2.5 Admins

We didn’t get to all of your questions for our Episode 200 free consulting special so here is another full episode of your questions and our answers. Our thoughts on a new UK smart devices law, backing up 30TB off-site, how to learn ZFS, SMB vs other ways to share files, and backing up secrets.   Smart devices: new law helps citizens to choose secure products FreeBSD Mastery: ZFS FreeBSD Mastery: Advanced ZFS           1Password Extended Access Management: Secure every sign-in for every app on every device. Support the show and check it out at 1password.com/25a   Support us on patreon and get an ad-free RSS feed with early episodes sometimes         See our contact page for ways to get in touch.  

Why we didn’t mention pocket fluff when we talked about USB-C charging issues, Microsoft abandons its promising underwater data center experiment and didn’t monitor it’s SSL certs, why you should be careful which WordPress plugins and themes you install,an Australian ISP’s tech debt comes due, and remoting into desktop Linux.   Plug Support us on patreon and get an ad-free RSS feed with early episodes sometimes     News Microsoft ends Project Natick underwater data center experiment despite success Microsoft declares its underwater data center test was a success Shouting in the Datacenter Backdoor slipped into multiple WordPress plugins in ongoing supply-chain attack Coding error in forgotten API blamed for massive data breach Microsoft hits snooze again on security certificate renewal     Free Consulting We were asked about remoting into desktop Linux. NoMachine                   See our contact page for ways to get in touch.  

Vulnerabilities in Asus hardware make us think there should be some regulations about what can be sold as a router, a VPN feature that we hadn’t heard of is removed from Windows, and why we don’t believe that Microsoft will ever take security as seriously as they claim.   Plug Support us on patreon and get an ad-free RSS feed with early episodes sometimes   News/discussion High-severity vulnerabilities affect a wide range of Asus router models Dear Asus router user: You’ve been pwned, thanks to easily exploited flaw Microsoft to remove DirectAccess from Windows, recommends switching to Always On VPN Microsoft fixes hack-me-via-Wi-Fi Windows security hole CVE-2024-30078 Microsoft in damage-control mode, says it will prioritize security over AI Pluralistic: Microsoft pinky swears that THIS TIME they’ll make security a priority             Tailscale Tailscale is an easy to deploy, zero-config, no-fuss VPN that allows you to build simple networks across complex infrastructure. Go to tailscale.com/25a and try Tailscale out for free for up to 100 devices and 3 users, with no credit card required.   Automox Check out the brand new Autonomous IT podcast. Listen in as a variety of experts in the IT Operations space discuss the latest Patch Tuesday releases, mitigation tips, and custom automations to help with CVE remediations. Listen now on Spotify, Apple, or wherever you get your podcasts.             See our contact page for ways to get in touch.  

It’s our episode 200 free consulting special. Jim and Allan answer your questions about hard drive availability, USB-C robustness, ZFS performance on a VPS, cold storage with a 2.5″ form factor, how we gained our level of knowledge, disk enclosure issues, and monitoring Windows servers.             Tailscale Tailscale is an easy to deploy, zero-config, no-fuss VPN that allows you to build simple networks across complex infrastructure. Go to tailscale.com/25a and try Tailscale out for free for up to 100 devices and 3 users, with no credit card required.   1Password Extended Access Management: Secure every sign-in for every app on every device. Support the show and check it out at 1password.com/25a             See our contact page for ways to get in touch.  

How to prepare for your loved ones to have the access they need if the worst unexpectedly happens, Joe’s weird issues with wireless access points, and dealing with email accounts that shouldn’t exist.   Plug Support us on patreon and get an ad-free RSS feed with early episodes sometimes   News/discussion After you die, your Steam games will be stuck in legal limbo EAP225 AC1350 wireless access point   Free Consulting We were asked about dealing with email accounts that shouldn’t exist.           Tailscale Tailscale is an easy to deploy, zero-config, no-fuss VPN that allows you to build simple networks across complex infrastructure. Go to tailscale.com/25a and try Tailscale out for free for up to 100 devices and 3 users, with no credit card required.   1Password Extended Access Management: Secure every sign-in for every app on every device. Support the show and check it out at 1password.com/25a         See our contact page for ways to get in touch.  

Microsoft is tightening up SMB security in Windows which might break access to your old NAS, a Cogent root-server mysteriously goes out of sync without them spotting it, and protecting hard drives from electromagnetic pulses.   Plug Support us on patreon and get an ad-free RSS feed with early episodes sometimes   News Installing Windows 11 24H2 might mean binning that old NAS A root-server at the Internet’s core lost touch with its peers. We still don’t know why   Free Consulting We were asked about protecting hard drives from electromagnetic pulses.             Tailscale Tailscale is an easy to deploy, zero-config, no-fuss VPN that allows you to build simple networks across complex infrastructure. Go to tailscale.com/25a and try Tailscale out for free for up to 100 devices and 3 users, with no credit card required.             See our contact page for ways to get in touch.  

Linux kernel developers were infected with malware for 2 years, another nail in the coffin of proper federated email as Exchange Server moves to a subscription model, followup on zfsbootmenu and IPv6, and learning unfamiliar topics.   Plug Support us on patreon and get an ad-free RSS feed with early episodes sometimes   News/discussion Linux maintainers were infected for 2 years by SSH-dwelling backdoor with huge reach Exchange Server SE to debut just before 2019 support ends Newbie struggling with zfsbootmenu   Free Consulting We were asked about learning unfamiliar topics.             Tailscale Tailscale is an easy to deploy, zero-config, no-fuss VPN that allows you to build simple networks across complex infrastructure. Go to tailscale.com/25a and try Tailscale out for free for up to 100 devices and 3 users, with no credit card required.             See our contact page for ways to get in touch.  

Microsoft’s new Copilot+ feature will record everything you are doing on your computer for some reason, but it will only work on new Arm hardware for now. Plus Apple’s weird iOS bug that restored deleted files and photos, and sharing files over the Internet from a NAS on your LAN.   Plugs Support us on patreon and get an ad-free RSS feed with early episodes sometimes Allan was on Linux Dev Time   News New Windows AI feature records everything you’ve done on your PC Microsoft’s “Copilot+” AI PC requirements are embarrassing for Intel and AMD Apple needs to explain that bug that resurfaced deleted photos   Free Consulting We were asked about sharing files over the Internet from a NAS on your LAN.             Tailscale Tailscale is an easy to deploy, zero-config, no-fuss VPN that allows you to build simple networks across complex infrastructure. Go to tailscale.com/25a and try Tailscale out for free for up to 100 devices and 3 users, with no credit card required.   Automox Check out the brand new Autonomous IT podcast. Listen in as a variety of experts in the IT Operations space discuss the latest Patch Tuesday releases, mitigation tips, and custom automations to help with CVE remediations. Listen now on Spotify, Apple, or wherever you get your podcasts.             See our contact page for ways to get in touch.  

Why Windows 10 might be gaining users at Windows 11’s expense, an old DHCP option is a potential risk for VPN users, we should probably say “renting” rather than “buying”domains, and avoiding tracking when using IPv6.   Plugs Support us on patreon and get an ad-free RSS feed with early episodes sometimes Jim was on Late Night Linux again   News Has Windows 11 really lost marketshare to Windows 10? Novel attack against virtually all VPN apps neuters their entire purpose   Free Consulting We were asked about avoiding tracking when using IPv6.           Tailscale Tailscale is an easy to deploy, zero-config, no-fuss VPN that allows you to build simple networks across complex infrastructure. Go to tailscale.com/25a and try Tailscale out for free for up to 100 devices and 3 users, with no credit card required.   Kolide Kolide ensures that if a device isn’t secure it can’t access your apps. It’s Device Trust for Okta. Visit kolide.com/25a to learn more.         See our contact page for ways to get in touch.  

Mastodon’s link previews are causing downtime for web servers without properly configured caching, locking down DNS inside Windows networks, why using write-once backup media is a bad idea, and increasing the performance of a Microsoft SQL Server with SSDs and ZFS.   Plugs Support us on patreon and get an ad-free RSS feed with early episodes sometimes Jim was on Late Night Linux   News Mastodon delays firm fix to solve link preview DDoS Mastodon Is DDoSing Me Microsoft plans to lock down Windows DNS like never before     Free Consulting We were asked about write-once backup media, and increasing the performance of a Microsoft SQL Server with SSDs and ZFS.           Tailscale Tailscale is an easy to deploy, zero-config, no-fuss VPN that allows you to build simple networks across complex infrastructure. Go to tailscale.com/25a and try Tailscale out for free for up to 100 devices and 3 users, with no credit card required.             See our contact page for ways to get in touch.  

How a smart TV broke a Windows machine on the same network by pretending to be hundreds of different TVs, Jim’s alarming theory about AI malware, and encrypting offsite backups.   Plug Support us on patreon and get an ad-free RSS feed with early episodes sometimes   News/discussion Is your PC having trouble? Your smart TV might be to blame   Free Consulting We were asked about encrypting offsite backups.           Tailscale Tailscale is an easy to deploy, zero-config, no-fuss VPN that allows you to build simple networks across complex infrastructure. Go to tailscale.com/25a and try Tailscale out for free for up to 100 devices and 3 users, with no credit card required.   Kolide Kolide ensures that if a device isn’t secure it can’t access your apps. It’s Device Trust for Okta. Visit kolide.com/25a to learn more.           See our contact page for ways to get in touch.  

ZFS on root is back in the Ubuntu installer but there’s a better way to do it, next-generation hard drives are proving to be reliable but prices are going up thanks to storage-hungry AI, why getting started with ZFS is really easy, and the best filesystem for a single SSD (take a guess).   Plugs Support us on patreon and get an ad-free RSS feed with early episodes sometimes How to upstream code to open source projects   News Ubuntu 24.04 Supports Easy Installation Of OpenZFS Root File-System With Encryption After years of testing, Seagate claims its heat-assisted HAMR drives are as reliable as traditional PMR storage Seagate makes HDD price hikes, says AI caused demand spike   Free Consulting We were asked about learning ZFS, and which filesystem to use for a single SSD.           Tailscale Tailscale is an easy to deploy, zero-config, no-fuss VPN that allows you to build simple networks across complex infrastructure. Go to tailscale.com/25a and try Tailscale out for free for up to 100 devices and 3 users, with no credit card required.             See our contact page for ways to get in touch.  

Why updating iPhones in their sealed boxes might have some downsides, Amazon’s “AI” turned out to just be people, LLMs hallucinating imaginary dependencies is potentially a security risk, Aruba backs up its government data to the Internet Archive, and disk queue schedulers in Linux.   Plug Support us on patreon and get an ad-free RSS feed with early episodes sometimes   News/discussion Here’s our first look at Apple’s in-the-box iPhone updating machine Amazon Ditches ‘Just Walk Out’ Checkouts at Its Grocery Stores AI bots hallucinate software packages and devs download them Caribbean nation of Aruba backs itself up to Internet Archive   Free Consulting We were asked about disk queue schedulers in Linux.             Tailscale Tailscale is an easy to deploy, zero-config, no-fuss VPN that allows you to build simple networks across complex infrastructure. Go to tailscale.com/25a and try Tailscale out for free for up to 100 devices and 3 users, with no credit card required.             See our contact page for ways to get in touch.  

A backdoor has been found in xz-utils, OpenZFS improves ZVOL performance on Linux, Twitter devs fail at regex, and adding SATA ports to a home NAS.   Plug Support us on patreon and get an ad-free RSS feed with early episodes sometimes Hybrid Cloud Show is a new show that’s part of the Late Night Linux Family!   News backdoor in upstream xz/liblzma leading to ssh server compromise OpenZFS Merges Support For Using Multiple Task Queues To Increase Performance for zvols X fixes URL blunder that could enable social media phishing   Free Consulting We were asked about adding SATA ports to a home NAS.             Tailscale Tailscale is an easy to deploy, zero-config, no-fuss VPN that allows you to build simple networks across complex infrastructure. Go to tailscale.com/25a and try Tailscale out for free for up to 100 devices and 3 users, with no credit card required.             See our contact page for ways to get in touch.  

Glassdoor seemingly doesn’t understand its raison d’etre, Telegram wants to cheap out on sending verification codes, law enforcement makes YouTube give them details of everyone who watched certain videos, and tuning a low end VPS to host a blog.   Plug Support us on patreon and get an ad-free RSS feed with early episodes sometimes   News/discussion Users ditch Glassdoor, stunned by site adding real names without consent Telegram’s Peer-to-Peer Login system is a risky way to save $5 a month Feds Ordered Google To Unmask Certain YouTube Users   Free Consulting We were asked about tuning a low end VPS to host a blog.           Tailscale Tailscale is an easy to deploy, zero-config, no-fuss VPN that allows you to build simple networks across complex infrastructure. Go to tailscale.com/25a and try Tailscale out for free for up to 100 devices and 3 users, with no credit card required.   Kolide Kolide ensures that if a device isn’t secure it can’t access your apps. It’s Device Trust for Okta. Visit kolide.com/25a to learn more.           See our contact page for ways to get in touch.  

The FreeBSD version of TrueNAS is going away, a major Apple antitrust case begins, encrypted LLM chat responses are relatively easy to read, and scaling a fleet of FreeBSD hosts with jails.   Plug Support us on patreon and get an ad-free RSS feed with early episodes sometimes   News TrueNAS CORE 13 is the end of the FreeBSD version zVault Apple’s antitrust fight begins US DOJ’s blockbuster lawsuit against Apple is headline grabber but poses limited near-term impact Hackers can read private AI-assistant chats even though they’re encrypted   Free Consulting We were asked about scaling a fleet of FreeBSD hosts with jails. Cluster provisioning with Nomad and Pot on FreeBSD             See our contact page for ways to get in touch.  

Prison officials took away inmate student laptops for no good reason, Warner Bros. ruined gamers’ experiences, Google’s terrible office WiFi, and managing gold images.   Plug Support us on patreon and get an ad-free RSS feed with early episodes sometimes   News/discussion An engineer bought a prison laptop on eBay. Then 1,200 incarcerated students lost their devices Devs left with tough choices as Warner Bros. ends all Adult Swim Games downloads Google’s self-designed office swallows Wi-Fi “like the Bermuda Triangle”   Free Consulting We were asked about managing gold images.             See our contact page for ways to get in touch.  

Roku stops its users watching TV until they accept a new ToS, the line between journalism and computer fraud and abuse, and when using jumbo frames on a network makes sense.   Plug Support us on patreon and get an ad-free RSS feed with early episodes sometimes   News Roku disables players and TVs with attempt to coerce arbitration agreement Over 15,000 hacked Roku accounts sold for 50¢ each to buy hardware Op-ed: Charges against journalist Tim Burke are a hack job     Free Consulting We were asked about using jumbo frames on a network.           Kolide Kolide ensures that if a device isn’t secure it can’t access your apps. It’s Device Trust for Okta. Visit kolide.com/25a to learn more.           See our contact page for ways to get in touch.  

The boss of Nvidia says kids don’t need to code because they can just use AI, companies sell their users’ data to train models, and why 2.5Gbps networking probably isn’t worth bothering with.   Plug Support us on patreon and get an ad-free RSS feed with early episodes sometimes   News/discussion Jensen Huang says kids shouldn’t learn to code — they should leave it up to AI Google cut a deal with Reddit for AI training data Tumblr and WordPress to Sell Users’ Data to Train AI Tools   Free Consulting We were asked about adding 2.5Gbps gear to your network.         Kolide Kolide ensures that if a device isn’t secure it can’t access your apps. It’s Device Trust for Okta. Visit kolide.com/25a to learn more.           See our contact page for ways to get in touch.  

More cameras leak footage, Avast is fined for selling user data, a vending machine quietly scans students’ faces, using a small NVMe drive with ZFS, and taking snapshots of VMs.   Plug Support us on patreon and get an ad-free RSS feed with early episodes sometimes   News “So violated”: Wyze cameras leak footage to strangers for 2nd time in 5 months Avast fined $16.5 million for ‘privacy’ software that actually sold users’ browsing data Vending machine error reveals secret face image database of college students   Free Consulting We were asked about using a small NVMe drive with ZFS, and taking snapshots of VMs.       Automox Check out the brand new Autonomous IT podcast. Listen in as a variety of experts in the IT Operations space discuss the latest Patch Tuesday releases, mitigation tips, and custom automations to help with CVE remediations. Listen now on Spotify, Apple, or wherever you get your podcasts.         See our contact page for ways to get in touch.  

Why it’s not a great idea to install Windows 11 on unsupported hardware, quantum computing hype has been replaced by AI, toothbrushes can’t be part of a botnet, Google has killed cached search results, and testing your backups.   Plugs Support us on patreon and get an ad-free RSS feed with early episodes sometimes   News/discussion Windows 11 24H2 goes from “unsupported” to “unbootable” on some older PCs Investors threw 50% less money at quantum sector last year Viral news story of botnet with 3 million toothbrushes was too good to be true Google has killed cached results in search   Free Consulting We were asked about testing your backups.         Kolide Kolide ensures that if a device isn’t secure it can’t access your apps. It’s Device Trust for Okta. Visit kolide.com/25a to learn more.   Automox Check out the brand new Autonomous IT podcast. Listen in as a variety of experts in the IT Operations space discuss the latest Patch Tuesday releases, mitigation tips, and custom automations to help with CVE remediations. Listen now on Spotify, Apple, or wherever you get your podcasts.         See our contact page for ways to get in touch.  

Nginx is forked, Broadcom/VMware kills ESXi, dedup is finally fixed in ZFS, using multiple network interfaces on a NAS, and more.   Plugs Support us on patreon and get an ad-free RSS feed with early episodes sometimes   News announcing freenginx.org Broadcom-owned VMware kills the free version of ESXi virtualization software OpenZFS Native Encryption Use Raises Data Corruption Concerns Fast Dedup is a Valentines Gift to the OpenZFS and TrueNAS Communities   Free Consulting We were asked about using multiple network interfaces on a NAS.         Kolide Kolide ensures that if a device isn’t secure it can’t access your apps. It’s Device Trust for Okta. Visit kolide.com/25a to learn more.           See our contact page for ways to get in touch.  

Trying to report a security issue lands a consultant in trouble, a new take on the drop shipping scam, setting up your first NAS – including the benefits of RAID, picking a distro, choosing the right disk size, and more.   Plug Support us on patreon and get an ad-free RSS feed with early episodes sometimes   News/discussion IT consultant in Germany fined for exposing shoddy security Canadian Man Stuck in Triangle of E-Commerce Fraud ICANN proposes creating .INTERNAL domain   Free Consulting We were asked about setting up your first NAS – including the benefits of RAID, picking a distro, and choosing the right disk size. Building Your Own FreeBSD-based NAS with ZFS Part 2: Tuning Your FreeBSD Configuration for Your NAS 3.5″ internal drives sorted by price/TB         See our contact page for ways to get in touch.  

Microsoft’s rudimentary error that allowed an attacker access to its executives’ emails, Pixel phones have another serious storage bug, hidden malware payload found at Ars Technica, and when to upgrade your hardware for Windows 11.   Plugs Support us on patreon and get an ad-free RSS feed with early episodes sometimes BSDCan 2024 – Call for papers   News In major gaffe, hacked Microsoft test account was assigned admin privileges Pixel phones are broken again with critical storage permission bug Ars Technica used in malware campaign with never-before-seen obfuscation   Free Consulting We were asked about when to upgrade your hardware for Windows 11.           See our contact page for ways to get in touch.  

Y2K was a pretty serious problem and 2038 is coming soon, work on Arm servers is improving the experience on the desktop, and what to do with an old unsupported Synology NAS.   Plugs Support us on patreon and get an ad-free RSS feed with early episodes sometimes OpenZFS Best Practices: Part 2: File Serving and SANs   News/discussion The ‘nothing-happened’ Y2K bug – and how IT squashed it What I learned from using a Raspberry Pi 5 as my main computer for two weeks   Free Consulting We were asked about what to do with an old unsupported Synology NAS. Xpenology How can I use a PC to recover data when my Synology NAS malfunctions?           Automox Check out the brand new Autonomous IT podcast. Listen in as a variety of experts in the IT Operations space discuss the latest Patch Tuesday releases, mitigation tips, and custom automations to help with CVE remediations. Listen now on Spotify, Apple, or wherever you get your podcasts.         See our contact page for ways to get in touch.  

Hard drives are pretty much an enterprise product now, GitHub’s malware problem, and spreading services across different machines and VMs to keep downtime to a minimum.   Plugs Support us on patreon and get an ad-free RSS feed with early episodes sometimes OpenZFS Storage Best Practices and Use Cases Part 1: Snapshots and Backups   News Hard disk drives are next in line to become mostly enterprise hardware — as Nvidia (and AMD) could be planning to focus on AI, leaving consumers as second-class citizens Seagate unveils 30 TB+ Exos HAMR disk drives – Blocks and Files Miscreants absolutely love using GitHub to sling malware Flying Under the Radar: Abusing GitHub for Malicious Infrastructure   Free Consulting We were asked about spreading services across different machines and VMs to keep downtime to a minimum.       Kolide Kolide ensures that if a device isn’t secure it can’t access your apps. It’s Device Trust for Okta. Visit kolide.com/25a to learn more.   Automox Check out the brand new Autonomous IT podcast. Listen in as a variety of experts in the IT Operations space discuss the latest Patch Tuesday releases, mitigation tips, and custom automations to help with CVE remediations. Listen now on Spotify, Apple, or wherever you get your podcasts.         See our contact page for ways to get in touch.  

Why the problems with open source licenses aren’t quite as easy to fix as some people think, the reasons you should never pay ransomware gangs, and running a Nagios distro on a Raspberry Pi.   Plug Support us on patreon and get an ad-free RSS feed with early episodes sometimes   News/discussion What comes after open source? Bruce Perens is working on it A tale of 2 casino ransomware attacks: One paid out, one did not The State of Ransomware in the U.S.: Report and Statistics 2023   Free Consulting We were asked about running a Nagios distro on a Raspberry Pi. NEMS Linux         Automox Check out the brand new Autonomous IT podcast. Listen in as a variety of experts in the IT Operations space discuss the latest Patch Tuesday releases, mitigation tips, and custom automations to help with CVE remediations. Listen now on Spotify, Apple, or wherever you get your podcasts.       See our contact page for ways to get in touch.  

What does “incognito mode” in Chrome actually mean and whether documenting browser standards in code is a good idea, the serious implications of a fun story about messing with a ChatGPT instance, and maximizing performance when using mixed disk types on ZFS mirrored vdevs.   Plug Support us on patreon and get an ad-free RSS feed with early episodes sometimes   News Google agrees to settle Chrome incognito mode class action lawsuit I’d Buy That for a Dollar: Chevy Dealership’s AI Chatbot Goes Rogue   Free Consulting We were asked about maximizing performance when using mixed disk types on ZFS mirrored vdevs.           See our contact page for ways to get in touch.  

Twitch pulls out of Korea thanks to the opposite of Net Neutrality, it’s not clear to what extent smart devices are listening to your conversations, more on water usage in data centers, and our thoughts on mandatory access controls.   Plug Support us on patreon and get an ad-free RSS feed with early episodes sometimes   News Twitch to shut down in Korea over ‘prohibitively expensive’ network fees Marketer sparks panic with claims it uses smart devices to eavesdrop on people   Free Consulting We were asked for our thoughts on mandatory access controls.         Kolide Kolide ensures that if a device isn’t secure, it can’t access your apps. It’s Device Trust for Okta. Watch the demo today to see how it works at kolide.com/25a         See our contact page for ways to get in touch.  

What you need to know about the recent SSH vulnerability, yet another privacy issue with cloud-connected security cameras, why it’s difficult to get to the bottom of an obscure ZFS encryption bug, and more.   Plug Support us on patreon and get an ad-free RSS feed with early episodes sometimes   News SSH protects the world’s most sensitive networks. It just got a lot weaker UniFi devices broadcasted private video to other users’ accounts   Free Consulting We were asked about the state of ZFS encryption, and Syncoid snapshots.           See our contact page for ways to get in touch.  

Google Drive client users lost months of files, a feature of UEFI that has left millions of computers potentially vulnerable to persistent malware, and why you probably shouldn’t buy cheap resold volume Windows licenses.   Plugs Support us on patreon to get ad-free episodes that are sometimes a day or so early.   News/discussion Google Drive users say Google lost their files; Google is investigating How to restore files in Drive for desktop (v84.0.0.0-84.0.4.0) Just about every Windows and Linux device vulnerable to new LogoFAIL firmware attack   Free Consulting We were asked about using cheap resold volume Windows licenses.           Kolide Kolide ensures that if a device isn’t secure, it can’t access your apps. It’s Device Trust for Okta. Watch the demo today to see how it works at kolide.com/25a           See our contact page for ways to get in touch.  

Jim and Allan break down the details of the recent ZFS data corruption bug, and give their tips for managing a fleet of 40+ servers.   Plug Support us on patreon and get an ad-free RSS feed with early episodes sometimes   News Two new versions of OpenZFS fix long-hidden corruption bug   Free Consulting We were asked about managing 40+ servers.         Automox Save time, eliminate risk, and automate the patching, configuration, and control of all your Windows, macOS, and Linux endpoints with Automox.           See our contact page for ways to get in touch.  

Why a small island nation’s top level domain ended up with such a terrible reputation, an ssh vulnerability that’s not as scary as it sounds, whether software can be “finished”, and using powerline or WiFi for security cameras.     Plugs Support us on patreon and get an ad-free RSS feed with early episodes sometimes   News How a tiny Pacific Island became the global capital of cybercrime Passive SSH server private key compromise is real … for some vulnerable gear   Feedback The beauty of finished software       Free Consulting We were asked about using powerline or WiFi for security cameras.             Kolide Kolide ensures that if a device isn’t secure, it can’t access your apps. It’s Device Trust for Okta. Watch the demo today to see how it works at kolide.com/25a   The Traceroute Podcast Check out the new season of the Traceroute Podcast on Apple, Spotify, or wherever you get your podcasts. Visit the website.             See our contact page for ways to get in touch.  

Why and how Allan installed a set of new Power over Ethernet wireless access points, and our hardware recommendations for a media server and NAS in one.   Allan’s new WiFi setup Access points Controller     Free Consulting We were asked for hardware recommendations for a media server and NAS in one.             HelloFresh With HelloFresh, you get farm-fresh, pre-portioned ingredients and seasonal recipes delivered right to your doorstep. Get free breakfast for life at hellofresh.com/25adminsfree with code 25adminsfree. (One breakfast item per box while subscription is active).   Kolide Kolide ensures that if a device isn’t secure, it can’t access your apps. It’s Device Trust for Okta. Watch the demo today to see how it works at kolide.com/25a           See our contact page for ways to get in touch.  

A Cloudflare outage shines a light on sloppy data center practices, and why you shouldn’t run a mail server at home. Plus followup on the Android multi-user bug, package managers on Windows, and Toshiba hard drives.   Plugs Support us on patreon and get an ad-free RSS feed with early episodes sometimes   News/discussion Cloudflare claims Flexential data center outage was behind service disruption – DCD Post Mortem on Cloudflare Control Plane and Analytics Outage Android 14’s storage disaster gets patched, but your data might be gone   Feedback winget Toshiba Consumer Internal Hard Disk Drives   Free Consulting We were asked about running a mail server at home. “Run Your Own Mail Server” chapter 0             HelloFresh With HelloFresh, you get farm-fresh, pre-portioned ingredients and seasonal recipes delivered right to your doorstep. Get free breakfast for life at hellofresh.com/25adminsfree with code 25adminsfree. (One breakfast item per box while subscription is active).   Kolide Kolide ensures that if a device isn’t secure, it can’t access your apps. It’s Device Trust for Okta. Watch the demo today to see how it works at kolide.com/25a           See our contact page for ways to get in touch.  

Okta seems to not be taking its security seriously enough, crashing iPhones is far easier than it should be, Jim’s report from the Ubuntu Summit, and what to do when you find a company’s sensitive data on the Internet.   Plugs Support us on patreon and get an ad-free RSS feed with early episodes sometimes   News No, Okta, senior management, not an errant employee, caused you to get hacked Okta October breach affected 134 orgs, biz admits Okta hit by another breach, this one stealing employee data from 3rd-party vendor This tiny device is sending updated iPhones into a never-ending DoS loop Jim went to the Ubuntu Summit   Free Consulting We were asked about what to do when you find a company’s sensitive data on the Internet.         The Traceroute Podcast Check out the new season of the Traceroute Podcast on Apple, Spotify, or wherever you get your podcasts. Visit the website.   Automox Save time, eliminate risk, and automate the patching, configuration, and control of all your Windows, macOS, and Linux endpoints with Automox.           See our contact page for ways to get in touch.  

The large water consumption of AI and data centers in general, China’s big push towards IPv6, why we don’t talk about Toshiba hard drives very often, and the implications of poor Bluetooth security on an e-bike.   Plugs Support us on patreon Unlocking Infrastructure Sovereignty: Harnessing the Power of Open Source Solutions for Business Flexibility and Cost-Effectiveness   News/discussion The Secret Water Footprint of AI Technology China requires all new Wi-Fi kit to run IPv6   Free Consulting We were asked about the implications of poor Bluetooth security on an e-bike. Monitor Traffic With Wireless Travel Time Sensors DeepBlue Sensor Bluetooth Pedestrian and Vehicle Tracking         The Traceroute Podcast Check out the new season of the Traceroute Podcast on Apple, Spotify, or wherever you get your podcasts. Visit the website.   Kolide Kolide ensures that if a device isn’t secure, it can’t access your apps. It’s Device Trust for Okta. Watch the demo today to see how it works at kolide.com/25a         See our contact page for ways to get in touch.  

What Google should do to prevent malware sites in their ads, why you might want to avoid using multiple profiles on Android devices, a speculative execution vulnerability in Apple Silicon, and the pros and cons of TP-Link Omada and Ubiquiti Unifi.   Plugs Support us on patreon   News Clever malvertising attack uses Punycode to look like KeePass’s official website pixel 6 can’t access storage with multiple profiles after updating to android 14 Hackers can force iOS and macOS browsers to divulge passwords and much more   Free Consulting We were asked about the pros and cons of TP-Link Omada and Ubiquiti Unifi.           See our contact page for ways to get in touch.  

The nuances of copyrighting AI-generated art, getting the best speeds with Samba, and building an SSD-only NAS.   News/discussion Opinion: The Copyright Office is making a mistake on AI-generated art   Free Consulting We were asked about building an SSD-only NAS.         Kolide Kolide ensures that if a device isn’t secure, it can’t access your apps. It’s Device Trust for Okta. Watch the demo today to see how it works at kolide.com/25a         See our contact page for ways to get in touch.  

Why enabling password autofill isn’t a great idea, Jim’s adventures in network repair, and setting up a home router/WiFi hotspot.   Feedback Don’t use autofill on your password manager   Story Time Adventures in network repair   Free Consulting We were asked about hardware for a home router/Wi-Fi hotspot.         HelloFresh With HelloFresh, you get farm-fresh, pre-portioned ingredients and seasonal recipes delivered right to your doorstep. Get 50% off plus free shipping at hellofresh.com/5025admins using code 5025admins.         See our contact page for ways to get in touch.  

A network breach teaches us all a valuable lesson about threat models, Allan and Jim’s TV setups, and picking the right external storage solution.   Plugs Support us on patreon   News/discussion How Google Authenticator made one company’s network breach much, much worse Amolith’s wiki page about passwords   Feedback Allan’s TV remote control   Free Consulting We were asked about picking the right external storage solution.         Kolide Kolide ensures that if a device isn’t secure, it can’t access your apps. It’s Device Trust for Okta. Watch the demo today to see how it works at kolide.com/25a         See our contact page for ways to get in touch.  

Google and Apple do a bad job of disclosing a pretty serious vulnerability, why hard drives aren’t physically bigger, and setting up a distributed backup system with a group of friends.   Plugs Support us on patreon   News Submit your ideas or articles – OpenSource.net Incomplete disclosures by Apple and Google create “huge blindspot” for 0-day hunters Google quietly corrects previously submitted disclosure for critical webp 0-day   Free Consulting We were asked about setting up a distributed backup system with a group of friends.         Kolide Kolide ensures that if a device isn’t secure, it can’t access your apps. It’s Device Trust for Okta. Watch the demo today to see how it works at kolide.com/25a         See our contact page for ways to get in touch.  

The future of archive storage using lasers and ceramics, self-hosting an Internet archive, more on Windows 11 Home, and setting up storage inside VMs.   Plugs Support us on patreon Jim and Allan host Klara’s latest Webinar: OpenZFS Data Replication   News/discussion Cerabyte roadmaps ceramic nano-memory storage   Feedback Archivy ArchiveBox   Free Consulting We were asked about setting up storage inside VMs.           See our contact page for ways to get in touch.  

Unity causes a stink with its new pricing model, running out of disk space causes a very expensive problem, how one-off promotional domains can come back to bite you, and picking the hardware and software for a router.   News Unity has changed its pricing model, and game developers are pissed off Unity rushes to clarify price increase plan, as game developers fume unity_to_godot_converter: An experimental converter from Unity to Godot game engines Toyota outage caused by servers running out of storage Lidl recalls Paw Patrol snacks after website on packaging displayed porn   Free Consulting We were asked about picking the hardware and software for a router.           HelloFresh With HelloFresh, you get farm-fresh, pre-portioned ingredients and seasonal recipes delivered right to your doorstep. Get 50% off plus 15% off the next 2 months at hellofresh.com/5025admins using code 5025admins.     Kolide Kolide ensures that if a device isn’t secure, it can’t access your apps. It’s Device Trust for Okta. Watch the demo today to see how it works at kolide.com/25a         See our contact page for ways to get in touch.  

The user experience on fresh installations of Windows and Edge is terrible and we get to the bottom of why. Unfortunately the reason isn’t exclusive to Microsoft’s offerings – it’s a pattern that we’ve seen from numerous companies, even Mozilla. Plus why it’s a bad idea to power your server on and off regularly.   Plugs Support us on patreon   News/discussion Windows 11 has made the “clean Windows install” an oxymoron Microsoft is using malware-like pop-ups in Windows 11 to get people to ditch Google   Free Consulting We were asked about powering a home server on and off regularly.           See our contact page for ways to get in touch.  

Dropbox once again proves that there is no such thing as “unlimited” anything, Intel isn’t going to support WiFi 7 on Windows 10 (but it doesn’t really matter), managing ssh keys, setting up data storage for containers, and more on IPMI for Raspberry Pis.   Plugs Support us on patreon   News Dropbox limits ‘all the storage you need’ unlimited plan, blames abusive users Intel doesn’t plan to support Wi-Fi 7 on Windows 10 Wi-Fi 7 is Coming: Here’s What You Need to Know   Feedback Turing Pi   Free Consulting We were asked about managing ssh keys, and setting up data storage for containers.         Kolide Kolide ensures that if a device isn’t secure, it can’t access your apps. It’s Device Trust for Okta. Watch the demo today to see how it works at kolide.com/25a           See our contact page for ways to get in touch.  

CNET’s SEO attempts once again show that nothing lasts forever, why the reports of the death of the mechanical hard drive are greatly exaggerated, and home-made IPMI on the cheap.   Plugs Support us on Patreon   News/discussion The Internet is not forever after all: CNET deletes old articles to game Google Coughlin: SSDs will not kill disk drives Samsung Announces 256TB SSDs and Unveils Peta-Byte Scale PBSSDs   Free Consulting We were asked about setting up IPMI for cheap Arm boards. PiKVM       See our contact page for ways to get in touch.  

Why fully remote work is on the wane as Zoom drags employees back to the office and Bluejeans is shut down, the Sandisk SSDs that keep failing, and how and why you should use ECC RAM in your home server if you can.   Plugs Support us on Patreon   News Zoom has “Zoom fatigue,” requires workers to return to the office BlueJeans, Verizon’s Google Meet competitor you’ve never heard of, is shutting down We just lost 3TB of data on a SanDisk Extreme SSD SanDisk’s silence deafens as high-profile users say Extreme SSDs still broken   Free Consulting We were asked about ECC RAM in a home server.       Kolide Kolide ensures that if a device isn’t secure, it can’t access your apps. It’s Device Trust for Okta. Watch the demo today to see how it works at kolide.com/25a           See our contact page for ways to get in touch.  

Allan and Jim reminisce about the early days of connecting to the Internet, and what inspired them to become sysadmins in the first place. Plus recovering old versions of files, and an exciting announcement about the show.   Plugs 2.5 Admins is now part of the Late Night Linux Family. Support us on Patreon   News/discussion 2.5 Admins in The ‘90s Internet: When 20 hours online triggered an email from my ISP’s president How To Start An ISP (like it’s 1993)   Free Consulting We were asked about recovering old versions of files.           Linux Matters Check out Linux Matters – a show in the Late Night Linux Family hosted by popey, Mark, and Wimpy about all the Linux matters that matter. They did a recent episode about backups (without using ZFS).         See our contact page for ways to get in touch.  

Why the increasing trend of charging for public IPv4 addresses won’t change much, Google trials restricting its employees’ Internet access, and operating systems uploading firmware to devices at boot.   Plugs Support us on patreon Klara 2023 Recommended Summer Reads – FreeBSD and Linux   News New – AWS Public IPv4 Address Charge + Public IP Insights AWS to charge customers for public IPv4 addresses from 2024 Google’s new security pilot program will ban employee Internet access     Free Consulting We were asked about operating systems uploading firmware to devices at boot, rather than having it baked in.         Kolide Kolide ensures that if a device isn’t secure, it can’t access your apps. It’s Device Trust for Okta. Watch the demo today to see how it works at kolide.com/25a           See our contact page for ways to get in touch.