Sponsored By:

• Tailscale: Tailscale is a programmable networking software that is private and secure by default - get it free on up to 100 devices!
• 1Password Extended Access Management: Secure every sign-in for every app on every device.
• Core Contributor Membership: Take $1 a month of your membership for a lifetime! Promo Code: summer

Support LINUX Unplugged

Links:

• 💥 Gets Sats Quick and Easy with Strike
• 📻 LINUX Unplugged on Fountain.FM
• Spokane Meetup - No-Li Brewhouse · JB Events (test deployment)
• Plasma/Krunner Docs — Brent's tip: 'https://search.nixos.org/options?query=\{@}' (the '\{@}' is the magic sauce)
• autossh — Automatically restart SSH sessions and tunnels
• autossh on GitHub
• Spokane Meetup — No-Li Brewhouse, Sat, Jul 13, 2024, 4:00 PM
• RegreSSHion — Remote Code Execution Vulnerability In OpenSSH Server
• regreSSHion — Remote Unauthenticated Code Execution Vulnerability in OpenSSH server.
• NixOS Security advisory: OpenSSH CVE-2024-6387 “regreSSHion” – update your servers ASAP
• Nasty regreSSHion bug affects around 700K Linux systems
• Qualys CVE-2024-6387 Write-up
• Letmein: Authenticating port knocker - Written in Rust — Letmein is a simple port knocker with a simple and secure authentication mechanism. It can be used to harden against pre-authentication attacks on services like SSH, VPN, IMAP and many more.
• fwknop: Single Packet Authorization > Port Knocking — fwknop stands for the "FireWall KNock OPerator", and implements an authorization scheme called Single Packet Authorization (SPA). This method of authorization is based around a default-drop packet filter
• Membership Summer Discount — Take $1 a month of your membership for a lifetime!
• Jeff links: How to run non-nix executables?
• pick: stu — TUI (Terminal/Text UI) application for AWS S3

We also have a batch of big community news, and the case for the cloud killing Open Source.

Special Guests: Alessandro Castellani and Brent Gervais.

Support LINUX Unplugged

Links:

• OggCamp 19 — OggCamp is an unconference celebrating Free Culture, Free and Open Source Software, hardware hacking, digital rights, and all manner of collaborative cultural activities.
• OggCamp on Twitter
• Remote Code Execution in apt-get — A vulnerability in apt allows a network man-in-the-middle (or a malicious package mirror) to execute arbitrary code as root on a machine installing any package. The bug has been fixed in the latest versions of apt.
• Why does APT not use HTTPS?
• Turkish ISP Swapped Downloads of Popular Software with Spyware-Infected Apps
• Which block I/O scheduler is the best? We asked eBPF. — I set out expecting to see differing distributions of latencies for each block scheduler, but ultimately found that I didn’t understand low-level systems behavior to the degree I thought I did.
• Want to spin up Ubuntu VMs from Windows 10's command line, eh? We'll need to see a Multipass. — Windows 10 developers have been gifted yet another way of running Linux on their desktop in the form of Canonical's Multipass.
• Microsoft Employee Hints at Windows Core OS Open Source Components
• TechSNAP Episode 395: The ACME Era
• LinuxFest Northwest 20th Anniversary
• LFNW Telegram Group
• LinuxFest Northwest Parking Lot BBQ Meetup
• SCALE 17x
• SCALE Telegram Group
• Texas Linux Fest 2019
• Public Speaking: A repository of resources about public speaking, specifically in the context of software development and IT conferences.
• Linux Operating System Fundamentals — Have you heard of Linux, but don't really know anything about it? Are you a non-technical person just wanting to know what this 'Linux' thing is? Then this course is for you.
• Akira: Native Linux App for UI and UX Design
• Akira on Kickstarter
• Exponent episode 159 — Inverted Pyramids
• Late Night Linux – Episode 55 — Are you better off with the elasticity of public clouds like AWS, or should you avoid lock-in by running servers on premises?
• AWS, MongoDB, and the Economic Realities of Open Source
• Open source confronts its midlife crisis