Part 8',1239,'More about loops','This is the eighth episode of the "Learning Awk" series that\r\nb-yeezi and I are doing.
\r\nThe while loop: tests a condition and performs commands while the test returns true
The do while loop: performs commands after the do, then tests afterwards, repeating the commands while the test is true.
The for loop (type 1): initialises a variable, performs a test, and increments the variable all together, performing commands while the test is \r\ntrue.
The for loop (type 2): sets a variable to successive indices of an array, preforming a collection of commands for each index.
These types of loops were demonstrated by examples in the last episode.
\r\nNote that the example for \'do while\' was an infinite loop (perhaps as a test of the alertness of the audience!):
#!/usr/bin/awk -f\r\nBEGIN {\r\n\r\n i=2;\r\n do {\r\n print "The square of ", i, " is ", i*i;\r\n i = i + 1\r\n }\r\n while (i != 2)\r\n\r\nexit;\r\n}The condition in the while is always true:
The square of 2 is 4\r\nThe square of 3 is 9\r\nThe square of 4 is 16\r\nThe square of 5 is 25\r\nThe square of 6 is 36\r\nThe square of 7 is 49\r\nThe square of 8 is 64\r\nThe square of 9 is 81\r\nThe square of 10 is 100\r\n...\r\nThe square of 1269630 is 1611960336900\r\nThe square of 1269631 is 1611962876161\r\nThe square of 1269632 is 1611965415424\r\nThe square of 1269633 is 1611967954689\r\nThe square of 1269634 is 1611970493956\r\n...The variable i is set to 2, the print is executed, then i is set to 3. The test "i != 2" is true and will be ad infinitum.
We will come back to loops later in this episode, but first this seems like a good point to describe another statement: the switch statement.
The notes for rest of this episode are available here.
\r\nswitch statement:\r\nbreak statement:\r\ncontinue statement:\r\nnext statement:\r\nWhat function cards have in games.
',78,95,0,'CC-BY-SA','card, game',0,0,1), (3402,'2021-08-17','Reading a manifesto: Declaration of Digital Autonomy',877,'Reading and brief commentary and background on Molly DeBlanc\'s and Karen Sandler\'s techautonomy.org','This episode, as its source material, is licensed under the Creative Commons Attribution-ShareAlike 4.0 International license.
\r\nFurther sources for timeline:
\r\nhttps://deblanc.net/blog/about/
\r\nhttps://en.wikipedia.org/wiki/Karen_Sandler
\r\nWe demand a world in which technology is created to protect and empower the people who use it. Our technology must respect the rights and freedoms of those users. We need to take control for the purpose of collectively building a better world in which technology works in service to the good of human kind, protecting our rights and digital autonomy as individuals.
\r\nWe have become more reliant than ever on technology that we intertwine into every aspect of our lives. That technology is currently made not for us, those using it. Rather, it is for the companies who intend to monetize its use and whoever owns the associated copyrights and patents. Services are run via networked software on computers we never directly interact with. Our devices are designed to only function while broadcasting our intimate information regardless of whether the transmission of that information is necessary functionality. We generate data that we do not have access to, that is bought, sold, and traded between corporations and governments. Technologies we\'re increasingly being forced to use reinforce and amplify social inequalities. As schools and jobs go online, high speed computing, centralized services and Internet become inescapably necessary. Technology is designed and implemented to oppress, often with sexist, classist, and racist implications. Rather than being served by these tools, we are instead in service to them. These gatekeepers of our technology are not individual people or public organizations who think about the wellbeing of others, but instead are corporations, governments and others with agendas that do not include our best interests. Our technology has become the basic infrastructure on which our society functions, and yet the individuals who use it have no say or control over its function.
\r\nIt\'s time to change our digital destiny.
\r\nWe believe it is necessary for technology to provide opportunity for: informed consent of use; transparent development and operation; privacy and security from bad actors; interaction without fear of surveillance; technology to work primarily on the terms of the people using it; functionality inside and outside of connected networks; use with other services and other software, repair; and connection, and not alienation, from the technology itself and that which is created from it.
\r\nWe therefore call for the adoption of the following principles for ethical technology:
\r\nWhen people discover that their technology is not functioning in their interest, or that the trade offs to use it have become too burdensome, they must have the ability to change what they are using, including the ability to replace the software on a device that they have purchased if it is not serving their interests and to use the technology while not being connected to a centralized network or choose a different network.
\r\nTechnology should not just be designed for the individuals using it, but also the communities of users. These communities can be those intentionally built around a piece of technology, geographic in nature, or united by another shared purpose. This includes having the ability and right to organize to repair the technology on and to migrate essential data to other solutions. Ownership of essential data must belong to the community relying on them.
\r\nWe, as individuals, collectives, cultures, and societies, are making this call in the rapidly changing face of technology and its deepening integration into our lives. Technology must support us as we forge our own digital destinies as our connectivity to digital networks and one another changes in ways we anticipate and in ways we have yet to imagine. Technology makers and those who use this technology can form the partnerships necessary to build the equitable, hopeful future we dream of.
\r\nWe\'d love to hear what you think! Let us know by emailing thoughts@ this domain.
\r\nThe Declaration of Digital Autonomy is (c) Molly de Blanc and Karen M. Sandler, 2020, licensed under Creative Commons Attribution-ShareAlike 4.0 International.
\r\n',311,0,1,'CC-BY-SA','manifesto, community, free software, open source, politics, philosophy, digital autonomy',0,0,1), (3398,'2021-08-11','Anacron',949,'Put down that crontab and get started with anacron','\r\n$ mkdir -p ~/.local/etc/cron.daily ~/.var/spool/anacron\r\nCreate a file called anacrontab:
\r\n$ touch /.local/etc/anacrontab\r\nSet it up to trigger scripts in your cron.daily folder:\r\n
\r\nSHELL=/bin/sh\r\nPATH=/sbin:/bin:/usr/sbin:/usr/bin\r\n1 0 cron.daily run-parts $HOME/.local/etc/cron.daily/\r\n\r\nValidate your anacrontab:\r\n
\r\n\r\n\r\n$ anacron -T -t ~/.local/etc/anacrontab -S ~/.var/spool/anacron\r\nStart anacron in a file that gets triggered at login, such as ~/.profile:\r\n
\r\nanacron -t $HOME/.local/etc/anacrontab -S $HOME/.var/spool/anacron\r\nNow that everything is set up, just put scripts you want to run regularly in cron.daily, and make them executable.\r\n
You can set up a weekly directory, too. Just set the time interval in your anacrontab to:\r\n
\r\n\r\n\r\nSHELL=/bin/sh\r\nPATH=/sbin:/bin:/usr/sbin:/usr/bin\r\n7 0 cron.weekly run-parts $HOME/.local/etc/cron.weekly/\r\nDominion is a card game. Lots of fun. You should try it.
\r\n\r\nYou can even play online for free at dominion.games\r\n
',78,95,0,'CC-BY-SA','card, game',0,0,1), diff --git a/sql/hpr-db-part-14.sql b/sql/hpr-db-part-14.sql index c91b6b6..723c2c5 100644 --- a/sql/hpr-db-part-14.sql +++ b/sql/hpr-db-part-14.sql @@ -1,3 +1,4 @@ +(3411,'2021-08-30','Dominion card game',1673,'Klaatu talks about the Dominion card game','Dominion is a card game. Lots of fun. You should try it.
\r\n\r\nYou can even play online for free at dominion.games\r\n
',78,95,0,'CC-BY-SA','card, game',0,0,1), (3409,'2021-08-26','Linux Inlaws S01E37: All about Hacker Public Radio',5738,'An interview with Ken Fallon, Janitor at Hacker Public Radio','\r\n In this episode of our beloved open source podcast rapidly approaching its\r\n zenith of popularity (with hopefully not an equally rapid decline afterwards)\r\n our two elderly heroes pay tribute to Hacker Public Radio in general and\r\n Ken Fallon in particular. Plus: a never-heard-of-before peek into Martin\'s\r\n very own private life (we lift the veil and reveal it all - don\'t miss this!)\r\n
\r\n\r\nIn this video I talk about 4 different computers that could be used in a ceph cluster and what I use and what could be good solutions. If you want to have a visual aid I\'ve created a youtube video talking about the same thing.
\r\nKlaatu asked us what document format we like and why, so this is a response to his podcast. In this podcast I talk about HTML and the importance of good document structure.
',382,0,0,'CC-BY-SA','html, document, css, javascript',0,0,1), @@ -298,7 +299,7 @@ INSERT INTO `eps` (`id`, `date`, `title`, `duration`, `summary`, `notes`, `hosti (3712,'2022-10-25','The last ever CCHits.net Show',5756,'The team talk about the nearly 12 years of producing CCHits.net.','Over 12 years ago, Jon \"The Nice Guy\"\nSpriggs went to a \"Pod Crawl\" with (among others)
The first show was released\non 2010-10-24 and the last ever show (this one) was released on\n2022-10-12.
\nOver the twelve years, Jon would go on to meet to meet
This year, the cracks started to re-appear in the architecture\nunderneath CCHits - between APIs shutting down that were used to load\ntracks to CCHits, and the general framework being used to write CCHits\nnot receiving the care and attention it needed... and the team finally\ndecided to stop adding new tracks, and let the process build the last\nfew shows.
\nThis podcast gives you a peek behind the curtain to the team involved\nin the system, and gives you some of the high- and low-lights in the 12\nyears the site ran for.
\n',413,0,0,'CC-BY','music,creative commons,podcast',0,0,1), (3724,'2022-11-10','My top Android apps',579,'I walk through the top apps on my phone','
Connect to the home network
\nVim editor
Secure files
\nClear Scanner PDF scanner and\nOCR
\nStar Wars: Dark Tide I: Onslaught
\nThe New Jedi Order #2
\nBoba Fett: A Practical Man
\nUS Amateur Radio Band Plan
\n\r\n![\"\"](\"/eps/hpr3725/01.jpeg\")
\r\nMap of Dublin showing the Temple Bar tourist area. A red arrow points to where you can change the profile.\r\n
\r\n![\"\"](\"/eps/hpr3725/02.jpeg\")
\r\nWith the Configure Map > Profile selection menu open, a red square surrounds the Bus icon to indicate the \"public transport\" profile is now selected.\r\n
\r\n![\"\"](\"/eps/hpr3725/03.jpeg\")
\r\nThe map now opens to show more information about public transport is now displayed on the map. This is highlighted with a red square.
\r\nClicking the bustop (highlighted with a red circle ) will show more information about the routes available at this location.\r\n
\r\n![\"\"](\"/eps/hpr3725/04.jpeg\")
\r\nOnce the transport stop is selected, a list of all the routes that service this location are displayed. Along with other routes that are available within a short distance.\r\n
\r\n![\"\"](\"/eps/hpr3725/05.jpeg\")
\r\nClicking any of the routes numbers/names will give a zoomed out map showing in red the route many of the stops towards it\'s source and destination.\r\n
\nThere were no new hosts this month.\n
\n\nThese are comments which have been made during the past month, either to shows released during the month or to past shows.\nThere are 4 comments in total.
\n\nThere are 4 comments on 4 of this month\'s shows:
\n\nPolicy decisions surrounding HPR are taken by the community as a whole. This\ndiscussion takes place on the Mail List which is open to all HPR listeners and\ncontributors. The discussions are open and available on the HPR server under\nMailman.\n
\nThe threaded discussions this month can be found here:
\nhttps://lists.hackerpublicradio.com/pipermail/hpr/2023-November/thread.html\n\n\nWith the kind permission of LWN.net we are linking to\nThe LWN.net Community Calendar.
\nQuoting the site:
\nThis is the LWN.net community event calendar, where we track\nevents of interest to people using and developing Linux and free software.\nClicking on individual events will take you to the appropriate web\npage.\n\n
Bulleted list item 1
Bulleted list item 2
\nThere were no new hosts this month.\n
\n\nThese are comments which have been made during the past month, either to shows released during the month or to past shows.\nThere are 5 comments in total.
\n\nThere are 5 comments on 5 of this month\'s shows:
\n\nPolicy decisions surrounding HPR are taken by the community as a whole. This\ndiscussion takes place on the Mail List which is open to all HPR listeners and\ncontributors. The discussions are open and available on the HPR server under\nMailman.\n
\nThe threaded discussions this month can be found here:
\nhttps://lists.hackerpublicradio.com/pipermail/hpr/2023-November/thread.html\n\n\nWith the kind permission of LWN.net we are linking to\nThe LWN.net Community Calendar.
\nQuoting the site:
\nThis is the LWN.net community event calendar, where we track\nevents of interest to people using and developing Linux and free software.\nClicking on individual events will take you to the appropriate web\npage.\n\n
Bulleted list item 1
Bulleted list item 2
A previously undocumented command-and-control (C2) framework dubbed\nAlchimist is likely being used in the wild to target Windows, macOS, and\nLinux systems.
\n\"Alchimist C2 has a web interface written in Simplified Chinese and\ncan generate a configured payload, establish remote sessions, deploy\npayloads to the remote machines, capture screenshots, perform remote\nshellcode execution, and run arbitrary commands,\" Cisco Talos said in a\nreport shared with The Hacker News. Written in GoLang, Alchimist is\ncomplemented by a beacon implant called Insekt, which comes with remote\naccess features that can be instrumented by the C2 server.”
\n\"Since Alchimist is a single-file based ready-to-go C2 framework, it\nis difficult to attribute its use to a single actor such as the authors,\nAPTs, or crimeware syndicates.\"
\nThe trojan, for its part, is equipped with features typically present\nin backdoors of this kind, enabling the malware to get system\ninformation, capture screenshots, run arbitrary commands, and download\nremote files, among others.
\nAlchimist C2 panel further features the ability to generate first\nstage payloads, including PowerShell and wget code snippets for Windows\nand Linux, potentially allowing an attacker to flesh out their infection\nchains to distribute the Insekt RAT binary. The instructions could then\nbe potentially embedded in a maldoc attached to a phishing email that,\nwhen opened, downloads and launches the backdoor on the compromised\nmachine. What\'s more, the Linux version of Insekt is capable of listing\nthe contents of the \".ssh\" directory and even adding new SSH keys to the\n\"~/.ssh/authorized_keys\" file to facilitate remote access over SSH.
\nMalicious actors are resorting to voice phishing (vishing) tactics to\ndupe victims into installing Android malware on their devices.
\nThe Dutch mobile security company said it identified a network of\nphishing websites targeting Italian online-banking users that are\ndesigned to get hold of their contact details.
\nTelephone-oriented attack delivery (TOAD), as the social engineering\ntechnique is called, involves calling the victims using previously\ncollected information from the fraudulent websites.
\nThe caller, who purports to be a support agent for the bank,\ninstructs the individual on the other end of the call to install a\nsecurity app and grant it extensive permissions, when, in reality, it\'s\nmalicious software intended to gain remote access or conduct financial\nfraud.
\nWhat\'s more, the infrastructure utilized by the threat actor has been\nfound to deliver a second malware named SMS Spy that enables the\nadversary to gain access to all incoming SMS messages and intercept\none-time passwords (OTPs) sent by banks.
\nThe new wave of hybrid fraud attacks presents a new dimension for\nscammers to mount convincing Android malware campaigns that have\notherwise relied on traditional methods such as Google Play Store\ndroppers, rogue ads, and smishing.
\nFounded in 1992, Omnicell is a leading provider of medication\nmanagement solutions for hospitals, long-term care facilities, and\nretail pharmacies. On May 4, 2022, Omnicell\'s IT systems and third-party\ncloud services were affected by ransomware attacks which may lead to\ndata security concerns for employees and patients. While it is still\nearly in the investigation, this appears to be a severe breach with\npotentially significant consequences for the company.
\nOmnicell began informing individuals whose information may have been\ncompromised on August 3, 2022. Hackers may be able to access and sell\npatient-sensitive information, such as social security numbers, due to\nthe time delay between the breach and the company\'s report of affected\npatients.
\nThe type of information that may be exposed are:
\nThe healthcare industry is one of the most targeted sectors globally,\nwith attacks doubling year over year. And these costs are measured in\nmillions or even billions of dollars - not to mention increased risks\nfor patients\' privacy (and reputation).
\nRansomware gangs are taking Americans to school. So far this year,\nhackers have taken hostage at least 1,735 schools in 27 districts; the\nmassive Los Angeles Unified School District is their latest target.
\nRansomware hackers breach computers, lock them up, steal sensitive\ndata and demand money to release their hold on organizations’ critical\nsystems. These criminals often attack schools because they are\nprofitable targets. If all ransomware victims refused to pay, the\nattacks would stop. Indeed, paying up might be illegal: The
The trouble is, saying no isn’t always easy. Los Angeles didn’t\ncapitulate, and the criminals leaked a trove of data — a consequence\nthat can prove more or less serious depending on the sensitivity of the\nstolen information.
\n“Because we can,” said a representative of the ransomware gang that\ntook down Los Angeles Unified School District, explaining the\ncollective’s motivations to a Bloomberg News reporter. Schools’ task is\nto turn “can” to “can’t” — or, at least, to make success pay a whole lot\nless.
\nVerizon notified prepaid customers this week of a recent cyberattack\nthat granted third-party actors access to their accounts, as reported\nearlier Tuesday by BleepingComputer. The attack occurred between Oct. 6\nand Oct. 10 and affected 250 Verizon prepaid customers.
\nThe breach exposed the last four digits of customers\' credit cards\nused to make payments on their prepaid accounts. While no full credit\ncard information was accessible, the information was enough to grant the\nattackers access to Verizon user accounts, which hold semi-sensitive\ndata such \"name, telephone number, billing address, price plans, and\nother service-related information,\" per a notice from Verizon.
\nAccount access also potentially enabled attackers to process\nunauthorized SIM card changes on prepaid lines. Also known as SIM\nswapping, unauthorized SIM card changes can allow for the transfer of an\nunsuspecting person\'s phone number to another phone.
\nFrom there, the counterfeit phone can be used to receive SMS messages\nfor password resets and user identification verifications on other\naccounts, giving attackers potential access to any account they have, or\ncan guess, the username for. Consequently, Verizon recommended affected\ncustomers secure their non-Verizon accounts such as social media,\nfinancial, email and other accounts that allow for password resets by\nphone.
\n',391,0,0,'CC-BY-SA','Threat Analysis, Security Breach, Ransomware, Data Breach, TOAD',0,0,1), (3717,'2022-11-01','Video editing with Shotcut on a low end PC',695,'In this episode I explain how I use the shotcut video editor to edit video on a low end PC.','C = copy\nV = paste\nA = duplicate\nX = ripple delete\nCtrl + X = ripple delete but send to clipboard\nS = splitSplits are not fixed and can be adjusted. Once you\'ve split up clips\nand put them in the right order on the timeline you can still adjust the\ncut point even though you previously split the clip because the clip is\nreferenced to the original file in the playlist.
\nHello and welcome Hacker Public Radio audience my name is Mr X\nwelcome to this podcast. As per usual I\'d like to start by thanking the\npeople at HPR for making this podcast possible. HPR is a Community led\npodcast provided by the community for the community that means you can\ncontribute to. The HPR team have gone to great deal of effort to\nsimplify and streamline the process of providing podcasts. There are\nmany ways to record an episode these days using phones tablets PCs and\nalike. The hardest barrier is sending in your first show. Don\'t get too\nhung up about quality, it\'s more important just to send something in.\nThe sound quality of some of my early shows wasn\'t very good. If I can\ndo it anyone can and you might just get hooked in the process.
\nWell it\'s been almost a year since I\'ve sent in a show. Looking at\nthe HPR site my last episode was back in November 2021. I suspect like\nmany others life has become more complicated and I find I have much less\nspare time and because I have much less spare time I have much less time\nto pursue my hobbies and because of this I have less to speak about and\nbecause of this I have less time to record what I\'ve been doing and it\nall turns into to vicious circle. Fortunately I recently had some time\noff work and had a lovely holiday. During the holiday I ended up\nrecording some video which I decided I wanted to edit. I\'ve done some\nvideo editing in the past using various video editing packages. The best\nand most recent of which is shotcut.
\nVideo resolution 1920 x 1080, Codec h264 mpeg-4, Frame rate 30 frames\nper second.
\nComputer Dell Optiplex 780. Fitted with 4 GB of internal RAM and\nonboard video graphics card.
\nShotcut version 22.06.23 Shotcut is a free open-source cross-platform\nvideo editor licenced under the GNU general public licence version\n3.0
\nThis episode will only cover basic shotcut video editing techniques.\nShotcut contains many advanced features and effects that will not be\ncovered in this episode. A lot of the workflow I’ll share with you today\nis intended to get around limitations imposed by my low spec PC
\nI\'ll try my best to cover the video editing process in this podcast\nusing words alone; however I am conscious that an accompanying video\nwould make it easier to follow along.
\nStart by creating a folder to hold all the required media files.\nAudio tracks and sound effects can be added to this folder later. Make\nsure all your video files are using the same frame rate in my case 30\nframes per second.
\nOpen each video file in VLC one at a time going through each video\nfile looking for the best portions of video. Make a note of where the\nbest portions of the video are by writing down the start and end points\nin minutes and seconds.
\nI do this because the interface of VLC is more responsive than\nshortcut and the resolution of displayed video is far greater than the\npreview in shortcut. This makes it quicker and easier to find the best\nportions of video.
\nOpen shortcut and make sure the new project is set to the same frames\nper second as the media files you\'re working with, in my case 30 frames\nper second. You can check the frame rate of your project by looking at\nthe selected video mode in the new projects window. If you select\nautomatic it will ensure the project resolution and frame rate\nautomatically match that of your media files.
\nStart by adding all the video files to the playlist, this can be done\nin a number of ways for example it can be done by clicking on the open\nfile button in the top toolbar or within the open files menu.\nAlternatively you can drag and drop files into the playlist. I find this\nto be the easiest way to add media files to a project. Once this is done\nsave your project.
\nDrag the first file from the Playlist to the timeline making sure\nthat the start of the video starts at 0 seconds.
\nClick on the timeline in the position where the first start point of\ninterest is needed. Use the S key to split the video at this point.\nDon\'t worry about being too accurate as this can be moved at a later\nstage.
\nRepeat this process for the end point of interest.
\nRepeat this again for all the other sections of start and end points\nof interest.
\nRemove the unwanted sections of video by clicking on a section then\nhitting the delete key. This will remove the unwanted section leaving an\nempty space behind.
\nOnce all the unwanted sections are removed click on the sections of\nvideo and pull them to the left to close the gaps up. I find it useful\nto leave some space between the good sections of video as it makes it\neasier to see where splits are and makes it easier later on to rearrange\nthe order of the individual clips.
\nCheck the start and end points of the remaining sections of video to\nsee that the start and end points stop in the correct place. You can do\nthis by clicking the play button on the preview window. The video start\nand end points can be adjusted by dragging the section left or right in\nin the timeline section; this is where leaving spaces Between each\nsection of video can be handy as it allows for fine tuning.
\nAdd a new blank video track to the timeline to hold the next video.\nNote this wasn\'t required when adding the first video track but it is\nneeded for each subsequent track. A video track can be added by right\nclicking on an empty portion of the timeline and selecting add video\ntrack. Alternatively use the ctrl + I key.
\nDrag your second video from the playlist onto the newly created blank\nvideo track in the timeline. As before make sure that the start of the\nvideo starts at 0 seconds.
\nBefore previewing any section of the second video track click the\nsmall eye shaped hide icon in the left section of the first video track\nlabelled output. This will prevent previewing both video tracks at the\nsame time.
\nRepeat the process above of chopping the second video track into\nsections using the S key to split the video up. Remove the unwanted\nsections. Finally adjust the start and end points of the remaining\nsections.
\nRepeat the steps above to add the remaining video files one at a time\nfrom the playlist to the timeline.
\nWhen complete you end up with separate video tracks in the timeline\neach containing good sections of video.
\nAt this stage I can\'t be too specific about how to continue as there\nare a number of different options depending on your particular Project.\nYou can for example start by combining the good sections of video into\none video track by dragging them from one track to another then add if\nrequired an audio track or you can add the audio track first and then\ntry to sync things up to the audio track moving bits and pieces of video\ninto one video track remembering to hide the unwanted sections of video\nby clicking on the small hide eye icons. Don\'t do too much editing\nwithout saving the project. If you get a message about low memory save\nthe project then reopen it.
\nTo export the final video click on the export button in the toolbar.\nI pick the default option, this creates an H.264/AAC MP4 file suitable\nfor most users and purposes. You can check the frame rate is the same as\nyour original media files by clicking on the advanced tab. Click the\nexport file button and give it a file name. It may take some time to\ncreate the export file. This will be dependent on the speed of your\ncomputer and the length and resolution of your project.
\nWhile Shotcut is far from perfect on my puny PC it is surprisingly\nusable and stable and is the best option I’ve found so far.
\nFinally here are some general shotcut tips I have when doing video\nediting on a puny PC with limited ram, slow processor and built in\ngraphics card such as mine.
\nClose all open applications leaving only shortcut open this helps\nwith RAM usage
\nShortcut is surprisingly stable with a feeble PC such as mine. I\nwould still recommend saving your project regularly as it is quick and\nvery easy to do.
\nIf you get a message about running out of RAM then try not to do too\nmuch more editing before saving the project. Once saved close shotcut\nand then reopen it. The longer your project is and the higher your\nproject resolution the more RAM you will need.
\nWhen you are about to export your final video save the project close\nshortcut reopen shotcut and immediately export your project as any\nprevious editing may be taking up precious ram.
\nBe patient when clicking on the timeline to repositioned the play\nhead. Always wait for the preview window to update. This can sometimes\ntake a few seconds.
\nWhen trying to sync video to audio you need to zoom in in quite a\nlong way before getting an audio preview. When doing this and moving the\nplay head you\'ll get a choppy version of the audio with this it is still\nperfectly possible to find the beat of the music allowing you to sync\nyour video to the music. If this doesn\'t seem to work for you then try\nzooming in closer.
\nOk that\'s about it for this podcast. Hope it wasn\'t too boring and it\nmade some sense. If you want to contact me I can be contacted at\nmrxathpr at googlemail.
\nThank you and goodbye.
\n',201,0,0,'CC-BY-SA','workflow, tips, video, editing, application',0,0,1), (3719,'2022-11-03','HPR News',594,'InfoSec; the language of security.','First, authentication. This is the process of verifying the\nvalidity of something; in our case, user credentials/identity. The most\ncommon way to authenticate is: USERNAME and PASSWORD.\nThis is just a single layer (single-factor authentication) and isn’t\nenough to discourage attackers.
Second, 2FA (Two-factor Authentication). 2FA increases the\ndifficulty for attackers by providing users an additional layer of\nsecurity to accomplish authentication. Common 2FA methods are: TOTP/OTP\n(the One Time Password), Authenticator\nApplications (Bitwarden,
Last, but not least, MFA (Multifactor Authentication). Similar to\n2FA, MFA offers users security with the addition of biometrics\n(fingerprint scan, retina scan, facial recognition, and voice\nrecognition). Attackers must overcome the knowledge factor, Possession\nfactor, Inherence/Biometric factor, Time factor, and sometimes Location\nfactor.
MORE helpful security information.
\n2FA/MFA Known Attacks.
\nRight now we are working through a backlog of older episodes that\nhave already been recorded. Once that ends we fully anticipate recording\nnew episodes with listener participation.
\nThank you very much for listening to this episode of the HPR\nAudioBookClub. We had a great time recording this show, and we hope you\nenjoyed it as well. We also hope you\'ll consider joining us next time we\nrecord a new episode. Please leave a few words in the episode\'s comment\nsection.
\nAs always; remember to visit the HPR contribution page HPR could\nreally use your help right now.
\nSincerely, The HPR Audiobook Club
\nP.S. Some people really like finding mistakes. For their enjoyment,\nwe always include a few.
\nThis episode was processed using
We use the \"Truncate Silence\" effect with it\'s default settings to\nminimize the silence between people speaking. When used with it\'s\ndefault (or at least reasonable) settings, Truncate Silence is extremely\neffective and satisfying. It makes everyone sound smarter, it makes the\nfile shorter without destroying actual content, and it makes a\nconversations sound as easy and fluid during playback as it was while it\nwas recorded. It can be even more effective if you can train yourself to\nremain silent instead of saying \"uuuuummmm.\" Just remember to ONLY pass\nthe file through Truncate Silence ONCE. If you pass it through a second\ntime, or if you set it too aggressively your audio may sound sped up and\nchoppy.
\nNext we use the \"Compressor\" effect with the following settings:
\nThreshold: -30db\n\nNoise Floor: -50db\n\nRatio: 3:1\n\nAttack Time: 0.2sec\n\nDecay Time: 1.0 sec`\"Make-up Gain for 0db after compressing\" and \"compress based on\npeaks\" were both left un-checked.
\nAfter compressing the audio we cut any pre-show and post-show chatter\nfrom the file and save them in a separate file for possible use as\nouttakes after the closing music.
\nWe adjust the Gain so that the VU meter in Audacity hovers around\n-12db while people are speaking, and we try to keep the peaks under\n-6db, and we adjust the Gain on each of the new tracks so that all\nvolumes are similar, and more importantly comfortable. Once this is done\nwe can \"Mix and Render\" all of our tracks into a single track for export\nto the .FLAC file which is uploaded to the HPR server.
\nAt this point we listen back to the whole file and we work on the\nshownotes. This is when we can cut out anything that needs to be cut,\nand we can also make sure that we put any links in the shownotes that\nwere talked about during the recording of the show. We finish the\nshownotes before exporting the .aup file to .FLAC so that we can paste a\ncopy of the shownotes into the audio file\'s metadata.
\nAt this point we add new, empty audio tracks into which we paste the\nintro, outro and possibly outtakes, and we rename each track\naccordingly.
\nRemember to save often when using Audacity. We like to save after\neach of these steps. Audacity has a reputation for being \"crashy\" but if\nyou remember save after every major transform, you will wonder how it\never got that reputation.
\n',157,53,1,'CC-BY-SA','Audiobook club, audiobook, fantasy, fiction',0,0,1), (3907,'2023-07-25','My introduction show',1153,'About me and computers','The show notes
\nMy original blog post on this topic:
Make your donations to:
\nhttps://www.paypal.com/paypalme/anthwlock
\nhttps://vcg.isti.cnr.it/~ponchio/untrunc.php
Chat Secure secure XMPP,\nThink of the children!!!
Technology on Barsoom
Deus Ex Machina much???
Names in fantasy books
See\nYou At The Morgue by Lawrence Blochman
\nRight now we are working through a backlog of older episode that have\nalready been recorded. Once that ends we fully anticipate recording new\nepisodes with listener participation.
\nThank you very much for listening to this episode of the HPR\nAudioBookClub. We had a great time recording this show, and we hope you\nenjoyed it as well. We also hope you\'ll consider joining us next time we\nrecord a new episode. Please leave a few words in the episode\'s comment\nsection.
\nAs always; remember to visit the HPR contribution page HPR could\nreally use your help right now.
\nSincerely, The HPR Audiobook Club
\nP.S. Some people really like finding mistakes. For their enjoyment,\nwe always include a few.
\nThis episode was processed using
We use the \"Truncate Silence\" effect with it\'s default settings to\nminimize the silence between people speaking. When used with it\'s\ndefault (or at least reasonable) settings, Truncate Silence is extremely\neffective and satisfying. It makes everyone sound smarter, it makes the\nfile shorter without destroying actual content, and it makes a\nconversations sound as easy and fluid during playback as it was while it\nwas recorded. It can be even more effective if you can train yourself to\nremain silent instead of saying \"uuuuummmm.\" Just remember to ONLY pass\nthe file through Truncate Silence ONCE. If you pass it through a second\ntime, or if you set it too aggressively your audio may sound sped up and\nchoppy.
\nNext we use the \"Compressor\" effect with the following settings:
\nThreshold: -30db\n\nNoise Floor: -50db\n\nRatio: 3:1\n\nAttack Time: 0.2sec\n\nDecay Time: 1.0 sec\"Make-up Gain for 0db after compressing\" and \"compress based on\npeaks\" were both left un-checked.
\nAfter compressing the audio we cut any pre-show and post-show chatter\nfrom the file and save them in a separate file for possible use as\nouttakes after the closing music.
\nWe adjust the Gain so that the VU meter in Audacity hovers around\n-12db while people are speaking, and we try to keep the peaks under\n-6db, and we adjust the Gain on each of the new tracks so that all\nvolumes are similar, and more importantly comfortable. Once this is done\nwe can \"Mix and Render\" all of our tracks into a single track for export\nto the .FLAC file which is uploaded to the HPR server.
\nAt this point we listen back to the whole file and we work on the\nshownotes. This is when we can cut out anything that needs to be cut,\nand we can also make sure that we put any links in the shownotes that\nwere talked about during the recording of the show. We finish the\nshownotes before exporting the .aup file to .FLAC so that we can paste a\ncopy of the shownotes into the audio file\'s metadata.
\nAt this point we add new, empty audio tracks into which we paste the\nintro, outro and possibly outtakes, and we rename each track\naccordingly.
\nRemember to save often when using Audacity. We like to save after\neach of these steps. Audacity has a reputation for being \"crashy\" but if\nyou remember save after every major transform, you will wonder how it\never got that reputation.
\nChat Secure secure XMPP,\nThink of the children!!!
Technology on Barsoom
Deus Ex Machina much???
Names in fantasy books
See\nYou At The Morgue by Lawrence Blochman
\nRight now we are working through a backlog of older episode that have\nalready been recorded. Once that ends we fully anticipate recording new\nepisodes with listener participation.
\nThank you very much for listening to this episode of the HPR\nAudioBookClub. We had a great time recording this show, and we hope you\nenjoyed it as well. We also hope you\'ll consider joining us next time we\nrecord a new episode. Please leave a few words in the episode\'s comment\nsection.
\nAs always; remember to visit the HPR contribution page HPR could\nreally use your help right now.
\nSincerely, The HPR Audiobook Club
\nP.S. Some people really like finding mistakes. For their enjoyment,\nwe always include a few.
\nThis episode was processed using
We use the \"Truncate Silence\" effect with it\'s default settings to\nminimize the silence between people speaking. When used with it\'s\ndefault (or at least reasonable) settings, Truncate Silence is extremely\neffective and satisfying. It makes everyone sound smarter, it makes the\nfile shorter without destroying actual content, and it makes a\nconversations sound as easy and fluid during playback as it was while it\nwas recorded. It can be even more effective if you can train yourself to\nremain silent instead of saying \"uuuuummmm.\" Just remember to ONLY pass\nthe file through Truncate Silence ONCE. If you pass it through a second\ntime, or if you set it too aggressively your audio may sound sped up and\nchoppy.
\nNext we use the \"Compressor\" effect with the following settings:
\n![Encoding vs Decoding](\"https://s3-us-west-2.amazonaws.com/courses-images/wp-content/uploads/sites/4052/2019/04/08194049/CommunicationProcessModel1.jpg\"){kind=link}
Threshold: -30db\n\nNoise Floor: -50db\n\nRatio: 3:1\n\nAttack Time: 0.2sec\n\nDecay Time: 1.0 sec\"Make-up Gain for 0db after compressing\" and \"compress based on\npeaks\" were both left un-checked.
\nAfter compressing the audio we cut any pre-show and post-show chatter\nfrom the file and save them in a separate file for possible use as\nouttakes after the closing music.
\nWe adjust the Gain so that the VU meter in Audacity hovers around\n-12db while people are speaking, and we try to keep the peaks under\n-6db, and we adjust the Gain on each of the new tracks so that all\nvolumes are similar, and more importantly comfortable. Once this is done\nwe can \"Mix and Render\" all of our tracks into a single track for export\nto the .FLAC file which is uploaded to the HPR server.
\nAt this point we listen back to the whole file and we work on the\nshownotes. This is when we can cut out anything that needs to be cut,\nand we can also make sure that we put any links in the shownotes that\nwere talked about during the recording of the show. We finish the\nshownotes before exporting the .aup file to .FLAC so that we can paste a\ncopy of the shownotes into the audio file\'s metadata.
\nAt this point we add new, empty audio tracks into which we paste the\nintro, outro and possibly outtakes, and we rename each track\naccordingly.
\nRemember to save often when using Audacity. We like to save after\neach of these steps. Audacity has a reputation for being \"crashy\" but if\nyou remember save after every major transform, you will wonder how it\never got that reputation.
\nI\'ve been meaning to put down my thoughts about SystemD for the HPR\ncommunity for some while, so here goes.
\nI want to say that I am not a SystemD hater. When SystemD was a hot\ntopic of debate, many became irrational over it, but I want to start by\nsaying that I don\'t think it\'s a bad technology. I think it is a rather\ngood technology. I just don\'t want it on my personal computer. So I\nwould like to run things down in this order: what is it (as in, what is\nit really,) what makes it a good technology, why I don\'t want it now\n(but might later,) and a few tips for you if you decide that you don\'t\nwant it currently.
\nSystemD Is not an init system. SystemD includes an init system.\nSystemD Init was faster than SysVInit, but SystemD Init isn\'t the\nfastest init system, and SysVInit now has a parallelization helper, at\nleast on Debian.
\nSo, if SystemD Init is not SystemD, than what is SystemD? To\nunderstand this we must first understand something about Linux. Linux\noperates under a model where there are root processes, and there are\nuser processes. These two kinds of processes are usually called\n\"layers.\" SystemD is actually a third layer, that can be called a system\nlayer. So when SystemD is added to a Linux system, that changes the\nsystem so that there are three layers, a root layer, a user layer, and a\nsystem layer. As such, you now ask SystemD to set how the system runs.\nThis is why SystemD includes things like an init system, because if you\nwant to change what the system is running, you ask SystemD to change it.\nSystemD then messages an appropriate system to implement the change,\nlike messaging its init system to bring up or bring down a system\ndaemon. Once you play out this in your head a bit, you really realize\nthat SystemD acts more like a message passing system in this regard.
\nSo why do I say SystemD is a good technology? Because this can\nstandardize system control. Without SystemD a fleet of computers becomes\nlike individual fingerprints or unique snowflakes. If you manage many\ncomputers, as many professional IT people do, you want them to all run\nthe same, all have the same profiles and general configurations. So if\nyou have a bunch of computers you are running, you can run a lot more if\nthey are all run the same way. If your job requires you to run 10,000\nwebservers, you want them to run identically because it is impossible to\nkeep an understanding of 10,000 unique configurations in a human\nhead.
\nSystemD really shines in its support of virtualization as well. So\nto speak of servers, I used to run an email server for a few friends.\nEach of us had a userid and number as unix users. The mapping of unix\nuserids and postfix userids can get confusing when it gets big. Thanks\nto SystemD\'s virtualization work, you can actually put a service like\nemail into a namespace situation so that it has only the users root and\nthe daemon user id (like \"postfix\"), so SystemD greatly enhances\nsecurity for server installations. This might help explain its\ndominance in linux distributions that have been traditionally\nserver-centric, such as debian and redhat.
\nSo why don\'t I don\'t want it? Well, I\'ve been doing a lot of talking\nabout professional computer work and corporate work environments, but I\nuse a \"Personal Computer\" as a hobby. I\'ve been out-of-industry for\ndecades now. And when I say \"Personal Computer\" I\'m not talking a\nhardware specification, rather I\'m talking about \"This is my personal\ncomputer where I do things my way, as opposed to my work computer where\nI do things my companies way\". Dear listener, please remember that I did\nthe first community show contribution to HPR, and my topic was about\npersonalization. For me, a hobbyist interested in operating system\nexperimentation, I don\'t want a system layer, I want a traditional\nunix-like system that operates on a two-layer model and does things my\nway, nobody else\'s way.
\nSo, what advice can I give to those who don\'t want SystemD now? Well,\nrecently I\'ve left Debian. Debian, you see, supports init system\ndiversity, but as you now know dear listener, that is different than\nbeing without SystemD. You may have heard that SystemD is\nlinux-specific, that is to say that it runs only on linux, not anything\nlike a BSD system or a Windows system. But you may be curious to know\nthat it is also Gnu-libC specific. Which means that the C compiler must\nuse GNU\'s libC standard library. Thus, if you have a system built around\nthe Musl C standard library like Alpine or Void, or a system like\nAndroid that runs on the Bionic C Standard library, you wont have a\nSystemD system. I\'m personally learning Void as its package manager\nsupports both binary and a ports collection much like the BSD\'s. But\nthat is what I\'m doing on my personal computer, I leave you in the\nfreedom to do things your way on your personal computer!
\n\n',73,99,0,'CC-BY-SA','systemd,linux',0,0,1), (3904,'2023-07-20','How to make friends',2861,'This topic is being actively researched. Not for production use.','Show notes
\nNo clear mark of when friendship starts
\noften feels \"right\" when mutual
\nto some people friendship is a persistent state. once you have it, it's forever unless explicitly dissolved.
\nfor other people, it's something requiring maintenance. arguable this suggests that there are degrees of friendship, based on when you last spoke to one another.
\ndegrees of friendship also suggests progression. friend → close friend → best friend.
\nfriendship requires communication.
\nstart by communicating in some way that makes the other person feel not unpleasant
\nyou're not supposed to target a friend. this can be a frustrating rule, because if you're trying to make a friend, you have to target somebody, but the general consensus is that you're not supposed to \"try too hard\". target lots of people in the hopes of stumbling across somebody to befriend.
\ncomplimenting something they have done, even if it's something simple like wearing a cool shirt, is a very easy start
\nfinding ground common allows for repeated communication
\nrepetition of this is what builds friendship. this is why friendships often develop at work, but can dissolve quickly after a job change.
\nthe situation matters. chatting with someone who's being paid to interact with you, like somebody working at a store, doesn't count because in context they more or less cannot choose to stop communicating with you until you leave the store. chatting with someone who has anything to gain by chatting with you doesn't count (like an intern at work).
\nto speed up a developing friendship, you can invite the person to interact with you on something with a clearly defined goal. You like coding? I like coding! Would you care to collaborate for 4 hours on a script that would help me find my Raspberry Pi on my network?
\nduring the activity, continue to communicate. this can be difficult because you're doing an activity that you both claim to enjoy, so in theory the activity should be sufficient to further the friendship. However, the activity doesn't build the friendship, it only builds a partnership. It's the communication that builds friendship.
\nunfortunately, there's no clear point during this process at which you know you have made a friend. so you have to define what a friend is, to you, and then work toward that goal.
\nHere are some examples of definitions for friendship. There is no right or wrong here, it's really just setting your own expectations and requirements:
\nA friend is someone to hang out with on sundays.
\nA friend is someone I can call when I've got some free time to kill.
\nA friend is someone I can play video games with online.
\nA friend is someone I can call, day or night, when I need help.
\nA friend is someone who has come over for dinner, and has met my family, and who I see at least once a month.
\nThere's no official definition, so you must define it yourself.\nYour definition may differ from the other person's definition.\nYou might say \"we are best friends\" but they might say \"no, I already have a best friend, but you're a good friend\" and THAT'S OK.
\nIf it helps, classify what kinds of friends you have so you understand what kinds of relationships you are maintaining.\nCommunicate with your friends, even if it's only to let them know that you're bad at communicating on a regular basis, or ask them how frequently they need to communicate to maintain a healthy friendship.
\n',78,108,0,'CC-BY-SA','autism,friendship,relationship,social engineering',0,0,1), (3905,'2023-07-21','Presenting Fred Black',1105,'I have a short talk to present Fred Black.','Since some of the information you are about to hear is time specific,\nI want to let you know that I am recording this near the end of November\nin 2023.
\nWhichever holidays you celebrate this time of year, life generally\ngets busy and stressful.
\nIt could be shopping
\nor cooking
\nor cleaning
\nor school activities
\nor buying, assembling, wrapping, and delivering gifts
\nor planning time with family
\nor dealing with visiting family
\nor scheduling time off from work
\nor managing extra work while others have scheduled time off
\nor a whole plethora of other things.
\nThis time of year can be stressful.
A few years ago, I discovered a fun activity, which challenged my\nmind and helped me focus and detach from the stress for a little while\neach day, through the month of December. It helped me manage the stress\nin an enjoyable way.
\nSince then, I have found and tried several other similar activities,\nso I wanted to share a little about them with you for the next few\nepisodes so you can see what might work for you.
\nThe first I would like to share is called the Advent of Code\nChallenge (https://adventofcode.com/). In HPR episodes 2973 (
But the TLDR (Or maybe the TLDL -- Too Long Didn\'t Listen?) for\nAdvent of Code is that it is a 25 day challenge which begins on December\n1. Once you register at adventofcode.com, Each day, you will be\npresented with a problem to solve and some sample data to use for\nverification that your program works. You can choose to use any\nprogramming language or application you desire produce the answer. Last\nyear, I used this to brush up on my Python skills. Others use Visual\nBasic, C (and all its variants), Rust, Go, etc. I have seen people use\nCobol, Fortran, and Pascal, or even Microsoft Excel. It is really up to\nyou. You are then presented a dataset which is unique to your login, and\nagainst which you run your code. When complete, you submit the answer\ncame up with on the adventofcode.com web site and they will tell you if\nyou are correct or not.
\nIf you are competitive (And REALLY GOOD) there is a Global\nLeaderboard. If you want to compete with a group of friends, you can\nbuild your own leaderboard and invite others to take part with you.
\nThere are tons of resources online, from youtube channels to reddit\n(https://www.reddit.com/r/adventofcode/), to Discord (
So, if you are looking for a way to challenge your mind and detach\nfrom holiday stress, Advent of Code may be something you might try.
\nIf this is not your cup of tea, I will be sharing several other\noptions for holiday challenges in future episodes.
\n',394,0,0,'CC-BY-SA','Advent of Code, holiday, challenge',0,0,1), (3999,'2023-11-30','Holiday Challenges Series Ep 02 TryHackMe Advent of Cyber Challenge',183,'Discussing the TryHackMe Advent of Cyber challenge to help you enjoy the holiday season','Since some of the information you are about to hear is time specific,\nI want to let you know that I am recording this near the end of November\nin 2023.
\nIf you missed the first episode, which introduces this series, you\ncan go back and listen to HPR3996
\nI have been using TryHackMe for several years, and I recommend it to\nall of my students. It is a great environment where people can get hands\non experience with technology that relates to cyber security, all from\nthe comfort of their browser and free year-round.
\nThe TryHackMe Advent of Cyber challenge is a free gamified\nenvironment which focuses on penetration testing, security\noperations/engineering, forensics/incident response, malware analysis,\nmachine learning, and more!
\nThis year\'s challenge opens on December 1, 2023 (Which is the reason\nwhy I am posting twice this week). Typically, the Advent of Cyber\nchallenge includes daily beginner-friendly exercises for people new to\ncybersecurity. These can consist of walkthroughs, video tutorials, and\nchallenges. There are also prizes available based on random drawings and\non participant success.
\nInfosec personalities like John Hammond, Gerald Auger, InsiderPHD,\nand InfoSec Pat are featured in this year\'s challenge.
\nYou can play with last year\'s Advent of Cyber challenge by visiting\nhttps://tryhackme.com/room/adventofcyber4. It outlines\nthe overall story and shows all of the tasks last year\'s participants\nexperienced, including both offensive and defensive topics like: log\nanalysis, OSINT, scanning, brute force attacks, email analysis,\nCyberChef, blockchain smart contracts, malware analysis, memory\nforensics, packet analysis, web application hacking, and more!
\nEverything can be done with a free account from within a browser.
\nIf you want to learn more about cybersecurity, transition your career\ninto infosec, or just have fun playing with cyber challenges, you can\ngive it a try by visiting tryhackme.com or
Please note: I am not affiliated with TryHackMe in any way, other\nthan having been a paying member for many years. Students and others who\nhave participated in previous year\'s Advent of Cyber challenges have\ntold me how much they enjoyed it and learned from it. Even though I have\nbeen an infosec practitioner for more years than I would like to admit,\nI also have enjoyed taking part in this challenge.
\nIf this is not for you, I will be sharing another option for a\nholiday challenge in my next episode.
\n',394,0,0,'CC-BY-SA','Advent of Cyber, TryHackMe, Hands on, cyber, cybersecurity, infosec, holiday, challenge',0,0,1), (4006,'2023-12-11','Holiday Challenges Ep 3 SANS Holiday Hack Challenge & KringleCon',160,'Discussing the SANS Holiday Hack Challenge & KringleCon to help you enjoy the holiday season','Since some of the information you are about to hear is time specific,\nI want to let you know that I am recording this near the end of November\nin 2023.
\nIf you missed the first episode, which introduces this series, you\ncan go back and listen to HPR3996
\nThe SANS Holiday Hack Challenge is an interactive online technology\nand hacking game combined with a virtual security conference, beginning\nin the second week of December. By the time this episode drops, it may\nalready be live. You can tour the North Pole conference facilities,\nmeeting people, interactive non-player characters (NPC), and maybe even\nsome villains from Holiday Hack Challenges past, as you solve problems\nand gather clues which you use to help save Christmas.
\nEverything can be done from within the browser, and did I mention\nthere is a virtual security conference, called KringleCon? Some of the\nbiggest rock stars (and most humble and brilliant people) in\nCyberSecurity speak each year at KringleCon. Many of their talks also\nprovide clues to solving game challenges.
\nEd Skoudis and his team (The same people who build SANS NetWars) work\ntirelessly year after year to create the most amazing experience,\ncomplete with custom music! This has become one of my favorite holiday\ntraditions each year. You can learn more about the 2023 challenge by\nwatching Ed\'s Inside SANS Holiday Hack Challenge 2023 YouTube video at\nhttps://www.youtube.com/watch?v=X9Gmdr_CxzQ
\nYou can access this year\'s challenge by visiting sans.org/holidayhack\nor https://www.sans.org/mlp/holiday-hack-challenge-2023/
\nThere, you will learn more about all things Holiday Hack before the\ngame opens in the second week of December. If you want to play now, or\njust get a feel for it, you can access three of the previous years\'\nchallenges right now at the same site.
\nI am not associated with SANS or the Holiday Hack Challenge in any\nway, other than to have participated for several years now, and I have\nwatched other people learn and grow by taking part in it.
\nI hope that you have enjoyed this short series. If there are other\nonline challenges you find interesting or informative, I encourage you\nto record a show about them.
\nHave a wonderful day.
\n',394,0,0,'CC-BY-SA','SANS, KringleCon, holiday, challenge',0,0,1), -(3997,'2023-11-28','The Oh No! News.',875,'Sgoti talks about Malware distributed via Google\'s Dynamic Ads and more.','Source:
\n
Supporting Source:
\n
Source:
\n
Source:
\n
Source:
\n
![\"Creative](\"https://i.creativecommons.org/l/by-sa/4.0/88x31.png\")
Source:
\n
Supporting Source:
\n
Source:
\n
Source:
\n
Source:
\n
Tags: Reply show, password managers, lastpass.
Reply to:
\n
Supporting Source:
\n
Supporting Source:
\n
Supporting Source:
\n
Reply to:
\n
Reply to:
\n
Source:
\n
Source:
\n
This work is licensed under a
\r\nI love programming languages and their implementations, and I especially love exploring new paradigms of writing programs. I\'m online at https://davidchristiansen.dk.\r\n
','CC-BY',0,'',1,'David Thrane Christiansen'), (419,'Ryuno-Ki','andre.jaenisch.nospam@nospam.posteo.de','Web-Developer and Consultant as a freelancer since 2023.\r\n\r\nHomepage: https://jaenis.ch/\r\nProfessional email: andre.jaenisch.wdc@posteo.net','CC-BY-SA',0,'',1,'Ryuno-Ki'), (422,'Fred Black','fredrik.nospam@nospam.svenskaa.net','','CC-BY-SA',0,'',1,'Fred Black'), -(423,'Noodlez','contact.nospam@nospam.nathanielbarragan.xyz','Hello all! I\'m Noodlez, an HPR listener and now contributor. I like anything to do with Linux and Linux-adjacent (Like other Unixes), and programming, and other random things like retro gaming.','CC-BY-SA',0,'',1,'Noodlez'); -/*!40000 ALTER TABLE `hosts` ENABLE KEYS */; diff --git a/sql/hpr-db-part-15.sql b/sql/hpr-db-part-15.sql index afdf9a4..985419f 100644 --- a/sql/hpr-db-part-15.sql +++ b/sql/hpr-db-part-15.sql @@ -1,3 +1,5 @@ +(423,'Noodlez','contact.nospam@nospam.nathanielbarragan.xyz','Hello all! I\'m Noodlez, an HPR listener and now contributor. I like anything to do with Linux and Linux-adjacent (Like other Unixes), and programming, and other random things like retro gaming.','CC-BY-SA',0,'',1,'Noodlez'); +/*!40000 ALTER TABLE `hosts` ENABLE KEYS */; UNLOCK TABLES; -- @@ -487,4 +489,4 @@ UNLOCK TABLES; /*!40014 SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS */; /*!40111 SET SQL_NOTES=@OLD_SQL_NOTES */; --- Dump completed on 2023-11-22 7:14:58 +-- Dump completed on 2023-11-22 20:01:07 diff --git a/sql/hpr.sql b/sql/hpr.sql index 6343440..03b7c05 100644 --- a/sql/hpr.sql +++ b/sql/hpr.sql @@ -12662,7 +12662,7 @@ CREATE TABLE `comments` ( `last_changed` datetime NOT NULL DEFAULT current_timestamp(), PRIMARY KEY (`id`), KEY `comments_eps_id_idx` (`eps_id`) -) ENGINE=MyISAM AUTO_INCREMENT=3827 DEFAULT CHARSET=utf8mb3 COLLATE=utf8mb3_unicode_ci COMMENT='New comments table populated from c5t_* tables'; +) ENGINE=MyISAM AUTO_INCREMENT=3828 DEFAULT CHARSET=utf8mb3 COLLATE=utf8mb3_unicode_ci COMMENT='New comments table populated from c5t_* tables'; /*!40101 SET character_set_client = @saved_cs_client */; -- @@ -16492,7 +16492,8 @@ INSERT INTO `comments` (`id`, `eps_id`, `comment_timestamp`, `comment_author_nam (3823,3978,'2023-11-05 18:50:42','Kevin O\'Brien','Good show','This was interesting and I enjoyed seeing the perspective of an operator. I have made it a practice to be courteous to truck drivers because they have enough weird stuff to deal with.','2023-11-05 19:06:21'), (3824,3981,'2023-11-06 10:42:23','Hobson Lane (hobs)','Ken\'s comment about demand avoidance','Love the monthly Community News shows. Ken\'s comment about resisting the demands of his past self from reminders apps struck a chord with me. I\'ve been struggling with PDA (persistent/pathological demand avoidance) myself. I\'ll record a response show to summarize some things I\'ve learned from other podcasts that help boost my intrinsic motivation -- things like random rewards (to prevent external rewards from swamping your intrinsic motivation dopamine high). Dave\'s idea to use rituals and habits is also something that sometimes works for me. Rely admire the high quality open source technical infrastructure that keeps this community thriving and the supportive vibe of all the hosts and contributors. It gives me hope for the future of social media and the Internet.','2023-11-06 10:45:43'), (3825,3984,'2023-11-09 15:21:35','Trey','Really? You are sharing this with the world?','Dude! I thought we were keeping this on the down low? And you are naming names?\r\n\r\nNow I need to contact witness protection AGAIN!\r\n\r\nSMH...','2023-11-09 15:26:35'), -(3826,3989,'2023-11-17 02:10:27','Trey','Changing passowrds','One consideration when it comes to the LastPass breach is that attackers are actively working to compromise individual vaults exposed by the data. They seem to be targeting known cryptocurrency traders, but if you had a weak or guessable password or low iterations of encryption, the information you stored in your vault may become available to attackers. It is recommended that, whether you choose to stay with LastPass or not, you change all of the passwords, keys, important secrets, etc which you stored in your vault.','2023-11-17 13:02:07'); +(3826,3989,'2023-11-17 02:10:27','Trey','Changing passowrds','One consideration when it comes to the LastPass breach is that attackers are actively working to compromise individual vaults exposed by the data. They seem to be targeting known cryptocurrency traders, but if you had a weak or guessable password or low iterations of encryption, the information you stored in your vault may become available to attackers. It is recommended that, whether you choose to stay with LastPass or not, you change all of the passwords, keys, important secrets, etc which you stored in your vault.','2023-11-17 13:02:07'), +(3827,3993,'2023-11-22 14:05:19','Trey','What fun!','This looks like it would be a very fun project. Reminds me of an old microcontroller project I built back around 1990 using an 8085 and a bunch of wirewrap. It would fit in a shoe box, but definitely would NOT fit into an Altoids tin.\r\n\r\nThank you for sharing.','2023-11-22 15:00:06'); /*!40000 ALTER TABLE `comments` ENABLE KEYS */; UNLOCK TABLES; /*!50003 SET @saved_cs_client = @@character_set_client */ ; @@ -20298,7 +20299,7 @@ INSERT INTO `eps` (`id`, `date`, `title`, `duration`, `summary`, `notes`, `hosti (3712,'2022-10-25','The last ever CCHits.net Show',5756,'The team talk about the nearly 12 years of producing CCHits.net.','Over 12 years ago, Jon \"The Nice Guy\"\nSpriggs went to a \"Pod Crawl\" with (among others)
The first show was released\non 2010-10-24 and the last ever show (this one) was released on\n2022-10-12.
\nOver the twelve years, Jon would go on to meet to meet
This year, the cracks started to re-appear in the architecture\nunderneath CCHits - between APIs shutting down that were used to load\ntracks to CCHits, and the general framework being used to write CCHits\nnot receiving the care and attention it needed... and the team finally\ndecided to stop adding new tracks, and let the process build the last\nfew shows.
\nThis podcast gives you a peek behind the curtain to the team involved\nin the system, and gives you some of the high- and low-lights in the 12\nyears the site ran for.
\n',413,0,0,'CC-BY','music,creative commons,podcast',0,0,1), (3724,'2022-11-10','My top Android apps',579,'I walk through the top apps on my phone','
Connect to the home network
\nVim editor
Secure files
\nClear Scanner PDF scanner and\nOCR
\nStar Wars: Dark Tide I: Onslaught
\nThe New Jedi Order #2
\nBoba Fett: A Practical Man
\nUS Amateur Radio Band Plan
\n\r\n
\r\nMap of Dublin showing the Temple Bar tourist area. A red arrow points to where you can change the profile.\r\n
\r\n
\r\nWith the Configure Map > Profile selection menu open, a red square surrounds the Bus icon to indicate the \"public transport\" profile is now selected.\r\n
\r\n
\r\nThe map now opens to show more information about public transport is now displayed on the map. This is highlighted with a red square.
\r\nClicking the bustop (highlighted with a red circle ) will show more information about the routes available at this location.\r\n
\r\n
\r\nOnce the transport stop is selected, a list of all the routes that service this location are displayed. Along with other routes that are available within a short distance.\r\n
\r\n
\r\nClicking any of the routes numbers/names will give a zoomed out map showing in red the route many of the stops towards it\'s source and destination.\r\n
\nThere were no new hosts this month.\n
\n\nThese are comments which have been made during the past month, either to shows released during the month or to past shows.\nThere are 4 comments in total.
\n\nThere are 4 comments on 4 of this month\'s shows:
\n\nPolicy decisions surrounding HPR are taken by the community as a whole. This\ndiscussion takes place on the Mail List which is open to all HPR listeners and\ncontributors. The discussions are open and available on the HPR server under\nMailman.\n
\nThe threaded discussions this month can be found here:
\nhttps://lists.hackerpublicradio.com/pipermail/hpr/2023-November/thread.html\n\n\nWith the kind permission of LWN.net we are linking to\nThe LWN.net Community Calendar.
\nQuoting the site:
\nThis is the LWN.net community event calendar, where we track\nevents of interest to people using and developing Linux and free software.\nClicking on individual events will take you to the appropriate web\npage.\n\n
Bulleted list item 1
Bulleted list item 2
\nThere were no new hosts this month.\n
\n\nThese are comments which have been made during the past month, either to shows released during the month or to past shows.\nThere are 5 comments in total.
\n\nThere are 5 comments on 5 of this month\'s shows:
\n\nPolicy decisions surrounding HPR are taken by the community as a whole. This\ndiscussion takes place on the Mail List which is open to all HPR listeners and\ncontributors. The discussions are open and available on the HPR server under\nMailman.\n
\nThe threaded discussions this month can be found here:
\nhttps://lists.hackerpublicradio.com/pipermail/hpr/2023-November/thread.html\n\n\nWith the kind permission of LWN.net we are linking to\nThe LWN.net Community Calendar.
\nQuoting the site:
\nThis is the LWN.net community event calendar, where we track\nevents of interest to people using and developing Linux and free software.\nClicking on individual events will take you to the appropriate web\npage.\n\n
Bulleted list item 1
Bulleted list item 2
A previously undocumented command-and-control (C2) framework dubbed\nAlchimist is likely being used in the wild to target Windows, macOS, and\nLinux systems.
\n\"Alchimist C2 has a web interface written in Simplified Chinese and\ncan generate a configured payload, establish remote sessions, deploy\npayloads to the remote machines, capture screenshots, perform remote\nshellcode execution, and run arbitrary commands,\" Cisco Talos said in a\nreport shared with The Hacker News. Written in GoLang, Alchimist is\ncomplemented by a beacon implant called Insekt, which comes with remote\naccess features that can be instrumented by the C2 server.”
\n\"Since Alchimist is a single-file based ready-to-go C2 framework, it\nis difficult to attribute its use to a single actor such as the authors,\nAPTs, or crimeware syndicates.\"
\nThe trojan, for its part, is equipped with features typically present\nin backdoors of this kind, enabling the malware to get system\ninformation, capture screenshots, run arbitrary commands, and download\nremote files, among others.
\nAlchimist C2 panel further features the ability to generate first\nstage payloads, including PowerShell and wget code snippets for Windows\nand Linux, potentially allowing an attacker to flesh out their infection\nchains to distribute the Insekt RAT binary. The instructions could then\nbe potentially embedded in a maldoc attached to a phishing email that,\nwhen opened, downloads and launches the backdoor on the compromised\nmachine. What\'s more, the Linux version of Insekt is capable of listing\nthe contents of the \".ssh\" directory and even adding new SSH keys to the\n\"~/.ssh/authorized_keys\" file to facilitate remote access over SSH.
\nMalicious actors are resorting to voice phishing (vishing) tactics to\ndupe victims into installing Android malware on their devices.
\nThe Dutch mobile security company said it identified a network of\nphishing websites targeting Italian online-banking users that are\ndesigned to get hold of their contact details.
\nTelephone-oriented attack delivery (TOAD), as the social engineering\ntechnique is called, involves calling the victims using previously\ncollected information from the fraudulent websites.
\nThe caller, who purports to be a support agent for the bank,\ninstructs the individual on the other end of the call to install a\nsecurity app and grant it extensive permissions, when, in reality, it\'s\nmalicious software intended to gain remote access or conduct financial\nfraud.
\nWhat\'s more, the infrastructure utilized by the threat actor has been\nfound to deliver a second malware named SMS Spy that enables the\nadversary to gain access to all incoming SMS messages and intercept\none-time passwords (OTPs) sent by banks.
\nThe new wave of hybrid fraud attacks presents a new dimension for\nscammers to mount convincing Android malware campaigns that have\notherwise relied on traditional methods such as Google Play Store\ndroppers, rogue ads, and smishing.
\nFounded in 1992, Omnicell is a leading provider of medication\nmanagement solutions for hospitals, long-term care facilities, and\nretail pharmacies. On May 4, 2022, Omnicell\'s IT systems and third-party\ncloud services were affected by ransomware attacks which may lead to\ndata security concerns for employees and patients. While it is still\nearly in the investigation, this appears to be a severe breach with\npotentially significant consequences for the company.
\nOmnicell began informing individuals whose information may have been\ncompromised on August 3, 2022. Hackers may be able to access and sell\npatient-sensitive information, such as social security numbers, due to\nthe time delay between the breach and the company\'s report of affected\npatients.
\nThe type of information that may be exposed are:
\nThe healthcare industry is one of the most targeted sectors globally,\nwith attacks doubling year over year. And these costs are measured in\nmillions or even billions of dollars - not to mention increased risks\nfor patients\' privacy (and reputation).
\nRansomware gangs are taking Americans to school. So far this year,\nhackers have taken hostage at least 1,735 schools in 27 districts; the\nmassive Los Angeles Unified School District is their latest target.
\nRansomware hackers breach computers, lock them up, steal sensitive\ndata and demand money to release their hold on organizations’ critical\nsystems. These criminals often attack schools because they are\nprofitable targets. If all ransomware victims refused to pay, the\nattacks would stop. Indeed, paying up might be illegal: The
The trouble is, saying no isn’t always easy. Los Angeles didn’t\ncapitulate, and the criminals leaked a trove of data — a consequence\nthat can prove more or less serious depending on the sensitivity of the\nstolen information.
\n“Because we can,” said a representative of the ransomware gang that\ntook down Los Angeles Unified School District, explaining the\ncollective’s motivations to a Bloomberg News reporter. Schools’ task is\nto turn “can” to “can’t” — or, at least, to make success pay a whole lot\nless.
\nVerizon notified prepaid customers this week of a recent cyberattack\nthat granted third-party actors access to their accounts, as reported\nearlier Tuesday by BleepingComputer. The attack occurred between Oct. 6\nand Oct. 10 and affected 250 Verizon prepaid customers.
\nThe breach exposed the last four digits of customers\' credit cards\nused to make payments on their prepaid accounts. While no full credit\ncard information was accessible, the information was enough to grant the\nattackers access to Verizon user accounts, which hold semi-sensitive\ndata such \"name, telephone number, billing address, price plans, and\nother service-related information,\" per a notice from Verizon.
\nAccount access also potentially enabled attackers to process\nunauthorized SIM card changes on prepaid lines. Also known as SIM\nswapping, unauthorized SIM card changes can allow for the transfer of an\nunsuspecting person\'s phone number to another phone.
\nFrom there, the counterfeit phone can be used to receive SMS messages\nfor password resets and user identification verifications on other\naccounts, giving attackers potential access to any account they have, or\ncan guess, the username for. Consequently, Verizon recommended affected\ncustomers secure their non-Verizon accounts such as social media,\nfinancial, email and other accounts that allow for password resets by\nphone.
\n',391,0,0,'CC-BY-SA','Threat Analysis, Security Breach, Ransomware, Data Breach, TOAD',0,0,1), (3717,'2022-11-01','Video editing with Shotcut on a low end PC',695,'In this episode I explain how I use the shotcut video editor to edit video on a low end PC.','C = copy\nV = paste\nA = duplicate\nX = ripple delete\nCtrl + X = ripple delete but send to clipboard\nS = splitSplits are not fixed and can be adjusted. Once you\'ve split up clips\nand put them in the right order on the timeline you can still adjust the\ncut point even though you previously split the clip because the clip is\nreferenced to the original file in the playlist.
\nHello and welcome Hacker Public Radio audience my name is Mr X\nwelcome to this podcast. As per usual I\'d like to start by thanking the\npeople at HPR for making this podcast possible. HPR is a Community led\npodcast provided by the community for the community that means you can\ncontribute to. The HPR team have gone to great deal of effort to\nsimplify and streamline the process of providing podcasts. There are\nmany ways to record an episode these days using phones tablets PCs and\nalike. The hardest barrier is sending in your first show. Don\'t get too\nhung up about quality, it\'s more important just to send something in.\nThe sound quality of some of my early shows wasn\'t very good. If I can\ndo it anyone can and you might just get hooked in the process.
\nWell it\'s been almost a year since I\'ve sent in a show. Looking at\nthe HPR site my last episode was back in November 2021. I suspect like\nmany others life has become more complicated and I find I have much less\nspare time and because I have much less spare time I have much less time\nto pursue my hobbies and because of this I have less to speak about and\nbecause of this I have less time to record what I\'ve been doing and it\nall turns into to vicious circle. Fortunately I recently had some time\noff work and had a lovely holiday. During the holiday I ended up\nrecording some video which I decided I wanted to edit. I\'ve done some\nvideo editing in the past using various video editing packages. The best\nand most recent of which is shotcut.
\nVideo resolution 1920 x 1080, Codec h264 mpeg-4, Frame rate 30 frames\nper second.
\nComputer Dell Optiplex 780. Fitted with 4 GB of internal RAM and\nonboard video graphics card.
\nShotcut version 22.06.23 Shotcut is a free open-source cross-platform\nvideo editor licenced under the GNU general public licence version\n3.0
\nThis episode will only cover basic shotcut video editing techniques.\nShotcut contains many advanced features and effects that will not be\ncovered in this episode. A lot of the workflow I’ll share with you today\nis intended to get around limitations imposed by my low spec PC
\nI\'ll try my best to cover the video editing process in this podcast\nusing words alone; however I am conscious that an accompanying video\nwould make it easier to follow along.
\nStart by creating a folder to hold all the required media files.\nAudio tracks and sound effects can be added to this folder later. Make\nsure all your video files are using the same frame rate in my case 30\nframes per second.
\nOpen each video file in VLC one at a time going through each video\nfile looking for the best portions of video. Make a note of where the\nbest portions of the video are by writing down the start and end points\nin minutes and seconds.
\nI do this because the interface of VLC is more responsive than\nshortcut and the resolution of displayed video is far greater than the\npreview in shortcut. This makes it quicker and easier to find the best\nportions of video.
\nOpen shortcut and make sure the new project is set to the same frames\nper second as the media files you\'re working with, in my case 30 frames\nper second. You can check the frame rate of your project by looking at\nthe selected video mode in the new projects window. If you select\nautomatic it will ensure the project resolution and frame rate\nautomatically match that of your media files.
\nStart by adding all the video files to the playlist, this can be done\nin a number of ways for example it can be done by clicking on the open\nfile button in the top toolbar or within the open files menu.\nAlternatively you can drag and drop files into the playlist. I find this\nto be the easiest way to add media files to a project. Once this is done\nsave your project.
\nDrag the first file from the Playlist to the timeline making sure\nthat the start of the video starts at 0 seconds.
\nClick on the timeline in the position where the first start point of\ninterest is needed. Use the S key to split the video at this point.\nDon\'t worry about being too accurate as this can be moved at a later\nstage.
\nRepeat this process for the end point of interest.
\nRepeat this again for all the other sections of start and end points\nof interest.
\nRemove the unwanted sections of video by clicking on a section then\nhitting the delete key. This will remove the unwanted section leaving an\nempty space behind.
\nOnce all the unwanted sections are removed click on the sections of\nvideo and pull them to the left to close the gaps up. I find it useful\nto leave some space between the good sections of video as it makes it\neasier to see where splits are and makes it easier later on to rearrange\nthe order of the individual clips.
\nCheck the start and end points of the remaining sections of video to\nsee that the start and end points stop in the correct place. You can do\nthis by clicking the play button on the preview window. The video start\nand end points can be adjusted by dragging the section left or right in\nin the timeline section; this is where leaving spaces Between each\nsection of video can be handy as it allows for fine tuning.
\nAdd a new blank video track to the timeline to hold the next video.\nNote this wasn\'t required when adding the first video track but it is\nneeded for each subsequent track. A video track can be added by right\nclicking on an empty portion of the timeline and selecting add video\ntrack. Alternatively use the ctrl + I key.
\nDrag your second video from the playlist onto the newly created blank\nvideo track in the timeline. As before make sure that the start of the\nvideo starts at 0 seconds.
\nBefore previewing any section of the second video track click the\nsmall eye shaped hide icon in the left section of the first video track\nlabelled output. This will prevent previewing both video tracks at the\nsame time.
\nRepeat the process above of chopping the second video track into\nsections using the S key to split the video up. Remove the unwanted\nsections. Finally adjust the start and end points of the remaining\nsections.
\nRepeat the steps above to add the remaining video files one at a time\nfrom the playlist to the timeline.
\nWhen complete you end up with separate video tracks in the timeline\neach containing good sections of video.
\nAt this stage I can\'t be too specific about how to continue as there\nare a number of different options depending on your particular Project.\nYou can for example start by combining the good sections of video into\none video track by dragging them from one track to another then add if\nrequired an audio track or you can add the audio track first and then\ntry to sync things up to the audio track moving bits and pieces of video\ninto one video track remembering to hide the unwanted sections of video\nby clicking on the small hide eye icons. Don\'t do too much editing\nwithout saving the project. If you get a message about low memory save\nthe project then reopen it.
\nTo export the final video click on the export button in the toolbar.\nI pick the default option, this creates an H.264/AAC MP4 file suitable\nfor most users and purposes. You can check the frame rate is the same as\nyour original media files by clicking on the advanced tab. Click the\nexport file button and give it a file name. It may take some time to\ncreate the export file. This will be dependent on the speed of your\ncomputer and the length and resolution of your project.
\nWhile Shotcut is far from perfect on my puny PC it is surprisingly\nusable and stable and is the best option I’ve found so far.
\nFinally here are some general shotcut tips I have when doing video\nediting on a puny PC with limited ram, slow processor and built in\ngraphics card such as mine.
\nClose all open applications leaving only shortcut open this helps\nwith RAM usage
\nShortcut is surprisingly stable with a feeble PC such as mine. I\nwould still recommend saving your project regularly as it is quick and\nvery easy to do.
\nIf you get a message about running out of RAM then try not to do too\nmuch more editing before saving the project. Once saved close shotcut\nand then reopen it. The longer your project is and the higher your\nproject resolution the more RAM you will need.
\nWhen you are about to export your final video save the project close\nshortcut reopen shotcut and immediately export your project as any\nprevious editing may be taking up precious ram.
\nBe patient when clicking on the timeline to repositioned the play\nhead. Always wait for the preview window to update. This can sometimes\ntake a few seconds.
\nWhen trying to sync video to audio you need to zoom in in quite a\nlong way before getting an audio preview. When doing this and moving the\nplay head you\'ll get a choppy version of the audio with this it is still\nperfectly possible to find the beat of the music allowing you to sync\nyour video to the music. If this doesn\'t seem to work for you then try\nzooming in closer.
\nOk that\'s about it for this podcast. Hope it wasn\'t too boring and it\nmade some sense. If you want to contact me I can be contacted at\nmrxathpr at googlemail.
\nThank you and goodbye.
\n',201,0,0,'CC-BY-SA','workflow, tips, video, editing, application',0,0,1), (3719,'2022-11-03','HPR News',594,'InfoSec; the language of security.','First, authentication. This is the process of verifying the\nvalidity of something; in our case, user credentials/identity. The most\ncommon way to authenticate is: USERNAME and PASSWORD.\nThis is just a single layer (single-factor authentication) and isn’t\nenough to discourage attackers.
Second, 2FA (Two-factor Authentication). 2FA increases the\ndifficulty for attackers by providing users an additional layer of\nsecurity to accomplish authentication. Common 2FA methods are: TOTP/OTP\n(the One Time Password), Authenticator\nApplications (Bitwarden,
Last, but not least, MFA (Multifactor Authentication). Similar to\n2FA, MFA offers users security with the addition of biometrics\n(fingerprint scan, retina scan, facial recognition, and voice\nrecognition). Attackers must overcome the knowledge factor, Possession\nfactor, Inherence/Biometric factor, Time factor, and sometimes Location\nfactor.
MORE helpful security information.
\n2FA/MFA Known Attacks.
\nRight now we are working through a backlog of older episodes that\nhave already been recorded. Once that ends we fully anticipate recording\nnew episodes with listener participation.
\nThank you very much for listening to this episode of the HPR\nAudioBookClub. We had a great time recording this show, and we hope you\nenjoyed it as well. We also hope you\'ll consider joining us next time we\nrecord a new episode. Please leave a few words in the episode\'s comment\nsection.
\nAs always; remember to visit the HPR contribution page HPR could\nreally use your help right now.
\nSincerely, The HPR Audiobook Club
\nP.S. Some people really like finding mistakes. For their enjoyment,\nwe always include a few.
\nThis episode was processed using
We use the \"Truncate Silence\" effect with it\'s default settings to\nminimize the silence between people speaking. When used with it\'s\ndefault (or at least reasonable) settings, Truncate Silence is extremely\neffective and satisfying. It makes everyone sound smarter, it makes the\nfile shorter without destroying actual content, and it makes a\nconversations sound as easy and fluid during playback as it was while it\nwas recorded. It can be even more effective if you can train yourself to\nremain silent instead of saying \"uuuuummmm.\" Just remember to ONLY pass\nthe file through Truncate Silence ONCE. If you pass it through a second\ntime, or if you set it too aggressively your audio may sound sped up and\nchoppy.
\nNext we use the \"Compressor\" effect with the following settings:
\nThreshold: -30db\n\nNoise Floor: -50db\n\nRatio: 3:1\n\nAttack Time: 0.2sec\n\nDecay Time: 1.0 sec`\"Make-up Gain for 0db after compressing\" and \"compress based on\npeaks\" were both left un-checked.
\nAfter compressing the audio we cut any pre-show and post-show chatter\nfrom the file and save them in a separate file for possible use as\nouttakes after the closing music.
\nWe adjust the Gain so that the VU meter in Audacity hovers around\n-12db while people are speaking, and we try to keep the peaks under\n-6db, and we adjust the Gain on each of the new tracks so that all\nvolumes are similar, and more importantly comfortable. Once this is done\nwe can \"Mix and Render\" all of our tracks into a single track for export\nto the .FLAC file which is uploaded to the HPR server.
\nAt this point we listen back to the whole file and we work on the\nshownotes. This is when we can cut out anything that needs to be cut,\nand we can also make sure that we put any links in the shownotes that\nwere talked about during the recording of the show. We finish the\nshownotes before exporting the .aup file to .FLAC so that we can paste a\ncopy of the shownotes into the audio file\'s metadata.
\nAt this point we add new, empty audio tracks into which we paste the\nintro, outro and possibly outtakes, and we rename each track\naccordingly.
\nRemember to save often when using Audacity. We like to save after\neach of these steps. Audacity has a reputation for being \"crashy\" but if\nyou remember save after every major transform, you will wonder how it\never got that reputation.
\n',157,53,1,'CC-BY-SA','Audiobook club, audiobook, fantasy, fiction',0,0,1), (3907,'2023-07-25','My introduction show',1153,'About me and computers','The show notes
\nMy original blog post on this topic:
Make your donations to:
\nhttps://www.paypal.com/paypalme/anthwlock
\nhttps://vcg.isti.cnr.it/~ponchio/untrunc.php
Chat Secure secure XMPP,\nThink of the children!!!
Technology on Barsoom
Deus Ex Machina much???
Names in fantasy books
See\nYou At The Morgue by Lawrence Blochman
\nRight now we are working through a backlog of older episode that have\nalready been recorded. Once that ends we fully anticipate recording new\nepisodes with listener participation.
\nThank you very much for listening to this episode of the HPR\nAudioBookClub. We had a great time recording this show, and we hope you\nenjoyed it as well. We also hope you\'ll consider joining us next time we\nrecord a new episode. Please leave a few words in the episode\'s comment\nsection.
\nAs always; remember to visit the HPR contribution page HPR could\nreally use your help right now.
\nSincerely, The HPR Audiobook Club
\nP.S. Some people really like finding mistakes. For their enjoyment,\nwe always include a few.
\nThis episode was processed using
We use the \"Truncate Silence\" effect with it\'s default settings to\nminimize the silence between people speaking. When used with it\'s\ndefault (or at least reasonable) settings, Truncate Silence is extremely\neffective and satisfying. It makes everyone sound smarter, it makes the\nfile shorter without destroying actual content, and it makes a\nconversations sound as easy and fluid during playback as it was while it\nwas recorded. It can be even more effective if you can train yourself to\nremain silent instead of saying \"uuuuummmm.\" Just remember to ONLY pass\nthe file through Truncate Silence ONCE. If you pass it through a second\ntime, or if you set it too aggressively your audio may sound sped up and\nchoppy.
\nNext we use the \"Compressor\" effect with the following settings:
\nThreshold: -30db\n\nNoise Floor: -50db\n\nRatio: 3:1\n\nAttack Time: 0.2sec\n\nDecay Time: 1.0 sec\"Make-up Gain for 0db after compressing\" and \"compress based on\npeaks\" were both left un-checked.
\nAfter compressing the audio we cut any pre-show and post-show chatter\nfrom the file and save them in a separate file for possible use as\nouttakes after the closing music.
\nWe adjust the Gain so that the VU meter in Audacity hovers around\n-12db while people are speaking, and we try to keep the peaks under\n-6db, and we adjust the Gain on each of the new tracks so that all\nvolumes are similar, and more importantly comfortable. Once this is done\nwe can \"Mix and Render\" all of our tracks into a single track for export\nto the .FLAC file which is uploaded to the HPR server.
\nAt this point we listen back to the whole file and we work on the\nshownotes. This is when we can cut out anything that needs to be cut,\nand we can also make sure that we put any links in the shownotes that\nwere talked about during the recording of the show. We finish the\nshownotes before exporting the .aup file to .FLAC so that we can paste a\ncopy of the shownotes into the audio file\'s metadata.
\nAt this point we add new, empty audio tracks into which we paste the\nintro, outro and possibly outtakes, and we rename each track\naccordingly.
\nRemember to save often when using Audacity. We like to save after\neach of these steps. Audacity has a reputation for being \"crashy\" but if\nyou remember save after every major transform, you will wonder how it\never got that reputation.
\nChat Secure secure XMPP,\nThink of the children!!!
Technology on Barsoom
Deus Ex Machina much???
Names in fantasy books
See\nYou At The Morgue by Lawrence Blochman
\nRight now we are working through a backlog of older episode that have\nalready been recorded. Once that ends we fully anticipate recording new\nepisodes with listener participation.
\nThank you very much for listening to this episode of the HPR\nAudioBookClub. We had a great time recording this show, and we hope you\nenjoyed it as well. We also hope you\'ll consider joining us next time we\nrecord a new episode. Please leave a few words in the episode\'s comment\nsection.
\nAs always; remember to visit the HPR contribution page HPR could\nreally use your help right now.
\nSincerely, The HPR Audiobook Club
\nP.S. Some people really like finding mistakes. For their enjoyment,\nwe always include a few.
\nThis episode was processed using
We use the \"Truncate Silence\" effect with it\'s default settings to\nminimize the silence between people speaking. When used with it\'s\ndefault (or at least reasonable) settings, Truncate Silence is extremely\neffective and satisfying. It makes everyone sound smarter, it makes the\nfile shorter without destroying actual content, and it makes a\nconversations sound as easy and fluid during playback as it was while it\nwas recorded. It can be even more effective if you can train yourself to\nremain silent instead of saying \"uuuuummmm.\" Just remember to ONLY pass\nthe file through Truncate Silence ONCE. If you pass it through a second\ntime, or if you set it too aggressively your audio may sound sped up and\nchoppy.
\nNext we use the \"Compressor\" effect with the following settings:
\nThreshold: -30db\n\nNoise Floor: -50db\n\nRatio: 3:1\n\nAttack Time: 0.2sec\n\nDecay Time: 1.0 sec\"Make-up Gain for 0db after compressing\" and \"compress based on\npeaks\" were both left un-checked.
\nAfter compressing the audio we cut any pre-show and post-show chatter\nfrom the file and save them in a separate file for possible use as\nouttakes after the closing music.
\nWe adjust the Gain so that the VU meter in Audacity hovers around\n-12db while people are speaking, and we try to keep the peaks under\n-6db, and we adjust the Gain on each of the new tracks so that all\nvolumes are similar, and more importantly comfortable. Once this is done\nwe can \"Mix and Render\" all of our tracks into a single track for export\nto the .FLAC file which is uploaded to the HPR server.
\nAt this point we listen back to the whole file and we work on the\nshownotes. This is when we can cut out anything that needs to be cut,\nand we can also make sure that we put any links in the shownotes that\nwere talked about during the recording of the show. We finish the\nshownotes before exporting the .aup file to .FLAC so that we can paste a\ncopy of the shownotes into the audio file\'s metadata.
\nAt this point we add new, empty audio tracks into which we paste the\nintro, outro and possibly outtakes, and we rename each track\naccordingly.
\nRemember to save often when using Audacity. We like to save after\neach of these steps. Audacity has a reputation for being \"crashy\" but if\nyou remember save after every major transform, you will wonder how it\never got that reputation.
\nI\'ve been meaning to put down my thoughts about SystemD for the HPR\ncommunity for some while, so here goes.
\nI want to say that I am not a SystemD hater. When SystemD was a hot\ntopic of debate, many became irrational over it, but I want to start by\nsaying that I don\'t think it\'s a bad technology. I think it is a rather\ngood technology. I just don\'t want it on my personal computer. So I\nwould like to run things down in this order: what is it (as in, what is\nit really,) what makes it a good technology, why I don\'t want it now\n(but might later,) and a few tips for you if you decide that you don\'t\nwant it currently.
\nSystemD Is not an init system. SystemD includes an init system.\nSystemD Init was faster than SysVInit, but SystemD Init isn\'t the\nfastest init system, and SysVInit now has a parallelization helper, at\nleast on Debian.
\nSo, if SystemD Init is not SystemD, than what is SystemD? To\nunderstand this we must first understand something about Linux. Linux\noperates under a model where there are root processes, and there are\nuser processes. These two kinds of processes are usually called\n\"layers.\" SystemD is actually a third layer, that can be called a system\nlayer. So when SystemD is added to a Linux system, that changes the\nsystem so that there are three layers, a root layer, a user layer, and a\nsystem layer. As such, you now ask SystemD to set how the system runs.\nThis is why SystemD includes things like an init system, because if you\nwant to change what the system is running, you ask SystemD to change it.\nSystemD then messages an appropriate system to implement the change,\nlike messaging its init system to bring up or bring down a system\ndaemon. Once you play out this in your head a bit, you really realize\nthat SystemD acts more like a message passing system in this regard.
\nSo why do I say SystemD is a good technology? Because this can\nstandardize system control. Without SystemD a fleet of computers becomes\nlike individual fingerprints or unique snowflakes. If you manage many\ncomputers, as many professional IT people do, you want them to all run\nthe same, all have the same profiles and general configurations. So if\nyou have a bunch of computers you are running, you can run a lot more if\nthey are all run the same way. If your job requires you to run 10,000\nwebservers, you want them to run identically because it is impossible to\nkeep an understanding of 10,000 unique configurations in a human\nhead.
\nSystemD really shines in its support of virtualization as well. So\nto speak of servers, I used to run an email server for a few friends.\nEach of us had a userid and number as unix users. The mapping of unix\nuserids and postfix userids can get confusing when it gets big. Thanks\nto SystemD\'s virtualization work, you can actually put a service like\nemail into a namespace situation so that it has only the users root and\nthe daemon user id (like \"postfix\"), so SystemD greatly enhances\nsecurity for server installations. This might help explain its\ndominance in linux distributions that have been traditionally\nserver-centric, such as debian and redhat.
\nSo why don\'t I don\'t want it? Well, I\'ve been doing a lot of talking\nabout professional computer work and corporate work environments, but I\nuse a \"Personal Computer\" as a hobby. I\'ve been out-of-industry for\ndecades now. And when I say \"Personal Computer\" I\'m not talking a\nhardware specification, rather I\'m talking about \"This is my personal\ncomputer where I do things my way, as opposed to my work computer where\nI do things my companies way\". Dear listener, please remember that I did\nthe first community show contribution to HPR, and my topic was about\npersonalization. For me, a hobbyist interested in operating system\nexperimentation, I don\'t want a system layer, I want a traditional\nunix-like system that operates on a two-layer model and does things my\nway, nobody else\'s way.
\nSo, what advice can I give to those who don\'t want SystemD now? Well,\nrecently I\'ve left Debian. Debian, you see, supports init system\ndiversity, but as you now know dear listener, that is different than\nbeing without SystemD. You may have heard that SystemD is\nlinux-specific, that is to say that it runs only on linux, not anything\nlike a BSD system or a Windows system. But you may be curious to know\nthat it is also Gnu-libC specific. Which means that the C compiler must\nuse GNU\'s libC standard library. Thus, if you have a system built around\nthe Musl C standard library like Alpine or Void, or a system like\nAndroid that runs on the Bionic C Standard library, you wont have a\nSystemD system. I\'m personally learning Void as its package manager\nsupports both binary and a ports collection much like the BSD\'s. But\nthat is what I\'m doing on my personal computer, I leave you in the\nfreedom to do things your way on your personal computer!
\n\n',73,99,0,'CC-BY-SA','systemd,linux',0,0,1), (3904,'2023-07-20','How to make friends',2861,'This topic is being actively researched. Not for production use.','Show notes
\nNo clear mark of when friendship starts
\noften feels \"right\" when mutual
\nto some people friendship is a persistent state. once you have it, it's forever unless explicitly dissolved.
\nfor other people, it's something requiring maintenance. arguable this suggests that there are degrees of friendship, based on when you last spoke to one another.
\ndegrees of friendship also suggests progression. friend → close friend → best friend.
\nfriendship requires communication.
\nstart by communicating in some way that makes the other person feel not unpleasant
\nyou're not supposed to target a friend. this can be a frustrating rule, because if you're trying to make a friend, you have to target somebody, but the general consensus is that you're not supposed to \"try too hard\". target lots of people in the hopes of stumbling across somebody to befriend.
\ncomplimenting something they have done, even if it's something simple like wearing a cool shirt, is a very easy start
\nfinding ground common allows for repeated communication
\nrepetition of this is what builds friendship. this is why friendships often develop at work, but can dissolve quickly after a job change.
\nthe situation matters. chatting with someone who's being paid to interact with you, like somebody working at a store, doesn't count because in context they more or less cannot choose to stop communicating with you until you leave the store. chatting with someone who has anything to gain by chatting with you doesn't count (like an intern at work).
\nto speed up a developing friendship, you can invite the person to interact with you on something with a clearly defined goal. You like coding? I like coding! Would you care to collaborate for 4 hours on a script that would help me find my Raspberry Pi on my network?
\nduring the activity, continue to communicate. this can be difficult because you're doing an activity that you both claim to enjoy, so in theory the activity should be sufficient to further the friendship. However, the activity doesn't build the friendship, it only builds a partnership. It's the communication that builds friendship.
\nunfortunately, there's no clear point during this process at which you know you have made a friend. so you have to define what a friend is, to you, and then work toward that goal.
\nHere are some examples of definitions for friendship. There is no right or wrong here, it's really just setting your own expectations and requirements:
\nA friend is someone to hang out with on sundays.
\nA friend is someone I can call when I've got some free time to kill.
\nA friend is someone I can play video games with online.
\nA friend is someone I can call, day or night, when I need help.
\nA friend is someone who has come over for dinner, and has met my family, and who I see at least once a month.
\nThere's no official definition, so you must define it yourself.\nYour definition may differ from the other person's definition.\nYou might say \"we are best friends\" but they might say \"no, I already have a best friend, but you're a good friend\" and THAT'S OK.
\nIf it helps, classify what kinds of friends you have so you understand what kinds of relationships you are maintaining.\nCommunicate with your friends, even if it's only to let them know that you're bad at communicating on a regular basis, or ask them how frequently they need to communicate to maintain a healthy friendship.
\n',78,108,0,'CC-BY-SA','autism,friendship,relationship,social engineering',0,0,1), (3905,'2023-07-21','Presenting Fred Black',1105,'I have a short talk to present Fred Black.','Since some of the information you are about to hear is time specific,\nI want to let you know that I am recording this near the end of November\nin 2023.
\nWhichever holidays you celebrate this time of year, life generally\ngets busy and stressful.
\nIt could be shopping
\nor cooking
\nor cleaning
\nor school activities
\nor buying, assembling, wrapping, and delivering gifts
\nor planning time with family
\nor dealing with visiting family
\nor scheduling time off from work
\nor managing extra work while others have scheduled time off
\nor a whole plethora of other things.
\nThis time of year can be stressful.
A few years ago, I discovered a fun activity, which challenged my\nmind and helped me focus and detach from the stress for a little while\neach day, through the month of December. It helped me manage the stress\nin an enjoyable way.
\nSince then, I have found and tried several other similar activities,\nso I wanted to share a little about them with you for the next few\nepisodes so you can see what might work for you.
\nThe first I would like to share is called the Advent of Code\nChallenge (https://adventofcode.com/). In HPR episodes 2973 (
But the TLDR (Or maybe the TLDL -- Too Long Didn\'t Listen?) for\nAdvent of Code is that it is a 25 day challenge which begins on December\n1. Once you register at adventofcode.com, Each day, you will be\npresented with a problem to solve and some sample data to use for\nverification that your program works. You can choose to use any\nprogramming language or application you desire produce the answer. Last\nyear, I used this to brush up on my Python skills. Others use Visual\nBasic, C (and all its variants), Rust, Go, etc. I have seen people use\nCobol, Fortran, and Pascal, or even Microsoft Excel. It is really up to\nyou. You are then presented a dataset which is unique to your login, and\nagainst which you run your code. When complete, you submit the answer\ncame up with on the adventofcode.com web site and they will tell you if\nyou are correct or not.
\nIf you are competitive (And REALLY GOOD) there is a Global\nLeaderboard. If you want to compete with a group of friends, you can\nbuild your own leaderboard and invite others to take part with you.
\nThere are tons of resources online, from youtube channels to reddit\n(https://www.reddit.com/r/adventofcode/), to Discord (
So, if you are looking for a way to challenge your mind and detach\nfrom holiday stress, Advent of Code may be something you might try.
\nIf this is not your cup of tea, I will be sharing several other\noptions for holiday challenges in future episodes.
\n',394,0,0,'CC-BY-SA','Advent of Code, holiday, challenge',0,0,1), (3999,'2023-11-30','Holiday Challenges Series Ep 02 TryHackMe Advent of Cyber Challenge',183,'Discussing the TryHackMe Advent of Cyber challenge to help you enjoy the holiday season','Since some of the information you are about to hear is time specific,\nI want to let you know that I am recording this near the end of November\nin 2023.
\nIf you missed the first episode, which introduces this series, you\ncan go back and listen to HPR3996
\nI have been using TryHackMe for several years, and I recommend it to\nall of my students. It is a great environment where people can get hands\non experience with technology that relates to cyber security, all from\nthe comfort of their browser and free year-round.
\nThe TryHackMe Advent of Cyber challenge is a free gamified\nenvironment which focuses on penetration testing, security\noperations/engineering, forensics/incident response, malware analysis,\nmachine learning, and more!
\nThis year\'s challenge opens on December 1, 2023 (Which is the reason\nwhy I am posting twice this week). Typically, the Advent of Cyber\nchallenge includes daily beginner-friendly exercises for people new to\ncybersecurity. These can consist of walkthroughs, video tutorials, and\nchallenges. There are also prizes available based on random drawings and\non participant success.
\nInfosec personalities like John Hammond, Gerald Auger, InsiderPHD,\nand InfoSec Pat are featured in this year\'s challenge.
\nYou can play with last year\'s Advent of Cyber challenge by visiting\nhttps://tryhackme.com/room/adventofcyber4. It outlines\nthe overall story and shows all of the tasks last year\'s participants\nexperienced, including both offensive and defensive topics like: log\nanalysis, OSINT, scanning, brute force attacks, email analysis,\nCyberChef, blockchain smart contracts, malware analysis, memory\nforensics, packet analysis, web application hacking, and more!
\nEverything can be done with a free account from within a browser.
\nIf you want to learn more about cybersecurity, transition your career\ninto infosec, or just have fun playing with cyber challenges, you can\ngive it a try by visiting tryhackme.com or
Please note: I am not affiliated with TryHackMe in any way, other\nthan having been a paying member for many years. Students and others who\nhave participated in previous year\'s Advent of Cyber challenges have\ntold me how much they enjoyed it and learned from it. Even though I have\nbeen an infosec practitioner for more years than I would like to admit,\nI also have enjoyed taking part in this challenge.
\nIf this is not for you, I will be sharing another option for a\nholiday challenge in my next episode.
\n',394,0,0,'CC-BY-SA','Advent of Cyber, TryHackMe, Hands on, cyber, cybersecurity, infosec, holiday, challenge',0,0,1), (4006,'2023-12-11','Holiday Challenges Ep 3 SANS Holiday Hack Challenge & KringleCon',160,'Discussing the SANS Holiday Hack Challenge & KringleCon to help you enjoy the holiday season','Since some of the information you are about to hear is time specific,\nI want to let you know that I am recording this near the end of November\nin 2023.
\nIf you missed the first episode, which introduces this series, you\ncan go back and listen to HPR3996
\nThe SANS Holiday Hack Challenge is an interactive online technology\nand hacking game combined with a virtual security conference, beginning\nin the second week of December. By the time this episode drops, it may\nalready be live. You can tour the North Pole conference facilities,\nmeeting people, interactive non-player characters (NPC), and maybe even\nsome villains from Holiday Hack Challenges past, as you solve problems\nand gather clues which you use to help save Christmas.
\nEverything can be done from within the browser, and did I mention\nthere is a virtual security conference, called KringleCon? Some of the\nbiggest rock stars (and most humble and brilliant people) in\nCyberSecurity speak each year at KringleCon. Many of their talks also\nprovide clues to solving game challenges.
\nEd Skoudis and his team (The same people who build SANS NetWars) work\ntirelessly year after year to create the most amazing experience,\ncomplete with custom music! This has become one of my favorite holiday\ntraditions each year. You can learn more about the 2023 challenge by\nwatching Ed\'s Inside SANS Holiday Hack Challenge 2023 YouTube video at\nhttps://www.youtube.com/watch?v=X9Gmdr_CxzQ
\nYou can access this year\'s challenge by visiting sans.org/holidayhack\nor https://www.sans.org/mlp/holiday-hack-challenge-2023/
\nThere, you will learn more about all things Holiday Hack before the\ngame opens in the second week of December. If you want to play now, or\njust get a feel for it, you can access three of the previous years\'\nchallenges right now at the same site.
\nI am not associated with SANS or the Holiday Hack Challenge in any\nway, other than to have participated for several years now, and I have\nwatched other people learn and grow by taking part in it.
\nI hope that you have enjoyed this short series. If there are other\nonline challenges you find interesting or informative, I encourage you\nto record a show about them.
\nHave a wonderful day.
\n',394,0,0,'CC-BY-SA','SANS, KringleCon, holiday, challenge',0,0,1), -(3997,'2023-11-28','The Oh No! News.',875,'Sgoti talks about Malware distributed via Google\'s Dynamic Ads and more.','Source:
\n
Supporting Source:
\n
Source:
\n
Source:
\n
Source:
\n
Source:
\n
Supporting Source:
\n
Source:
\n
Source:
\n
Source:
\n
Tags: Reply show, password managers, lastpass.
Reply to:
\n
Supporting Source:
\n
Supporting Source:
\n
Supporting Source:
\n
Reply to:
\n
Reply to:
\n
Source:
\n
Source:
\n
This work is licensed under a