August 28, 2019 MP3

﻿﻿﻿﻿

Download

In our Wanderings, Leo talks snapd and spicing up the terminal, Tony Hughes dives into EndeavourOS (Arch!) and Mint, Josh has been playing around with drones, Joe gets some help with Borderlands and eyes the Note 10, and Tony Watts installs Mint and changes carriers.

Then, in our news, OSDisc closes shop, Google Deserts Desserts, Red Hat issues patches, Scratch 3 is now available for the Pi, and more.

In our security update, we talk Webmin flaws.

WANDERINGS:

Leo Looking into the Nextcloud Snap again. Going to make it permanent… as permanent as a Snap can be. Had done this a few months back, so dusting off some old notes proved very useful, and I was happy I didn’t find any linkrot! Overall, very easy to get up and running. I even managed to store all of my data on a separate USB disk to make things extremely portable and easy to backup. Using Fira Mono fonts in the terminal now. Pop_OS has good suggestions every now and then. Used to pick up Admin Magazine at the newsstand. I found an issue from back in 2013 with a DVD of Debian 7. Nostalgia .

Tony H Playing with Endeavour even more, downloaded the updated iso that fixed a couple of bugs in the installer and I’m pleased to say it was a breeze to set up a triple boot with Windows and PCLinuxOS. Installing Linux Mint 19.2 XFCE onto a couple of donated PC base units which are destined to be passed on to a local homeless charity, I’m starting to enjoy the simplicity of the Xfce DE, it just works and keeps out of your way, while still having all the functionality you need and a low resource footprint. They would benefit greatly from an upgrade to an SSD but as they are to be given away this is not going to happen on my watch. Also put Mint 19.2 Mate onto a Dual core Packard Bell EasyNote from about 8/9 years ago as this is to be given to a friend this has been upgraded to 6Gb RAM and a 120Gb SSD, this will actually be replacing a slightly better spec Lenovo x201 but as this is a 15.7” is better for his eyesight. I joined the Big Daddy Linux Live show at 1am my time last Sunday, had a great time talking about EndeavourOS and other general geekiness.

Josh Been playing around with the Parrot Mambo Fly drone that after Les’ recommendation on the last show. It’s really simple to connect via bluetooth. There’s a python library which I added to EduBlocks which allows you to easily control the drone via blocks and Python. Been working on getting my magazine in print, even though we’re a digital magazine which is free to download, we want to offer a print version because it’s nice to have it in a physical format. We’ve found a really good printer company who are cheap but high quality. We’ll be offering these from next week on a pre order basis.

Joe A helpful listener Brian Rogers was able to assist me with getting Commander Lillith to work through proton Force the use of a specific Steam Play compatibility tool “Set Launch Options” -NoLauncher -nomoviestartup you need to rename Borderlands2.exe to Launcher.exe found here ~/.steam/Steam/steamapps/common/Borderlands 2/Binaries/Win32 Sadly even with the settings cranked it looks smoother on Windows. Probably something to do with using the windows version on linux. Replaced the battery in one of the keyboards for my dell venue 11 pro 7130 Not that difficult to do but then the battery turned out to be bad anyway Got my money back Had to sacrifice my t102HA to the Microsoft overlords My daughter needed a replacement for her old tablet due to damage. But at least 10 remembers your hardware and i don’t need to buy a copy. Interviewing people at work for a position on my team Trying to get an internal transfer. Attitude is more important than knowledge Seems like everyone lies on resume. Read JN Chaney renegade star as well as the Colin Mccool series by MD massey Both series are a set of shorter books that are easy to get through but still enjoyable Well done audiobooks although the quality on the copies of the renegade star books required that i could not go above 2x speed due to clipping Wanted to get the note 10 but didnt happen. Would have had to switch to a plan that costs double. And would have had to add line And would still be paying an extra 30 a month on top Along with dropping between 830 and 1000 dollars in store It would be cheaper to buy them both as opposed to the buy one get one Watched Wu assassin on netflix. Loved it Some small issues with the ending. Repaired a turtle beach ear force recon 50p Cable was completely destroyed so i did a full replacement https://www.ebay.com/itm/1-25m-Male-3-5mm-Jack-4-pole-Audio-Earphones-Cable-Wire-for-DIY-Replacement-NEW/401777964040?ssPageName=STRK%3AMEBIDX%3AIT&var=671576375851&_trksid=p2060353.m2749.l2649 That is the second pair of turtle beach headsets that i have found super easy to solder because of cable placement

Tony W Lots of music gigs this month. 8 acoustic gigs Echoes of Savages gig on the 21st was great Mint install on old Dell laptop (Vostro 1400) – runs great for a 12 year old laptop This machine won’t die Switched carrier (again) to Google Fi Only using about half the data – Fi seems to be doing some magic to lower data Don’t need the phone to get texts, send/receive calls (same as Google Voice) Call reception not always great OnePlus not really usable due to screen issues after repair – using Moto G6 from Fi ($4 a month thru Fi) Hacking on phones tread carefully. They are not all as easy as the oneplus, nexus



NEWS:

SECURITY:

http://www.webmin.com/exploit.html

A vulnerability was found in 1.890 that allows anyone to run commands as root.

This vulnerability exists in 1.900 and 1.920, but in a way that must be explicitly enabled by allowing changing of expired passwords.

The Webmin team found out this wasn’t an accident. In April 2018, the build server was compromised and the vulnerability added to the password_change.cgi script. The file was reverted in July 2018, but accessed and weaponized again by the attacker. In September 2018, the compromised build server was decommissioned and replaced, but the vulnerable script was unknowingly copied over. On August 17th of this year, a 0-day was released that took advantage of this vulnerability. Going forward, the Webmin team will be using only checked-in code from Github. They’ve also rotated all passwords and keys and are auditing all Github checkins. Upgrade to Webmin 1.930.

Security Extra: Steam Vulnerabilities in Windows https://threatpost.com/researcher-discloses-second-steam-zero-day-after-valve-bug-bounty-ban/147593/



WRAP-UP:

Before we leave, we want to make sure to acknowledge some of the people who make mintCast possible …