Cisco network gear fell over when it shouldn’t have, yet another security flaw is found in Microsoft Copilot, the US military is letting Grok into all its networks, and managing LVM snapshots.

 

Plugs

Support us on patreon and get an ad-free RSS feed with early episodes sometimes

Unwrapping ZFS: Gifts from the Open Source Community

A New Year, A New ZFS: What 2.4 Brings to the Table

 

News

Cisco routers knocked out due to Cloudflare DNS change

Reprompt: The Single-Click Microsoft Copilot Attack that Silently Steals Your Personal Data

Musk’s AI tool Grok will be integrated into Pentagon networks, Hegseth says

 

Free consulting

We were asked about managing LVM snapshots.

 

 

 

 

 

 

 

The many reasons why email shouldn’t be trusted. Plus how to stop your kids accessing inappropriate content online, and why the answer probably isn’t a technical one.

 

Plugs

Support us on patreon and get an ad-free RSS feed with early episodes sometimes

What We Built: Top ZFS Capabilities Delivered by Klara in 2025

 

Discussion

Please STOP trusting email

 

Free consulting

We were asked about blocking adult content at the network level. 

 

 

 

 

 

 

 

Why you should probably keep paying for your old domains, the perpetual problem of typo squatting, a machine learning expert’s take on BS from LLMs, and whether to separate compute and storage in a home setup.

 

Plugs

Support us on patreon and get an ad-free RSS feed with early episodes sometimes

Can You Have Too Many VDEVs? A Practical Guide to ZFS Scaling

 

News/discussion

Digital Trust in Danger: When Authorities Forget Their Old Domains

Most Parked Domains Now Serving Malicious Content

LLMs are bullshitters. But that doesn’t mean they’re not useful

 

Free consulting

We were asked about whether to separate compute and storage in a home setup.

 

 

 

 

 

 

 

The one bit of advice we’d give to someone wanting to become a professional sysadmin. This is a short episode because Joe is having a break for the Christmas period.

 

 

 

 

 

 

Apple deletes a person’s entire digital life, PornHub Premium user data is leaked, Mozilla’s new CEO wants to ruin Firefox, Tech Force in the USA is alarming, and fine tuning storage for databases.

 

Plugs

Support us on patreon and get an ad-free RSS feed with early episodes sometimes

Is DWPD Still a Useful SSD Spec?

 

News/discussion

20 Years of Digital Life, Gone in an Instant, thanks to Apple

PornHub extorted after hackers steal Premium member activity data

Mozilla’s next chapter: Building the world’s most trusted software company

Rest assured, Firefox will always remain a browser built around user control

Tech Force

Trump administration launches Tech Force hiring push

 

Free consulting

We were asked about fine tuning storage for databases.

 

 

 

 

 

 

 

 

 

The Crucial brand of consumer SSDs and RAM is going away, AMD and Intel memory encryption can be bypassed with cheap hardware, more AI buffoonery, and monitoring users’ usage on a network.

 

Plugs

Support us on patreon and get an ad-free RSS feed with early episodes sometimes

When RAID Isn’t Enough: ZFS Redundancy Done Right

 

News/discussion

Micron Announces Exit from Crucial Consumer Business

Cheap Hardware Module Bypasses AMD, Intel Memory Encryption

Google’s vibe coding platform deletes entire drive

One day, AI might be better than you at surfing the web. That day isn’t today

 

Free consulting

We were asked about monitoring users’ usage on a network.

 

 

 

 

 

Tailscale

Tailscale is an easy to deploy, zero-config, no-fuss VPN that allows you to build simple networks across complex infrastructure. Go to tailscale.com/25a and try Tailscale out for free for up to 100 devices and 3 users, with no credit card required. Use code LATENIGHTLINUX for three free months of any Tailscale paid plan.

 

 

What a government crackdown on VPNs would look like, malware groups play the long game with browser extensions, a new major version of FreeBSD is released, and using a single database vs one DB per application or VM.

 

Plugs

Support us on patreon and get an ad-free RSS feed with early episodes sometimes

ZFS Enabled Disaster Recovery for Virtualization

 

News/discussion

The VPN panic is only getting started

Stealthy browser extensions waited years before infecting 4.3M Chrome, Edge users with backdoors and spyware

FreeBSD 15.0-RELEASE Announcement

 

Free consulting

We were asked about using a single database vs one DB per application or VM.

 

 

 

 

 

 

Google kept collecting sensor data even after bricking Nest thermostats, FreeBSD’s container support gets serious, and where to find cheap (or even dirt cheap) used hardware.

 

Plugs

Support us on patreon and get an ad-free RSS feed with early episodes sometimes

How to Set Up a Highly Available ZFS Pool Using Mirroring and iSCSI

December Webinar: The 12 Days of ZFS: Tips, Tricks, and Treats

 

News/discussion

Google is collecting troves of data from downgraded Nest thermostats

FreeBSD Officially Supported in OCI Runtime Specification v1.3

 

Free consulting

We were asked about where to find cheap (or even dirt cheap) used hardware.

 

 

 

 

 

Tailscale

Tailscale is an easy to deploy, zero-config, no-fuss VPN that allows you to build simple networks across complex infrastructure. Go to tailscale.com/25a and try Tailscale out for free for up to 100 devices and 3 users, with no credit card required. Use code LATENIGHTLINUX for three free months of any Tailscale paid plan.

Windows is becoming an “agentic OS”, some WD SMR drives are dying prematurely, backing up VMware with ZFS, and separating trusted and non-trusted devices on your network.

 

Plugs

Support us on patreon and get an ad-free RSS feed with early episodes sometimes

Understanding Storage Performance Metrics

December Webinar: The 12 Days of ZFS: Tips, Tricks, and Treats

 

News/discussion

Microsoft is turning Windows into an ‘agentic OS,’ starting with the taskbar

Critics scoff after Microsoft warns AI feature can infect machines and pilfer data

WD launches investigation into problems with its controversial SMR hard drives

 

Free consulting

We were asked about backing up VMware with ZFS, and separating trusted and non-trusted devices on your network.

 

 

 

 

 

 

Allan tells us about the recent OpenZFS Summit including inconsistent JBODs, more details about mixed disk sizes in ZFS with AnyRaid, an upcoming standard that allows you to keep using partially dead hard drives, Seagate’s roadmap for 50 and 100 TB drives, and NVMe connected mechanical drives. Plus using a separate mini PC for work.

 

Plugs

Support us on patreon and get an ad-free RSS feed with early episodes sometimes

Building Enterprise-Grade Storage on Proxmox with ZFS

December Webinar: The 12 Days of ZFS: Tips, Tricks, and Treats

 

Free consulting

We were asked about using a separate mini PC for work.

 

 

 

 

 

 

Why you should seriously consider buying refurbished hard drives, why drives might be lasting longer than they once did, Jim’s M.2 NVMe drive died at an inopportune moment, using multiple partitions on disks with ZFS.

 

Plugs

Support us on patreon and get an ad-free RSS feed with early episodes sometimes

Advanced ZFS Dataset Management: Snapshots, Clones, and Bookmarks

November Webinar: ZFS Mastery: The Bits They Don’t Put in the Man Pages

 

News/discussion

Do Refurbished Hard Disks Make Sense For Your Home NAS Server?

Are Hard Drives Getting Better? Let’s Revisit the Bathtub Curve

Jim’s M.2 NVMe nightmare

 

Free consulting

We were asked about using multiple partitions on disks with ZFS.

 

 

 

 

Why you should keep your Baseboard Management Controller off the network, ZFS is hard to defeat with a zip bomb, how bad the Internet bot problem probably is, and building a small home server cluster.

 

Plug

Support us on patreon and get an ad-free RSS feed with early episodes sometimes

 

Discussion

Supermicro server motherboards can be infected with unremovable malware

When a decompression ZIP bomb meets ZFS: 19 PB written on a 15 TB disk

 

Free consulting

We were asked about building a small home server cluster.

 

 

 

 

It looks like the storage companies aren’t betting on the AI bubble lasting much longer, the arguments against self-hosting, and setting up a server for virtualization and containers.

 

Plugs

Support us on patreon and get an ad-free RSS feed with early episodes sometimes

ZFS Performance Tuning in the Real World: ARC, L2ARC, and SLOG

 

Discussion

Expect HDD, SSD shortages as AI rewrites the rules of storage hierarchy — multiple companies announce price hikes, too

The Future is NOT Self-Hosted

 

Free consulting

We were asked about setting up a server for virtualization and containers.

 

 

 

 

Windows 10 is officially end of life but Microsoft extends free updates for Windows 10 in Europe, it gets even harder to use a local account in Windows 11, and whether repurposing old server hardware is worth it.

 

Plugs

Support us on patreon and get an ad-free RSS feed with early episodes sometimes

What the Future Brings – ZFS Features, Roadmap, and Innovations

 

News/discussion

Major backtrack as Microsoft makes Windows 10 extended security updates FREE for an extra year — but only in certain markets

Microsoft is plugging more holes that let you use Windows 11 without an online account

 

Free consulting

We were asked about repurposing old server hardware.

 

 

 

 

A Red Hat breach leads to a leak of lots of sensitive customer data, Synology backs down on allowing third-party drives but they are removing features, and managing ZFS properties during replication.

 

Plugs

Support us on patreon and get an ad-free RSS feed with early episodes sometimes

Optimizing ZFS for High-Throughput Storage Workloads

 

News

Red Hat fesses up to GitLab breach after attackers brag of data theft

Red Hat breach escalates as Crimson Collective recruits help

International Cyber Digest Twitter thread

Synology caves, walks back some drive restrictions on upcoming NAS models

Synology Removes Graphics Drivers and HEVC & H.264 HW Transcoding Support

Discontinuation Notice for HEVC (H.265), AVC (H.264), and VC-1 Transcoding on DSM and BeeStation OS Platforms

 

Free consulting

We were asked about managing ZFS properties during replication.

 

 

 

 

 

The weird errors you see when your root partition is full, TikTok uses a lot of bandwidth by preloading videos, and dealing with a ZFS pool that won’t import.

 

Plugs

Support us on patreon and get an ad-free RSS feed with early episodes sometimes

Keeping Data Safe with OpenZFS: Security, Encryption, and Delegation

 

News/discussion

Dark patterns killed my wife’s Windows 11 installation

TikTok video pre-loads cause ‘massive data wastage’

 

Free consulting

We were asked about dealing with a ZFS pool that won’t import.

Importing corrupted pool causes PANIC

Klara added additional diagnostics to ZFS to help investigate this issue, that shipped as part of 2.3.4

Klara also has a work-around to get past the errors, but it is likely to result in data loss if there are overlapping segments, or the leaking of free space when segments are not entirely removed (not to be attempted without a developer present)

 

 

 

 

 

Intel and Nvidia are teaming up for multiple reasons, Open AI are planning to build data centers and use a ludicrous amount of power, LLM hallucinations aren’t going away, and how long we keep servers and hard drives in production.

 

Plugs

Support us on patreon and get an ad-free RSS feed with early episodes sometimes

Troubleshooting ZFS – Common Issues and How to Fix Them

 

News

Nvidia, Intel to co-develop “multiple generations” of chips as part of $5 billion deal

Nvidia and Intel’s $5 billion deal is apparently about eating AMD’s lunch

OpenAI and Nvidia’s $100B AI plan will require power equal to 10 nuclear reactors

Nvidia adds more air to the AI bubble with vague $100B OpenAI deal

The AI-energy apocalypse might be a little overblown

OpenAI’s Stargate project to pave the world with AI datacenters announces five new US locations

OpenAI admits AI hallucinations are mathematically inevitable, not just engineering flaws

 

Free consulting

We were asked about how long we keep servers and hard drives in production.

 

 

 

 

Joe set up a FreeBSD box to serve as a replication target and it was surprisingly straightforward, if rather different from Linux. Plus the lies that storage tells us.

 

Plug

Support us on patreon and get an ad-free RSS feed with early episodes sometimes

 

 

 

 

Matrix shows how painful enormous databases can be to restore, why the certificate authority system doesn’t seem to make sense in 2025, a hosting provider thinks they are better than Cloudflare at blocking malicious traffic, a viral app turns out to be written by an enthusiastic dev who doesn’t understand best practices, and using S3 object storage outside of the cloud. With guest host Gary from Linux After Dark and Hybrid Cloud Show.

 

Plug

Support us on patreon and get an ad-free RSS feed with early episodes sometimes

 

News/discussion

Matrix.org homeserver grinds to a halt after RAID meltdown

Mis-issued certificates for 1.1.1.1 DNS service pose a threat to the Internet

The number of mis-issued 1.1.1.1 certificates grows

Mythic Beasts will block Cloudflare IPs on shared hosting if abusive traffic gets through

Unfortunately, the ICEBlock app is activism theater

ICEBlock handled my vulnerability report in the worst possible way

 

Free consulting

We were asked about using S3 object storage outside of the cloud.

MinIO

 

 

 

 

McDonald’s IT systems seem to be riddled with 90s-style coding errors, we finally know where the fraudulent hard drives came from, when IT workers go rogue, and ZFS on root without using FreeBSD or Ubuntu.

 

Plug

Support us on patreon and get an ad-free RSS feed with early episodes sometimes

 

News/discussion

How I Hacked McDonald’s

Seagate Uncovers Global Scheme That Sold 1 Million Used Drives as New

# smartctl -l farm /dev/sdx

Developer gets 4 years for activating network “kill switch” to avenge his firing 

Woman gets 8 years for aiding North Koreans infiltrate 300 US firms

 

Free consulting

We were asked about ZFS on root without using FreeBSD or Ubuntu.

Introduction to ZFSBootMenu

 

 

 

 

Google is planning to assert even more control over which Android apps can be installed, the US government takes a 10% stake in Intel, and minimum networking speeds in homes and offices.

 

Plugs

Support us on patreon and get an ad-free RSS feed with early episodes sometimes

ZFS Basecamp Launch: A Panel with the People Behind ZFS

 

News/discussion

A new layer of security for certified Android devices

US government takes 10 percent stake in Intel in exchange for money it was already on the hook for

 

Free consulting

We were asked about minimum networking speeds in homes and offices.

 

 

 

 

 

 

Why you can’t rely on a single cloud provider, Jim discovers AI that spreads itself like a worm, and configuring all-flash arrays.

 

Plugs

Support us on patreon and get an ad-free RSS feed with early episodes sometimes

FreeBSD Summer Roundup: Guide to Lock-In Free Infrastructure

 

News/discussion

AWS deleted my 10-year account and all data without warning

AWS Restored My Account: The Human Who Made the Difference

Jim’s AI nightmare

 

 

Free consulting

We were asked about configuring all-flash arrays.

 

 

 

 

AMD’s recent mobile-class processors impress us with their power to performance ratio, the UK government suggests a preposterous way to save water, setting up verified boot with snapshots, and the best way to configure ZFS to run VMs.

 

Plugs

Support us on patreon and get an ad-free RSS feed with early episodes sometimes

ZFS Summer Roundup: Smart Hardware Advice

 

News

AMD Ryzen AI Max+ 395 vs. Ryzen 9 9950X vs. Ryzen 9 9950X3D Linux Performance Review

UK Government says delete old emails to save water

UK government to invest over £2 billion in the UK’s AI ecosystem

 

Free consulting

We were asked about setting up verified boot with snapshots, and the best way to configure ZFS to run VMs.

 

 

 

 

 

The Web is a mess of tracking and AI scraping so do we need a new one, would it even be possible, or is this the wrong question? Plus setting up servers in a garage where dusty woodworking is happening.

 

Plug

Support us on patreon and get an ad-free RSS feed with early episodes sometimes

 

Free consulting

We were asked about setting up servers in a garage where dusty woodworking is happening.

 

 

 

 

 

Jim is concerned that although over-anthropomorphising LLMs is a mistake, we should be cautious about some of their human-like behaviour. Plus how to maintain old ZFS pools, and accessibility in the BSDs.

 

Plug

Support us on patreon and get an ad-free RSS feed with early episodes sometimes

 

Discussion

It’s a mistake to over anthropomorphize LLMs, but it’s equally a mistake to *under* anthropomorphize them

Grok will no longer call itself Hitler or base its opinions on Elon Musk’s, promises xAI

 

Free consulting

We were asked about how to maintain old ZFS pools, and accessibility in the BSDs.

 

 

 

 

 

Two recent outages were handled very differently but show the dangers of centralisation, Let’s Encrypt is introducing certificates for IP addresses, and the differences between backup and production systems.

 

Plug

Support us on patreon and get an ad-free RSS feed with early episodes sometimes

 

News/discussion

Microsoft’s 19-hour Outlook outage exposes fragility in cloud infrastructure

Cloudflare 1.1.1.1 incident on July 14, 2025

We’ve Issued Our First IP Address Certificate

 

Free consulting

We were asked about the differences between backup and production systems.

 

 

 

 

 

 

 

To celebrate the 256 milestone we devote the whole episode to explaining why we use ZFS. We explain about data safety, data retention, data portability, and ease of administration.

 

Plugs

Support us on patreon and get an ad-free RSS feed with early episodes sometimes

Klara ZFS Basecamp – Central Resource for Everything ZFS

Practical ZFS

 

 

 

 

 

 

Microsoft offers Windows 10 updates in return for your settings data, Denmark wants to protect against deepfakes using copyright, someone is wrong on the Internet about RAID, and getting a sysadmin job in your late 40s.

 

Plug

Support us on patreon and get an ad-free RSS feed with early episodes sometimes

 

News/discussion

Microsoft’s free updates for Windows 10 draw criticism

Denmark plans to thwart deepfakers by giving everyone copyright over their own features

Why I Stopped Using RAID on My Plex Media Server

 

Free consulting

We were asked about getting a sysadmin job in your late 40s.

 

 

 

 

 

A vulnerability in sudo brings up concerns about feature-creep, and makes us consider alternatives. Plus Broadcom starts auditing VMware customers, and how to decide which outbound ports to open on a large network’s firewall.

 

Plugs

Support us on patreon and get an ad-free RSS feed with early episodes sometimes

Disaster Recovery with ZFS: A Practical Guide

 

News/discussion

Vulnerability Advisory: Sudo chroot Elevation of Privilege

VMware perpetual license holder receives audit letter from Broadcom

 

Free consulting

We were asked about how to decide which outbound ports to open on a large network’s firewall.

 

 

 

 

Jim is concerned that we might not see another next-gen filesystem that can compete with ZFS, no matter how much we all want one. Plus whether you should switch to third-party firmware on your router.

 

Plugs

Support us on patreon and get an ad-free RSS feed with early episodes sometimes

ZFS Performance Tuning – Optimizing for your Workload

 

Discussion

Bcachefs Lands More Improvements For Linux 6.16 After Data Loss Bug Hit v6.15

I’m starting to wonder if modern next-gen filesystems are approaching an inherent limit of human ability to mentally model and manage complexity

 

Free consulting

We were asked whether you should switch to third-party firmware on your router.

 

 

 

 

Nintendo cuts off Switches that dare to play backed up games, more Microsoft AI exploits, why you shouldn’t regularly spin down hard drives, and securing applications on a home server.

 

Plugs

Support us on patreon and get an ad-free RSS feed with early episodes sometimes

Reliable ZFS Storage on Commodity Hardware – A Cost-Efficient, Data-Sure Storage Solution

Klara co-hosted a webinar with TrueNAS about ZFS Fast Dedup

 

News

Switch 2 users report online console bans after running personal game “backups”

Intellectual Property & Piracy FAQ | Nintendo Support

archived version

Breaking down ‘EchoLeak’, the First Zero-Click AI Vulnerability Enabling Data Exfiltration from Microsoft 365 Copilot

I learned the hard way to never spin down your NAS hard drives

 

Free consulting

We were asked about securing applications on a home server.

 

 

 

 

SharePoint is exploitable by Microsoft’s AI, NIST proposes a new metric for exploited vulnerabilities, SBCs that look cool for a mini NAS and a router,  and setting up a first NAS with 4 disks.

 

Plugs

Support us on patreon and get an ad-free RSS feed with early episodes sometimes

The Maintainer’s Dilemma: Strategies for Supporting Legacy Drivers Across Decades of Hardware Evolution

 

News/discussion

Exploiting Copilot AI for SharePoint

NIST proposes new metric to gauge exploited vulnerabilities

ODROID-H4 PLUS

ODROID-H4 ULTRA

H4 Mini-ITX Kit

Banana Pi BPI-R4 Pro is a versatile router board with WiFi 7, 10 Gb and 2.5 Gb LAN, and multiple M.2 connectors

 

Free consulting

We were asked about setting up a first NAS with 4 disks.

 

 

 

 

Google bypasses the usual channels to distrust two certificate authorities, Meta’s new escalation in the privacy arms race, Allan gives us the inside details of a new mixed-disk-size ZFS RAID feature, and moving from UniFi gear to TP-Link.

 

Plugs

Support us on patreon and get an ad-free RSS feed with early episodes sometimes

The Overlooked Complexity of Firmware Security in the IoT Era

 

News/discussion

Google Chrome to Distrust Two Certificate Authorities Over Compliance and Conduct Issues

Meta pauses mobile port tracking tech on Android after researchers cry foul

Introducing ZFS AnyRaid, Sponsored by Eshtek

 

Free consulting

We were asked about moving from UniFi gear to TP-Link.

 

 

 

 

Locating people with just a phone call, Google forces a change to Let’s Encrypt certificates, yet another example of a “lifetime” subscription being cut short, connecting drives to a small form factor machine, and managing ssh keys with LDAP.

 

Plugs

Support us on patreon and get an ad-free RSS feed with early episodes sometimes

What We’ve Learned Supporting FreeBSD in Production (So You Don’t Have To)

 

News

O2 VoLTE: locating any customer with a phone call

Ending TLS Client Authentication Certificate Support in 2026 – Let’s Encrypt

VPN firm says it didn’t know customers had lifetime subscriptions, cancels them

 

Free consulting

We were asked about connecting drives to a small form factor machine, and managing ssh keys with LDAP.

SAS Expanders, Build Your Own JBOD DAS Enclosure and Save – Iteration 1

 

 

 

 

TrueNAS drops FreeBSD but there’s a community fork, the elusive ZFS send bug that affected encrypted datasets is finally identified and fixed, why the Raspberry Pi doesn’t make a great NAS, and when to use the zpool checkpoint feature.

 

Plugs

Support us on patreon and get an ad-free RSS feed with early episodes sometimes

Maintaining FreeBSD in a Commercial Product – Why Upstream Contributions Matter

 

News/discussion

TrueNAS 25.04 drops FreeBSD: “Fangtooth” only with GNU/Linux base

FreeBSD fans rally round zVault upstart

ZFS raw-send corruption bug fixed

5 things I regret about using my Raspberry Pi as a NAS

 

Free consulting

We were asked about the zpool checkpoint feature.

 

 

 

 

 

The basic computer science problems that still remain unsolvable, why you shouldn’t trust AI to tune ZFS (or answer any admin questions), and setting up a check-in system for a group of friends.

 

Plug

Support us on patreon and get an ad-free RSS feed with some early episodes

 

Discussion

Why You Can’t Trust AI to Tune ZFS

 

Free consulting

We were asked about setting up a check-in system for a group of friends.

 

 

 

 

 

Old passwords work for Windows RDP, Broadcom shows why perpetual software licenses aren’t really forever, Windows Server is getting hotpatching, and preventing changes to archived files.

 

Plugs

Support us on patreon and get an ad-free RSS feed with some early episodes

Owning the Stack: Infrastructure Independence with FreeBSD and ZFS

 

News/discussion

Windows RDP lets you log in using revoked passwords. Microsoft is OK with that

Broadcom sends cease-and-desist letters to subscription-less VMware users

Microsoft pitches pay-to-patch reboot reduction subscription for Windows Server 2025

 

Free consulting

We were asked about preventing changes to archived files.

 

 

 

 

 

Crosswalks were comically vulnerable to being hacked, even Google struggles with tiered SSD and HDD storage, some insight into how AI scrapers are using domestic IPs, and creating a ZFS mirror one disk at a time.

 

Plugs

Support us on patreon and get an ad-free RSS feed with early episodes sometimes

Inside FreeBSD Netgraph: Behind the Curtain of Advanced Networking

 

News/discussion

Hacking US crosswalks to talk like Zuck is as easy as 1234

Even Google struggles to balance fast-but-pricey flash and cheap-but-slow hard disks

How Colossus optimizes data placement for performance

The web is broken, IMHO

 

Free consulting

We were asked about creating a ZFS mirror one disk at a time.

 

 

 

 

 

Some Synology NAS products will require drives they sold you, doubt is cast on the CVE program, why some FreeBSD packages didn’t appear when they should have, and backing up the keys for encrypted backups.

 

Plugs

Support us on patreon and get an ad-free RSS feed with early episodes sometimes

Robust & Reliable Backup Solutions with OpenZFS

 

News

Synology confirms that higher-end NAS products will require its branded drives

CVE program gets last-minute funding from CISA – and maybe a new home

CVE fallout: The splintering of the standard vulnerability tracking system has begun

 

Free consulting

We were asked about backing up the keys for encrypted backups.

 

 

 

 

 

IPv4 addresses are worth an awful lot of money, the serious dangers of a seemingly sensible deepfake law, Microsoft is 50 years old, and our thoughts on antivirus on Linux and Windows.

 

Plugs

Support us on patreon and get an ad-free RSS feed with early episodes sometimes

Accurate and Effective Storage Benchmarking

 

News

Your IPv4 stash can now be collateral for $100M loans

Congress close to passing deepfake law—Trump said he wants to use it himself

Microsoft is now 50 years old

 

Free consulting

We were asked about antivirus on Linux and Windows.

 

 

 

 

 

Jim’s server is getting hammered by AI scrapers and he’s big mad about it, why RCS doesn’t work on Android without Google apps, a complex Google account issue, and how Jim and Allan handle their WireGuard configs.

 

Plugs

Support us on patreon and get an ad-free RSS feed with early episodes sometimes

Network Offload and Socket Splicing (SO_SPLICE) in FreeBSD

 

News

Jim hit by AI scrapers

Open source devs say AI crawlers dominate traffic, forcing blocks on entire countries

AI bots strain Wikimedia as bandwidth surges 50%

80% of Web Traffic Is Bots — The Hidden Cost of AI Scraping

Threat Spotlight: The good, the bad, and the ‘gray bots’ – the Gen AI scraper bots targeting your web apps

An AI Scraping Tool Is Overwhelming Websites With Traffic

 

Free consulting

We were asked about RCS on AOSP, a complex Google account issue, and how Jim and Allan handle their WireGuard configs.

wg-admin

 

 

 

 

 

 

Whether tech debt is inevitable and where the blame lies, how to properly organise ZFS datasets, and selectively managing updates.

 

Plugs

Support us on patreon and get an ad-free RSS feed with early episodes sometimes

ZFS Orchestration Tools – Part 2: Replication

 

 

 

 

 

 

 

 

SysCloud

Over 2,000 IT admins already trust SysCloud to protect their SaaS data. Head to SysCloud.com for a 30-day free trial—and for a limited time, use code 25ADMINS to get 50% off your first purchase.

 

 

 

 

 

 

 

The key differences between throughput and latency – and when they matter, the tech that we’d keep if we stopped working in IT, and avoiding bitrot with rsync backups.

 

Plugs

Support us on patreon and get an ad-free RSS feed with early episodes sometimes

Core Infrastructure: Why You Need to Control Your NTP

 

 

Free consulting

We were asked about avoiding bitrot with rsync backups.

Parchive

 

 

 

 

 

 

 

SysCloud

Over 2,000 IT admins already trust SysCloud to protect their SaaS data. Head to SysCloud.com for a 30-day free trial—and for a limited time, use code 25ADMINS to get 50% off your first purchase.

 

 

 

 

 

 

 

RISC-V is on the rise in China, why Power CPUs aren’t as promising, the dystopian nightmare of surveillance tech at work, and  decrypting ZFS at boot.

 

Plugs

Support us on patreon and get an ad-free RSS feed with early episodes sometimes

Understanding ZFS in the Real World: Mistakes Made, Lessons Learned & Future Plans

 

News/discussion

Alibaba launches server-grade RISC-V CPU design

Raptor Computing Systems

Y Combinator deletes posts after a startup’s demo goes viral

Your Boss Wants You Back in the Office. This Surveillance Tech Could Be Waiting for You

 

 

Free consulting

We were asked about automatically decrypting ZFS at boot.

 

 

 

 

 

 

SysCloud

Over 2,000 IT admins already trust SysCloud to protect their SaaS data. Head to SysCloud.com for a 30-day free trial—and for a limited time, use code 25ADMINS to get 50% off your first purchase.

 

 

 

 

 

 

 

 

Ten-year-old Chromecasts stop working, movie DVDs start rotting, Skype is finally dying, using ZFS on VM guests and hosts.

 

Plugs

Support us on patreon and get an ad-free RSS feed with early episodes sometimes

ZFS Space Accounting Explained

 

News

Google apologizes for Chromecast outage in email to users

“They curdle like milk”: WB DVDs from 2006–2008 are rotting away in their cases

Microsoft is shutting down Skype in favor of Teams

 

 

Free consulting

We were asked about using ZFS on VM guests and hosts.

 

 

 

 

 

 

 

HP was forcing people to wait on hold for 15 minutes to get support, the DOGE site was embarrassingly insecure, setting up encrypted offsite backups, and mixing SATA and NVMe in a server.

 

Plugs

Support us on patreon and get an ad-free RSS feed with early episodes sometimes

Why FreeBSD is the Right Choice for Embedded Devices

 

News/discusison

HP ditches 15-minute wait time policy due to ‘feedback’

Anyone Can Push Updates to the DOGE.gov Website (archive.is)

 

Free consulting

We were asked about mixing SATA and NVMe in a server.

 

 

 

 

Factor

Eat smart with Factor. Get started at factormeals.com/factorpodcast and use code FACTORPODCAST to get 50% off your first box plus free shipping.

 

 

SysCloud

Over 2,000 IT admins already trust SysCloud to protect their SaaS data. Head to SysCloud.com for a 30-day free trial—and for a limited time, use code 25ADMINS to get 50% off your first purchase.

 

 

 

 

 

 

 

Arm is going to make its own server chips, WordPress is selling “100 year” domain registrations, geo-redundancy for VPSs, and backing up Windows to Backblaze B2.

 

Plugs

Support us on patreon and get an ad-free RSS feed with early episodes sometimes

Isolating Containers with ZFS and Linux Namespaces

 

News

Arm to launch its own chip in move that could upend semiconductor industry

The WordPress.com 100-Year Domain

 

Free Consulting

We were asked about geo-redundancy for VPSs, and backing up Windows to Backblaze B2.

 

Hybrid Cloud Show – Episode 24

gdnsd

DNSMadeEasy – Failover Service [Allan’s Affiliate Link]

Kopia

snapshot verify | Kopia

RAID is NOT a Backup and Other Hard Truths About Disaster Recovery

 

 

 

 

 

 

SysCloud

Over 2,000 IT admins already trust SysCloud to protect their SaaS data. Head to SysCloud.com for a 30-day free trial—and for a limited time, use code 25ADMINS to get 50% off your first purchase.

 

 

 

 

 

 

 

Google found a way to run unofficial microcode on AMD CPUs, whether software should get a CVE when it goes end of life, LLMs changing Redditors’ minds and self-replicating, and managing SSH keys at scale.

 

Plugs

Support us on patreon and get an ad-free RSS feed with early episodes sometimes

ZFS Orchestration Tools – Part 1: Snapshots

 

News/discussion

How to make any AMD Zen CPU always generate 4 from RDRAND

CVEs for End of Life?

OpenAI says its models are more persuasive than 82 percent of Reddit users

AI can now replicate itself — a milestone that has experts terrified

 

Free Consulting

We were asked about managing SSH keys at scale.

 

 

 

 

 

 

Used Seagate drives are being sold as “new”, another reminder not to hack Windows 11 onto unsupported hardware, about using ZFS on VPS block storage, picking hardware to run VMs, and delegating datasets to containers.

 

Plugs

Support us on patreon and get an ad-free RSS feed with early episodes sometimes

Controlling Your Core Infrastructure: DNS

 

News

Fraud with Seagate hard disks: Dealers swap, Seagate investigates

Fraud with Seagate hard disks: Dozens of readers report suspected cases

openSeaChest

Windows 11 on devices that don’t meet minimum system requirements

 

Free Consulting

We were asked about using ZFS on VPS block storage, picking hardware to run VMs, and delegating datasets to containers.

Klara: Isolating Containers with ZFS and Linux Namespaces

 

 

 

 

SysCloud

Over 2,000 IT admins already trust SysCloud to protect their SaaS data. Head to SysCloud.com for a 30-day free trial—and for a limited time, use code 25ADMINS to get 50% off your first purchase.

 

 

 

 

 

 

 

We appreciate the elegance of subnets as well as the power of custom benchmarking, Xboxes will support large amounts of external storage, why it’s not looking great for bcachefs, malware and remote desktops, and our thoughts on Fortigate network gear.

 

Plugs

Support us on patreon and get an ad-free RSS feed with early episodes sometimes

Key Considerations for Benchmarking Network Storage Performance

 

News/discussion

Xbox beta tests support for massive amounts of external storage

Migrating away from bcachefs

 

Free Consulting

We were asked about malware and remote desktops, and our thoughts on Fortigate network gear.

 

 

 

 

 

SysCloud

Over 2,000 IT admins already trust SysCloud to protect their SaaS data. Head to SysCloud.com for a 30-day free trial—and for a limited time, use code 25ADMINS to get 50% off your first purchase.

 

Factor

Eat smart with Factor. Get started at factormeals.com/25a50off and use code 25a50off to get 50% off your first box plus
free shipping.

 

 

 

 

 

 

An embarrassing typo suggests that MasterCard’s monitoring isn’t as good as it should be, tricky offsite backups, why two-factor authentication over SMS is a bad idea, and keeping two Mac laptops in sync.

 

Plugs

Support us on patreon and get an ad-free RSS feed with early episodes sometimes

Klara Webinar, Feb 13th: RAID is NOT a Backup and Other Hard Truths About Disaster Recovery

 

News

MasterCard DNS Error Went Unnoticed for Years

 

Free Consulting

We were asked about tricky offsite backups, why Two-factor authentication over SMS is a bad idea, and keeping two Mac laptops in sync.

 

 

 

 

 

ServerMania

Get 15% Off dedicated servers – recurring for Life at servermania.com/25a with code 25ADMINS

 

Automox

Check out the brand new Autonomous IT podcast. Listen in as a variety of experts in the IT Operations space discuss the latest Patch Tuesday releases, mitigation tips, and custom automations to help with CVE remediations. Listen now on Spotify, Apple, or wherever you get your podcasts.

 

 

 

 

 

Microsoft didn’t control an important domain that it was using and end up red-faced, the dangers of using free VPN apps, a proof of concept exploit is out for last year’s SSH vulnerability, USB is getting slightly less confusing labels, and swapping the motherboard in a TrueNAS SCALE system.

 

News

Edgio bankruptcy results in endpoint change for Microsoft

VPN used for VR game cheat sells access to your home network

PoC Exploit Released For OpenSSH Arbitrary Code Execution Vulnerability

An updated USB logo will now mark the fastest docking stations

 

Free Consulting

We were asked about swapping the motherboard in a TrueNAS SCALE system.

 

 

 

 

 

Entroware

This episode is sponsored by Entroware. They are a UK-based company who sells computers with Ubuntu and Ubuntu MATE preinstalled. They have configurable laptops, desktops and servers to suit a wide range of Linux users. Check them out and don’t forget to mention us at checkout if you buy one of their great machines.

 

 

 

 

 

A new version of ZFS is out and we go over the great new features. Plus recovering data after accidentally writing part of an ISO onto a USB drive, how to deal with abuse of your domain, and replacing all the drives in a ZFS pool while keeping the birth date.

 

Plugs

Support us on patreon and get an ad-free RSS feed with early episodes sometimes

Managing and Tracking Storage Performance

 

News

Zfs-2.3.0

Introducing OpenZFS Fast Dedup

 

Free Consulting

We were asked about recovering data after accidentally writing part of an ISO onto a USB drive, how to deal with abuse of your domain, and replacing all the drives in a ZFS pool while keeping the birth date.

 

 

 

 

 

ServerMania

Get 15% Off dedicated servers – recurring for Life at servermania.com/25a with code 25ADMINS

 

 

 

 

Jim and Allan explain the benefits of a lithium iron phosphate “UPS”, whether it’s possible to delete every single copy of a file, and using Bluetooth in a Windows 11 VM.

 

Plug

Support us on patreon and get an ad-free RSS feed with early episodes sometimes

 

Discussion

Anker SOLIX C300

Anker SOLIX F3800

 

Free Consulting

We were asked about using Bluetooth in a Windows 11 VM.

 

 

 

Windows ssh is sending more telemetry than you might think, Let’s Encrypt will offer 6 days certificates, a PSA about domains that don’t send emails, and performance issues in a Synology NAS.

 

Plugs

Support us on patreon and get an ad-free RSS feed with early episodes sometimes

Winter 2024 Roundup: Storage and Network Diagnostics

 

News/discussion

ssh on Windows sends telemetry

sshTelemetry.c

Let’s Encrypt to offer 6 day certs

Important reminder, if you own a domain name and don’t use it for sending email

 

Free Consulting

We were asked about performance issues in a Synology NAS.

 

 

 

 

 

ServerMania

Get 15% Off dedicated servers – recurring for Life at servermania.com/25a with code 25ADMINS

 

 

 

 

Chinese researchers are making progress with quantum computing but they haven’t broken modern RSA or AES encryption, Russian attackers compromised a business via a nearby building’s WiFi, a startup runs out of money and bricks a robot for kids, and hardening Linux systems.

 

Plugs

Support us on patreon and get an ad-free RSS feed with early episodes sometimes

ZFS Storage Fault Management on Linux

 

News/discussion

No, Chinese quantum computers haven’t hacked military-grade encryption

The Nearest Neighbor Attack: How A Russian APT Weaponized Nearby Wi-Fi Networks for Covert Access

Startup will brick $800 emotional support robot for kids without refunds

The confusing reality of AI friends

 

Free consulting

We were asked about hardening Linux systems.

 

 

 

 

 

 

ServerMania

Get 15% Off dedicated servers – recurring for Life at servermania.com/25a with code 25ADMINS

 

1Password

Extended Access Management: Secure every sign-in for every app on every device. Support the show and check it out at 1password.com/25a

 

 

 

The US government tells people to use encrypted messaging, mandated MFA in healthcare raises a scary geopolitical question, QNAP bungles a firmware update, and securing access to self hosted applications with mTLS.

 

Plugs

Support us on patreon and get an ad-free RSS feed with early episodes sometimes

Deploying pNFS file sharing with FreeBSD

 

News/discussion

FBI Warns iPhone And Android Users—Stop Sending Texts

US senators propose mandated MFA, encryption in healthcare

QNAP firmware update leaves NAS owners locked out of their boxes

 

Free consulting

We were asked about securing access to self hosted applications with mTLS.

 

 

 

 

 

 

Automox

Check out the brand new Autonomous IT podcast. Listen in as a variety of experts in the IT Operations space discuss the latest Patch Tuesday releases, mitigation tips, and custom automations to help with CVE remediations. Listen now on Spotify, Apple, or wherever you get your podcasts.

 

1Password

Extended Access Management: Secure every sign-in for every app on every device. Support the show and check it out at 1password.com/25a

 

 

 

 

Intel’s CEO departs but replacing him won’t magically solve its serious problems, Zipcar wasn’t prepared for an outage and handled it really badly, moving to an email provider that supports DMARC, and picking a NAS distribution.

 

Plugs

Support us on patreon and get an ad-free RSS feed with early episodes sometimes

ZFS Ask Me Anything – December 12th

Applying the ARC Algorithm to the ARC

 

News

Intel CEO takes his leave as ambition meets reality

What happened to Intel?

Zipcar Outage Strands Customers in Random Places

 

Free consulting

We were asked about moving to an email provider that supports DMARC, and picking a NAS distribution.

 

 

 

 

 

 

ServerMania

Get 15% Off dedicated servers – recurring for Life at servermania.com/25a with code 25ADMINS

 

 

 

 

 

Equinix is shutting down its bare metal service, D-Link advises people to dump old vulnerable routers, Google makes changes to how it ranks some affiliate-driven “reviews”, and data caps seem to be sticking around. Plus mixing different brands and types of disks, using other partitions on a ZFS drive, and scaling a fleet of FreeBSD hosts with jails.

 

Plug

Support us on patreon and get an ad-free RSS feed with early episodes sometimes

Introducing OpenZFS Fast Dedup

 

News/discussion

Equinix to shutter bare metal IaaS service in 2026

D-Link says replace vulnerable routers or risk pwnage

Google cracks down on “Parasite SEO,” punishing established publishers

Cable companies and Trump’s FCC chair agree: Data caps are good for you

 

Free consulting

We were asked about mixing different brands and types of disks, using other partitions on a ZFS drive, and scaling a fleet of FreeBSD hosts with jails.

 

nomad-pot-driver

Cluster provisioning with Nomad and Pot on FreeBSD

 

 

 

 

 

 

 

 

ServerMania

Find this year’s Black Friday & Cyber Week deals at servermania.com/blackfriday

 

1Password

Extended Access Management: Secure every sign-in for every app on every device. Support the show and check it out at 1password.com/25a

 

 

 

 

 

Windows server unexpectedly upgrades major versions, Microsoft reinvents the idea of a thin client, restricting a friend’s access to just their backups, and the importance of warranties when buying hardware.

 

Plugs

Support us on patreon and get an ad-free RSS feed with early episodes sometimes

DKMS vs kmod: The Essential Guide for ZFS on Linux

 

News

Windows Server 2025 takes admins by surprise

No word from Microsoft on shock Windows Server 2025 installs

Windows Server 2025 known issues and notifications

Windows 11 update bug falsely warns of end of support, confusing users

Windows 365 Link—the first Cloud PC device

 

Free consulting

We were asked about restricting a friend’s access to just their backups, and the importance of warranties when buying hardware.

2.5 Admins 218: TLS TTL

 

 

 

 

 

 

 

 

Jim and Allan discover modern charging tech and marvel at what’s possible in the USB-C era, more on IPv6 firewalls, using ZFS like Git, and running your own authoritative DNS server.

 

 

 

 

 

Automox

Check out the brand new Autonomous IT podcast. Listen in as a variety of experts in the IT Operations space discuss the latest Patch Tuesday releases, mitigation tips, and custom automations to help with CVE remediations. Listen now on Spotify, Apple, or wherever you get your podcasts.

 

 

1Password

Extended Access Management: Secure every sign-in for every app on every device. Support the show and check it out at 1password.com/25a

 

 

 

 

How using a copy-on-write filesystem like ZFS can get systems back online within seconds after ransomeware encrypts all your data, and even warn you more quickly that it’s happening. Plus Jim and Allan’s advice on getting a job as a sysadmin.

 

Plug

Support us on patreon and get an ad-free RSS feed with early episodes sometimes

Klara: 5 Reasons Why Your ZFS Storage Benchmarks Are Wrong

 

Free consulting

We were asked about getting a job as a sysadmin.

 

 

 

 

 

 

 

 

It’s Halloween so Jim and Allan share horrific and spooky stories from their sysadmin careers. Plus picking a UPS for a homelab.

 

Plugs

Support us on patreon and get an ad-free RSS feed with early episodes sometimes

Klara: NAS: Maintenance Best Practices

 

 

 

 

 

 

 

 

SSL certificates are likely going to last less time, the latest Windows 11 update leaves a huge chunk of data behind and doesn’t play nicely with some SSDs, picking a modern dhcp server on a homebrew router, and storing encrypted backups on a friend’s NAS with ZFS.

 

Plugs

Support us on patreon and get an ad-free RSS feed with early episodes sometimes

Klara Halloween Webinar: ZFS Horror Stories. Oct 31st 13:00 EDT, 17:00 UTC

 

News

Sysadmins slam Apple’s SSL/TLS cert lifespan cuts

Windows 11 24H2 hoards 8.63 GB of junk you can’t delete

As Microsoft rolls out its Windows 11 24H2 update, owners of certain Western Digital SSDs have been greeted with constant Blue Screens of Death

WD releases new firmware to fix Windows 11 24H2 blue screens of death on some SSD

Not just Western Digital – Windows 24H2 BSODs Asus kit

 

Free consulting

We were asked about picking a modern dhcp server on a homebrew router, and storing encrypted backups on a friend’s NAS with ZFS.

The Ars guide to building a Linux router from scratch

Linux Router Part 1: Routing, NAT, and NFTables

 

 

 

 

 

 

 

 

 

The difference between monitoring and metrics analysis, the security pros and cons of cloud vs on-prem, why Jim and Allan don’t use Unraid, and cloud storage and email for a small company.

 

Feedback

Netdata

Nagios

ZFS and Unraid

 

Free consulting

We were asked about cloud storage and email for a small company.

 

 

 

 

 

Automox

Check out the brand new Autonomous IT podcast. Listen in as a variety of experts in the IT Operations space discuss the latest Patch Tuesday releases, mitigation tips, and custom automations to help with CVE remediations. Listen now on Spotify, Apple, or wherever you get your podcasts.

 

 

1Password

Extended Access Management: Secure every sign-in for every app on every device. Support the show and check it out at 1password.com/25a

 

 

 

 

NIST has finally proposed some sensible password standards, why server CPUs with high core counts make sense in a lot of deployments, the .io TLD is probably sticking around, and the best options for a Linux-based router.

 

Plugs

Support us on patreon and get an ad-free RSS feed with early episodes sometimes

Klara Halloween Webinar: ZFS Horror Stories. Oct 31st 13:00 EDT, 17:00 UTC

ZBM 101: Introduction to ZFSBootMenu

 

News

NIST proposes barring some of the most nonsensical password rules

You’re right not to rush into running AMD, Intel’s new manycore monster CPUs

The Disappearance of an Internet Domain

 

Free consulting

We were asked about setting up a Linux-based router.

OpenWrt on TP-Link devices

 

 

 

 

 

 

 

Why cold storage is never as good as keeping your data warm and regularly tested, how the American air traffic control system became so outdated, and isolating your devices from a roommate’s shenanigans.

 

Plug

Support us on patreon and get an ad-free RSS feed with early episodes sometimes

 

News/discussion

Music industry’s 1990s hard drives, like all HDDs, are dying 

FAA air traffic control modernization efforts are a mess

 

Free consulting

We were asked about isolating your devices from a roommate’s shenanigans.

 

 

 

 

 

1Password

Extended Access Management: Secure every sign-in for every app on every device. Support the show and check it out at 1password.com/25a

 

 

 

 

A proposed solution to the WHOIS TLS verification problem gets a surprising amount of pushback. Plus isolating IoT devices, our thoughts on Ubiquiti gear, setting up WiFi in a new house, remote access with WireGuard, and our mini PC recommendations.

 

Plug

Support us on patreon and get an ad-free RSS feed with early episodes sometimes

 

News

Google calls for halting use of WHOIS for TLS domain verifications

 

Free consulting

We were asked about isolating IoT devices, our thoughts on Ubiquiti gear, setting up WiFi in a new house, remote access with WireGuard, and our mini PC recommendations.

 

 

 

 

 

1Password

Extended Access Management: Secure every sign-in for every app on every device. Support the show and check it out at 1password.com/25a

 

 

 

 

The Malaysian government’s misguided plan to control its citizens’ DNS, the wrong way to deploy underwater servers, a philosophical question about how long a person’s photos will exist, and how we manage our SSH keys.

 

Plug

Support us on patreon and get an ad-free RSS feed with early episodes sometimes

 

News/discussion

Malaysia’s plan to block overseas DNS dies after a day 

Proposed underwater data center surprises regulators who hadn’t heard about it

 

Free consulting

We were asked about how we manage our SSH keys.

 

 

 

 

 

1Password

Extended Access Management: Secure every sign-in for every app on every device. Support the show and check it out at 1password.com/25a

 

Automox

Check out the brand new Autonomous IT podcast. Listen in as a variety of experts in the IT Operations space discuss the latest Patch Tuesday releases, mitigation tips, and custom automations to help with CVE remediations. Listen now on Spotify, Apple, or wherever you get your podcasts.

 

 

 

A surprising way to exploit the WHOIS system, Microsoft will force old versions of Windows 11 to update, and the simple way to set up TP-Link Omada gear.

 

Plug

Support us on patreon and get an ad-free RSS feed with early episodes sometimes

 

News

Rogue WHOIS server gives researcher superpowers no one should ever have

Windows 11 users still living in the past face forced update, like it or not

 

Free consulting

We were asked about setting up TP-Link Omada gear.

 

 

 

 

 

 

 

Another example of the downsides of abstraction, whether AI can ever be truly “open source”, and the security benefits and drawbacks of different types of VPN.

 

Plug

Support us on patreon and get an ad-free RSS feed with early episodes sometimes

 

News/discussion

Hackers infect ISPs with malware that steals customers’ credentials

Debate over “open source AI” term brings new push to formalize definition

 

Free consulting

We were asked about whether VPNs are a security measure.

 

 

 

 

 

 

 

AMD will patch some old Ryzens against SinkClose now, but their benchmarking methods for newer CPUs didn’t live up to everyday reality. Plus Bcachefs devs annoy Linus Torvalds, the US government sues a college over compliance issues, and Jim disappoints a patron.

 

Plug

Support us on patreon and get an ad-free RSS feed with early episodes sometimes

 

News

AMD’s Ryzen 3000 CPUs to get SinkClose patch after all

AMD explains, promises partial fixes for Ryzen 9000 performance problems

Linus Torvalds Begins Expressing Regrets Merging Bcachefs

After cybersecurity lab wouldn’t use AV software, US accuses Georgia Tech of fraud

 

Free consulting

We were asked about monitoring your network for new device connections.

 

 

 

 

 

 

 

 

 

Insecure SSH implementations and a weak key that let a researcher control 200 MW of electrical capacity reignites the debate about versioned protocols vs pluggable protocols, follow-up on sharing files from your LAN with people on the Internet, and the pros and cons of encrypted backups.

 

Plug

Support us on patreon and get an ad-free RSS feed with early episodes sometimes

 

News/discussion

Researchers find insecure SSH implementations everywhere

512-bit RSA key in home energy system gives control of “virtual power plant”

 

Feedback

Syncthing

Resilio

Send

OnionShare

Warp

Immich

 

Free consulting

We were asked about the pros and cons of encrypted backups.

 

 

 

 

 

 

1Password

Extended Access Management: Secure every sign-in for every app on every device. Support the show and check it out at 1password.com/25a

 

 

 

 

Forcing Windows to undo updates and a separate IPv6 vulnerability, hardware bugs in AMD and Intel CPUs, and using Samba on Linux with Active Directory.

 

Plug

Support us on patreon and get an ad-free RSS feed with early episodes sometimes

 

News

Your victim’s Windows PC fully patched? Just force undo its updates and exploit away

CVE-2024-38063 – Security Update Guide – Microsoft – Windows TCP/IP Remote Code Execution Vulnerability

Almost unfixable “Sinkclose” bug affects hundreds of millions of AMD chips

SMM LOCK BYPASS

Intel’s crashing 13th and 14th Gen Raptor Lake CPUs: all the news and updates

 

Free Consulting

We were asked about using Samba on Linux with Active Directory.

 

map acl inherit = yes
acl_xattr:ignore system acls = yes
acl_xattr:default acl style = windows

Setting up a Share Using Windows ACLs

 

 

 

 

 

 

Automox

Check out the brand new Autonomous IT podcast. Listen in as a variety of experts in the IT Operations space discuss the latest Patch Tuesday releases, mitigation tips, and custom automations to help with CVE remediations. Listen now on Spotify, Apple, or wherever you get your podcasts.

 

 

 

 

 

Secure boot is compromised on hundreds of devices, Amazon’s desperate attempt to make money from Alexa, and how to decide which open source software on GitHub to trust.

 

Plug

Support us on patreon and get an ad-free RSS feed with early episodes sometimes

 

News/discussion

Secure Boot is completely broken on 200+ models from 5 big device makers

old and related

Amazon’s paid Alexa is coming to fill a $25 billion hole dug by Echo devices

Alexa had “no profit timeline,” cost Amazon $25 billion in 4 years

 

Free consulting

We were asked about how to decide which open source software on GitHub to trust.

 

 

 

 

 

1Password

Extended Access Management: Secure every sign-in for every app on every device. Support the show and check it out at 1password.com/25a

 

 

 

 

How and why the recent huge Windows outage was caused by a bad CrowdStrike update and how it could have been avoided, a hilariously dumb ESXi vulnerability, and using SAS drives with a PCIe card.

 

Plug

Support us on patreon and get an ad-free RSS feed with early episodes sometimes

 

News

A closer look at what caused the CrowdStrike Windows crashes

Ransomware gangs are loving this dumb but deadly ESXi flaw

Jake Williams on Twitter

 

Free Consulting

We were asked about using SAS drives with a PCIe card.

 

 

 

 

 

 

 

 

 

Linux kernel developers were infected with malware for 2 years, another nail in the coffin of proper federated email as Exchange Server moves to a subscription model, followup on zfsbootmenu and IPv6, and learning unfamiliar topics.

 

Plug

Support us on patreon and get an ad-free RSS feed with early episodes sometimes

 

News/discussion

Linux maintainers were infected for 2 years by SSH-dwelling backdoor with huge reach

Exchange Server SE to debut just before 2019 support ends

Newbie struggling with zfsbootmenu