In the market for a laptop…

My trusty WeTab tablet is starting to give some signs of weariness, so I guess it’s time to get a new portable work device, maybe one where I can actually do some work.

System 76’s Galago Ultra Pro seems interesting, specially with 8 GB RAM and a 120 GB solid state drive, it’s under 1000 €, don’t know yet how bad it’ll be with shipping from US to Portugal, but it’s quite tempting, I’ll have to check it out after FOSDEM because it’ll make quite a dent in my purse and I’d rather not do that with an upcoming journey ahead of me.

The only major problem I see with this one is the size, I’d like those specs but with 12” display size, rather than 14.1, and also below 1000 €.

Any suggestions?

Forgot to set email in your pump.io? Fix it!

Pump.io is an awesome distributed/federated social network, but it’s still green software and has many rough edges. One boring one is that when you’re setting up your instance you may run into the pitfall of not setting your email, and then after you posted more than you’d want to loose by resetting it… you can’t enable requireEmail anymore because you’ll be kept out of your own instance.

Sucks, innit? But there’s a fix, all you need to do is add the email field to your user’s data. In my example I’ll be using redis so your millage may vary according to your choice of databank, but the idea is the same, just figure out what your particular case needs to do to implement the same idea.

You can get your user’s data and fix it like this (note, lines broken for blog display):

redis your.ip.addr.ess:6379> get user:RuiSeabra
"{\"nickname\":\"RuiSeabra\",\"updated\":\"2013-08-15T20:42:58Z\",
   \"published\":\"2013-08-15T20:42:58Z\",\"_passwordHash\":\"haha",
   \"profile\":{\"objectType\":\"person\",
   \"id\":\"acct:RuiSeabra@p.1407.org\"}}"

redis your.ip.addr.ess:6379> set user:RuiSeabra
"{\"nickname\":\"RuiSeabra\",\"updated\":\"2013-08-15T20:42:58Z\",
   \"published\":\"2013-08-15T20:42:58Z\",\"_passwordHash\":\"haha",
   \"profile\":{\"objectType\":\"person\",
   \"email\":\"my-rms-email@1407.org\",
   \"id\":\"acct:RuiSeabra@p.1407.org\"}}"

So now it’s fixed and you can re-enable requireEmail in your pump.io.json:

[rms@pump ~]$ sudo grep -i requir /etc/pump.io.json
    "requireEmail": true,

Airgap-Jumping Malware May Use Ultrasonic Networking To Communicate

Hugh Pickens DOT Com writes “Dan Goodwin writes at Ars Technica about a rootkit that seems straight out of a science-fiction thriller. According to security consultant Dragos Ruiu one day his MacBook Air, on which he had just installed a fresh copy of OS X, spontaneously updated the firmware that helps it boot. Stranger still, when Ruiu then tried to boot the machine off a CD ROM, it refused and he also found that the machine could delete data and undo configuration changes with no prompting. Next a computer running the Open BSD operating system also began to modify its settings and delete its data without explanation or prompting and further investigation showed that multiple variants of Windows and Linux were also affected. But the story gets stranger still. Ruiu began observing encrypted data packets being sent to and from an infected laptop that had no obvious network connection with—but was in close proximity to—another badBIOS-infected computer. The packets were transmitted even when the laptop had its Wi-Fi and Bluetooth cards removed. Ruiu also disconnected the machine’s power cord so it ran only on battery to rule out the possibility it was receiving signals over the electrical connection. Even then, forensic tools showed the packets continued to flow over the airgapped machine. Then, when Ruiu removed internal speaker and microphone connected to the airgapped machine, the packets suddenly stopped. With the speakers and mic intact, Ruiu said, the isolated computer seemed to be using the high-frequency connection to maintain the integrity of the badBIOS infection as he worked to dismantle software components the malware relied on. It’s too early to say with confidence that what Ruiu has been observing is a USB-transmitted rootkit that can burrow into a computer’s lowest levels and use it as a jumping off point to infect a variety of operating systems with malware that can’t be detected. It’s even harder to know for sure that infected systems are using high-frequency sounds to communicate with isolated machines. But after almost two weeks of online discussion, no one has been able to rule out these troubling scenarios, either. ‘It looks like the state of the art in intrusion stuff is a lot more advanced than we assumed it was,’ says Ruiu. ‘The take-away from this is a lot of our forensic procedures are weak when faced with challenges like this. A lot of companies have to take a lot more care when they use forensic data if they’re faced with sophisticated attackers.'”

Share on Google+

Read more of this story at Slashdot.




Airgap-Jumping Malware May Use Ultrasonic Networking To Communicate

Hugh Pickens DOT Com writes “Dan Goodwin writes at Ars Technica about a rootkit that seems straight out of a science-fiction thriller. According to security consultant Dragos Ruiu one day his MacBook Air, on which he had just installed a fresh copy of OS X, spontaneously updated the firmware that helps it boot. Stranger still, when Ruiu then tried to boot the machine off a CD ROM, it refused and he also found that the machine could delete data and undo configuration changes with no prompting. Next a computer running the Open BSD operating system also began to modify its settings and delete its data without explanation or prompting and further investigation showed that multiple variants of Windows and Linux were also affected. But the story gets stranger still. Ruiu began observing encrypted data packets being sent to and from an infected laptop that had no obvious network connection with—but was in close proximity to—another badBIOS-infected computer. The packets were transmitted even when the laptop had its Wi-Fi and Bluetooth cards removed. Ruiu also disconnected the machine’s power cord so it ran only on battery to rule out the possibility it was receiving signals over the electrical connection. Even then, forensic tools showed the packets continued to flow over the airgapped machine. Then, when Ruiu removed internal speaker and microphone connected to the airgapped machine, the packets suddenly stopped. With the speakers and mic intact, Ruiu said, the isolated computer seemed to be using the high-frequency connection to maintain the integrity of the badBIOS infection as he worked to dismantle software components the malware relied on. It’s too early to say with confidence that what Ruiu has been observing is a USB-transmitted rootkit that can burrow into a computer’s lowest levels and use it as a jumping off point to infect a variety of operating systems with malware that can’t be detected. It’s even harder to know for sure that infected systems are using high-frequency sounds to communicate with isolated machines. But after almost two weeks of online discussion, no one has been able to rule out these troubling scenarios, either. ‘It looks like the state of the art in intrusion stuff is a lot more advanced than we assumed it was,’ says Ruiu. ‘The take-away from this is a lot of our forensic procedures are weak when faced with challenges like this. A lot of companies have to take a lot more care when they use forensic data if they’re faced with sophisticated attackers.'”

Share on Google+

Read more of this story at Slashdot.