It's a storage showdown as Jim and Wes bust some performance myths about RAID and ZFS. Plus our favorite features from Fedora 32, and why Wes loves DNF. Links: What's new in Fedora 32 Workstation Fedora 32 ChangeSet Linux distro review: Fedora Workstation 32 TechSNAP 428: RAID Reality Check ZFS versus RAID: Eight Ironwolf disks, two filesystems, on…

Jim and Wes take the latest release of the Caddy web server for a spin, investigate Intel's Comet Lake desktop CPUs, and explore the fight over 5G between the US Military and the FCC. Links: Caddy offers TLS, HTTPS, and more in one dependency-free Go Web server Caddy 2 Caddy v2 Improvements [slightly out of date] Proposal: Permanently change all pr…

We dive deep into the world of RAID, and discuss how to choose the right topology to optimize performance and resilience. Plus Cloudflare steps up its campaign to secure BGP, and why you might want to trade in cron for systemd timers. Links: AMD Claims World’s Fastest Per-Core Performance with New EPYC Rome 7Fx2 CPUs AMD EPYC 7F52 Linux Performance…

Jim finally gets his hands on an AMD Ryzen 9 laptop, some great news about Wi-Fi 6e, and our take on FreeBSD on the desktop. Plus Intel's surprisingly overclockable laptop CPU, why you shouldn't freak out about 5G, and the incredible creativity of the Demoscene. Links: Asus ROG Zephyrus G14—Ryzen 7nm mobile is here, and it’s awesome Linux on Laptop…

We take a look at Cloudflare's impressive Linux disk encryption speed-ups, and explore how zoned storage tools like dm-zoned and zonefs might help mitigate the downsides of Shingled Magnetic Recording. Plus we celebrate WireGuard's inclusion in the Linux 5.6 kernel, and fight some exFAT FUD. Links: WireGuard VPN makes it to 1.0.0—and into the next …

We take a look at AMD's upcoming line of Ryzen 4000 mobile CPUs, and share our first impressions of Ubuntu 20.04's approach to ZFS on root. Plus Let's Encrypt's certificate validation mix-up, Intel's questionable new power supply design, and more. Links: Let's Encrypt changes course on certificate revocation Revoking certain certificates on March 4…

Cloudflare recently embarked on an epic quest to choose a CPU for its next-generation server build, so we explore the importance of requests per watt, the benefits of full memory encryption, and why AMD won. Plus Mozilla's rollout of DNS over HTTPS has begun, a big milestone for Let's Encrypt, and more. Links: Firefox continues push to bring DNS ov…

We explore the potential of heat-assisted magnetic recording and get excited about a possibly persistent L2ARC. Plus Jim's journeys with Clear Linux, and why Ubuntu 18.04.4 is a maintenance release worth talking about. Links: Ubuntu 18.04.4 LTS: here's what's new — It's not as shiny and exciting as entirely new versions, of course, but it does pack…

We take a look at a few exciting features coming to Linux kernel 5.6, including the first steps to multipath TCP. Plus the latest Intel speculative execution vulnerability, and Microsoft's troubled history with certificate renewal. Links: Oregon company makes top bid for Microsoft check - CNET Microsoft’s failures to renew: Teams, Hotmail, and Hotm…

We explore the latest round of Windows vulnerabilities and Jim shares his journey adding OPNsense to his firewall family. Plus a look back at Apollo-era audio that's still relevant today with the surprising story of the Quindar tones. Links: Critical Vulnerabilities in Microsoft Windows Operating Systems Win10 Crypto Vulnerability: Cheating in Elli…

Compiling the Linux kernel with Clang has never been easier, so we explore this alternative compiler and what it brings to the ecosystem. Plus Debian's continued init system debate, and our frustrations over 5G reporting. Links: 5G Underwhelms in Its First Big Test - WSJ How South Korea built 5G, and what it's learning - RCR Wireless News After sev…

From classifying cats to colorizing old photos we share our top tips and tools for starting your machine learning journey. Plus, learn why Nebula is our favorite new VPN technology, and how it can help simplify and secure your network. Links: Introducing Nebula, the open source global overlay network from Slack nebula: A scalable overlay networking…

As the rollout of 5G finally arrives, we take some time to explain the fundamentals of the next generation of wireless technology. Plus the surprising performance of eero's mesh Wi-Fi, some great news for WireGuard, and an update on the Librem 5. Links: T-Mobile launches 600MHz 5G across the US, but no one can use it yet Study confirms AT&T’s fake …

We explore the rapid adoption of machine learning, its impact on computer architecture, and how to avoid AI snake oil. Plus so-so SSD security, and a new wireless protocol that works best where the Wi-Fi sucks. Links: “Where the Wi-Fi sucks” is where a new wireless protocol does its magic Ubiquiti’s new “Amplifi Alien” is a mesh-capable Wi-Fi 6 rou…

Ubiquiti's troublesome new telemetry, Jim's take on the modern Microsoft, and why Project Silica just might be the future of long term storage. Links: Sure, we made your Wi-Fi routers phone home with telemetry, says Ubiquiti. What of it? — Ubiquiti Networks is fending off customer complaints after emitting a firmware update that caused its UniFi wi…

We share our simple approach to disk benchmarking and explain why you should always test your pain points. Plus the basics of solid state disks and how to evaluate which model is right for you. Links: History of hard disk drives — Wikipedia How to Buy the Right SSD: A Guide for 2019 — Tom's Hardware The Development and History of Solid State Drives…

We dive into Ubuntu 19.10's experimental ZFS installer and share our tips for making the most of ZFS on root. Plus why you may want to skip Nest Wifi, and our latest explorations of long range wireless protocols. Links: Decoding LoRa: Realizing a Modern LPWAN with SDR — LoRa is an emerging Low Power Wide Area Network (LPWAN), a type of wireless com…

We peer into the future with a quick look at quantum supremacy, debate the latest DNS over HTTPS drama, and jump through the hoops of HTTP/3. Plus when to use WARP, the secrets of Startpage, and the latest Ryzen release. Links: Why big ISPs aren’t happy about Google’s plans for encrypted DNS Chromium Blog: Experimenting with same-provider DNS-over-…

It's TechSNAP story time as we head out into the field with Jim and put Sure-Fi technology to the test. Plus an update on Wifi 6, an enlightening Chromebook bug, and some not-quite-quantum key distribution. Links: RF Chirp tech: Long distance, incredible penetration, low bandwidth | Ars Technica — Recently, I took the company's technology for a spi…

We take a look at a few recent zero-day vulnerabilities for iOS and Android and find targeted attacks, bad assumptions, and changing markets. Plus what to expect from USB4 and an upcoming Linux scheduler speed-up for AMD's Epyc CPUs. Links: Google says hackers have put ‘monitoring implants’ in iPhones for years | Technology | The Guardian — Their l…

It's CPU release season and we get excited about AMD's new line of server chips. Plus our take on AMD's approach to memory encryption, and our struggle to make sense of Intel's Comet Lake line. Also, a few Windows worms you should know about, the end of the road for EV certs, and an embarrassing new Bluetooth attack. Links: A detailed look at AMD’s…

We examine why it's so difficult to protect your privacy online and discuss browser fingerprinting, when to use a VPN, and the limits of private browsing. Plus Apple's blaring bluetooth beacons and Facebook's worrying plans for WhatsApp. Links: Apple bleee. Everyone knows What Happens on Your iPhone – hexway — If Bluetooth is ON on your Apple devic…

We take a look at the amazing abilities of the Apollo Guidance Computer and Jim breaks down everything you need to know about the ZFS ARC. Plus an update on ZoL SIMD acceleration, your feedback, and an interesting new neuromorphic system from Intel. Links: ZFS On Linux Has Figured Out A Way To Restore SIMD Support On Linux 5.0+ — Those running ZFS …

Jim shares his Nagios tips and Wes chimes in with some modern tools as we chat monitoring in the wake of some high-profile outages. Plus we turn our eye to hardware and get excited about the latest Ryzen line from AMD. Links: Third parties confirm AMD’s outstanding Ryzen 3000 numbers | Ars Technica — AMD debuted its new Ryzen 3000 desktop CPU line …

A new vulnerability may be the next 'Ping of Death'; we explore the details of SACK Panic and break down what you need to know. Plus Firefox zero days targeting Coinbase, the latest update on Rowhammer, and a few more reasons it's a great time to be a ZFS user. Links: SACK Panic Security Bulletin — Netflix has identified several TCP networking vuln…

We explore the risky world of exposed RDP, from the brute force GoldBrute botnet to the dangerously worm-able BlueKeep vulnerability. Plus the importance of automatic updates, and Jim's new backup box. Links: Errata Security: Almost One Million Vulnerable to BlueKeep Vuln (CVE-2019-0708) — Microsoft announced a vulnerability in it's "Remote Desktop…

We turn our eye to web server best practices, from the basics of CDNs to the importance of choosing the right multi-processing module. Plus the right way to setup PHP, the trouble with benchmarking, and when to choose NGiNX. Links: Jim's Blog: Installing WordPress on Apache the modern way — It’s been bugging me for a while that there are no correct…

We’re back from LinuxFest Northwest with an update on all things WireGuard, some VLAN myth busting, and the trade-offs of highly available systems. Links: TechSNAP Episode 390: What’s Up with WireGuard WireGuard Sent Out Again For Review — WireGuard lead developer Jason Donenfeld has sent out the ninth version of the WireGuard secure network tunnel…

We continue our take on ZFS as Jim and Wes dive in to snapshots, replication, and the magic on copy on write. Plus some handy tools to manage your snapshots, rsync war stories, and more! Links: sanoid: Policy-driven snapshot management and replication tools. — Sanoid is a policy-driven snapshot management tool for ZFS filesystems. When combined wit…

Jim and Wes sit down to bust some ZFS myths and share their tips and tricks for getting the most out of the ultimate filesystem. Plus when not to use ZFS, the surprising way your disks are lying to you, and more! Links: ZFS - Ubuntu Wiki — ZFS is a combined file system and logical volume manager designed and implemented by a team at Sun Microsystem…

We break down the ASUS Live Update backdoor and explore why these kinds of supply chain attacks are on the rise. Plus an update from the linux vendor firmware service, your feedback, and more! Links: Joren Verspeurt on Twitter — The explanation you gave for unsupervised wasn't correct, that was just using a net that was trained in a supervised way.…

Machine learning promises to change many industries, but with these changes come dangerous new risks. Join Jim and Wes as they explore some of the surprising ways bias can creep in and the serious consequences of ignoring these problems. Links: Microsoft’s neo-Nazi sexbot was a great lesson for makers of AI assistants — What started out as an enter…

We reveal the shady password practices that are all too common at many utility providers, and hash out why salts are essential to proper password storage. Plus the benefits of passphrases, and what you can do to keep your local providers on the up and up. Links: Plain wrong: Millions of utility customers’ passwords stored in plain text | Ars Techni…

Join Jim and Wes as they battle bufferbloat, latency spikes, and network hogs with some of their favorite tools for traffic shaping, firewalling, and QoS. Plus the importance of sane defaults and why netdata belongs on every system. Links: Why you want QoS - Netdata Documentation — One of the features the Linux kernel has, but it is rarely used, is…

Jim and Wes are joined by OpenZFS developer Richard Yao to explain why the recent drama over Linux kernel 5.0 is no big deal, and how his fix for the underlying issue might actually make things faster. Plus the nitty-gritty details of vectorized optimizations and kernel preemption, and our thoughts on the future of the relationship between ZFS and …

We welcome Jim to the show, and he and Wes dive deep into all things Let’s Encrypt. The history, the clients, and the from-the-field details you'll want to know. Links: Let’s Encrypt and CertBot – JRS Systems Automatic Certificate Management Environment (ACME) — The surprisingly readable IETF draft. How It Works - Let's Encrypt ACME Client Implemen…

Wes is joined by a special guest to take a look back on the growth and development of Azure in 2018 and discuss some of its unique strengths. Special Guest: Chad M. Crowell. Links: Under the sea, Microsoft tests a datacenter that’s quick to deploy, could provide internet connectivity for years An Azure Infrastructure Year in Review Azure File Sync …

In a special new year’s episode we take a moment to reflect on the show’s past, its future, and say goodbye to an old friend. Links: Jim Salter — Jim Salter (@jrssnet) is an author, public speaker, small business owner, mercenary sysadmin, and father of three—not necessarily in that order. He got his first real taste of open source by running Apach…

A security vulnerability in Kubernetes causes a big stir, but we’ll break it all down and explain what went wrong. Plus the biggest stories out of Kubecon, and serverless gets serious. Links: Everything that was announced at KubeCon CNCF to Host etcd — The Cloud Native Computing Foundation Technical Oversight Committee voted to accept etcd as an in…

We break down Firecracker Amazon’s new open source kvm powered, virtual machine monitor, and explore what makes it different from the options on the market now. Plus some good news for OpenBGP and the wider internet community, and a handy tool for inspecting docker images. Links: Firecracker – Lightweight Virtualization for Serverless Computing — F…

WireGuard has a lot of buzz around it and for many good reasons. We’ll explain what WireGuard is specifically, what it can do, and maybe more importantly, what it can’t. Special Guest: Jim Salter. Links: How to easily configure WireGuard — At its core, all WireGuard does is create an interface from one computer to another. Jessie Frazelle's Blog: I…

Wes is joined by special guest Jim Salter to discuss Google's recent BGP outage and the future of HTTP. Plus the latest router botnet, why you should never go full UPnP, and the benefits of building your own home router. Special Guest: Jim Salter. Links: Google goes down after major BGP mishap routes traffic through China — Google lost control of s…

We explain what eBPF is, how it works, and its proud BSD production legacy. eBPF is a technology that you’re going to be hearing more and more about. It powers low-overhead custom analysis tools, handles network security in a containerized world, and powers tools you use every day. Links: Chris Goes to MeetBSD ​Linus Torvalds talks about coming bac…

We bring in Amy Marrich to break down the building blocks of OpenStack. There are nearly an overwhelming number of ways to manage your infrastructure, and we learn about one of the original tools. Plus a few warm up stories, a war story, and more. Special Guest: Amy Marrich. Links: James Stanley - Someone used my IPFS gateway for phishing Scaling E…

We bring on our Google Cloud expert and explore the fundamentals, demystify some of the magic, and ask what makes Google Cloud different. Plus how Google hopes Roughtime will solve one of the web’s biggest problems, some great emails, and more! Special Guest: Matt Ulasien. Links: Cloudflare Embraces Google Roughtime, Giving Internet Security a Boos…

Kubernetes expert Will Boyd joins us to explain the top 3 things to know about Kubernetes, when it’s the right tool for the job, and building highly available production grade clusters. Plus the privacy improvements that could be coming to HTTPS, and a new SSH auditing tool hits the open source scene. Special Guest: Will Boyd. Links: Open Sourcing …

Jon the Nice Guy joins Wes to discuss all things IPFS. We'll explore what it does, how it works, and why it might be the best hope for a decentralized internet. Plus, Magecart strikes again, Alpine has package problems, and why you shouldn't trust Western Digital's MyCloud. Special Guest: Jon Spriggs. Links: GovPayNow.com Leaks 14M+ Records — Gover…

TechSNAP progenitor and special guest Allan Jude joins us to talk mobile security, hand out some SSH tips and tricks, and discuss why security shaming works so well. Plus, how Mozilla is protecting their GitHub repos, a check-in on Equifax, and some great picks. Special Guest: Allan Jude. Links: Protecting Mozilla’s GitHub Repositories from Malicio…

We’re joined by a special guest to discuss the failures of campaign security, the disastrous consequences of a mismanaged firewall, and the suspicious case of Speck. Plus the latest vulnerabilities in Wireshark and OpenSSH, the new forensic hotness from Netflix, and some great introductions to cryptography. Special Guest: Martin Wimpress. Links: I’…

To make DNS more secure, we must move it to the cloud! At least that’s what Mozilla and Google suggest. We breakdown DNS-over-HTTPS, why it requires a “cloud” component, and the advantages it has over traditional DNS. Plus new active attacks against Apache Struts, and a Windows 10 zero-day exposed on Twitter. Sponsored By: iXSystems: Get a system p…