A new experimental package is now on the ghrr drat. It is named tint which stands for Tint Is Not Tufte. It provides an alternative for Tufte-style html presentation. I wrote a bit more on the package page and the README in the repo -- so go read this.
Krebs on Security in record DDOS attack: Everybody’s go-to site for news and views of security issues, has been temporarily knocked offline in a DDOS attack for the record books. We first heard about the attack on Thursday morning after Brian Krebs reported that his site was being hit by as much as 620 Gbs, more than double the previous record which was considered to be a mind-blower back in 2013 when the anti-spam site Spamhaus was brought to its knees.
Security sites such as Krebs’ that perform investigative research into security issues are often targets of the bad guys. In this latest case, Ars Technica reported the attack came after Krebs published the identity of people connected with vDOS, Israeli black hats who launched DDOS attacks for pay and took in $600,000 in two years doing so. Akamai had been donating DDoS mitigation services to Krebs, but by 4 p.m. on the day the attack began they withdrew the service, motivated by the high cost of defending against such a massive attack. At this point, Krebs decided to shut down his site.
When generating the keypair, you're asked for a passphrase to encrypt the private key with. If you will ever lose your private key it should protect others from impersonating you because it will be encrypted with the passphrase. To actually prevent this, one should make sure to prevent easy brute-forcing of the passphrase.
OpenSSH key generator offers two options to resistance to brute-force password cracking: using the new OpenSSH key format and increasing the amount of key derivation function rounds. It slows down the process of unlocking the key, but this is what prevents efficient brute-forcing by a malicious user too. I'd say experiment with the amount of rounds on your system. Start at about 100 rounds. On my system it takes about one second to decrypt and load the key once per day using an agent. Very much acceptable, imo.
Today we’d like to explain what it costs to run Let’s Encrypt. We’re doing this because we strive to be a transparent organization, we want people to have some context for their contributions to the project, and because it’s interesting.
Let’s Encrypt will require about $2.9M USD to operate in 2017. We believe this is an incredible value for a secure and reliable service that is capable of issuing certificates globally, to every server on the Web free of charge.
We’re currently working to raise the money we need to operate through the next year. Please consider donating or becoming a sponsor if you’re able to do so! In the event that we end up being able to raise more money than we need to just keep Let’s Encrypt running we can look into adding other services to improve access to a more secure and privacy-respecting Web.
One of North Korea’s top level DNS servers was mis-configured today (20th September 2016) accidentally allowing global DNS zone transfers. This allowed anyone who makes a zone transfer request (AXFR) to retrieve a copy of the nation’s top level DNS data.
This data showed there are 28 domains configured inside North Korea, here is the list:
As a number of outlets have reported, Yahoo has announced that 500 million of its users’ accounts got hacked in 2014 by a suspected state actor.
But that massive hack is actually one of three interesting hacks of Yahoo in recent years.
Italian Military's LibreOffice Migration Underway; 100,000+ PCs To Be Migrated
As we reported exactly an year ago, Italian Military's plans to migrate its entire fleet of desktop PCs to LibreOffice is well underway and has reached its first milestone. Since the project got started about an year ago, the Italian military have switched over 8000 PC workstations to LibreOffice.
Every Little Hacker needs a Little Linux Computer
I know what you’re probably all thinking, why isn’t this kid’s adorable face on every possible toddler related product currently on the market? Rest assured, I constantly remind my sister of how she could be exploiting his cuteness for millions of dollars- but I digress. Where were we? Oh right, Linux.
Let’s talk hardware. If we’re building this little dude a Linux computer and we’re “ballin’ on a budget”, there’s no better choice than a Raspberry Pi. I mean he is a hacker in training, right? His typing (and well, hand coordination in general) isn’t that great yet, so we’ll need an over-sized keyboard. A big mouse pad, and a good wireless mouse will do well. Oh, and how about a VESA mount case for the Raspberry Pi so it stays out of the way? All of that should do nicely.