July 6, 2025
Keeping tech free
Now that a working exploit of the USB vulnerability that’s baked-in to the USB standard has been released, it might be a prudent move to no longer employ any USB devices that aren’t already under your control until this situation has been fixed.
The exploit was first made public two months ago at the Black Hat conference in Las Vegas when Karsten Nohl and Jakob Lell of Berlin based Security Research Labs (SRL) demonstrated an attack they called BadUSB to a standing-room-only crowd.
Exactly three weeks ago today I caught myself before hitting the “share” button on my Google Plus stream. My intent was to complain about some thing or another. I believe it was an out loud groan about a USB wireless device not working out of the box with Linux. I think I was going to triangulate on Broadcom’s insistence on making wireless a real headache.
And yeah, it doesn’t take that much to get a Broadcom chip working in most cases. Unless you are installing Linux at a friend’s house or another place that doesn’t have a wired connection. Then you’re pretty much sunk. The popup says that the wireless will work once you connect to the package manager. Uh, what if I am not located near a wired connection? That’s kinda why I wanted to connect to the web anyway you friggin’ ijit.
Let’s say it together…you’re pretty much sunk. Still. In 2014. Sunk.
There are a lot of other things that are deserving of our collective ire. Wireless shouldn’t have been one of them for me. I chastised myself for throwing my own little private snit concerning something so trivial. If you count back the years with me, the kernel update to 2.27 saw wireless go from “wireless sucks in Linux” to “holy crap, wireless works in Linux.” Or it did for the most part anyway. It was an important mile marker for desktop Linux.
I already knew that academia is behind the curve when it comes to IT, from my non-tech part time job at a local university library. For starters, there’s the overreliance on Windows. Then there’s the use of poorly designed proprietary products when perfectly acceptable GPL solutions exist — not to mention the look of scorn and fright coming from the IT people whenever the term “free and open source” is uttered within their hearing.
Although I already knew there was a problem, I didn’t know how deep the problem is until I spoke with GitHub’s Arfon Smith. It seems that academia’s inability to catch up with the twenty-first century even puts careers in jeopardy — especially in the sciences.
In the academic world it’s still “publish or perish,” and being published online usually doesn’t count for much. The tenure committees still pretty much define “publish” as something bound in paper and sent by snail mail.
Arfon Smith is a scientist with a resume longer than both of my arms. This resume includes such bullet points as co-founding Zooniverse and building DNA sequencing pipelines at the Wellcome Trust Sanger Institute. He’s been at GitHub since last October, where he uses his first hand knowledge of the scientific process to help research scientists leverage the organization’s resources. When I spent about an hour on the phone with him a few weeks back, he tried to bring me up to speed on some of the problems with academia, and the reality of scientific research in these postmodern times.
Editor’s note: This article was updated 9/4/2014 at 5:15 p.m. EDT to include latest update from Tux Machines publisher.
The DDOS attack that has rendered the popular Linux site Tux Machines virtually unreachable for nearly two weeks, now seems to be affecting sister site TechRights. Roy Schestowitz, publisher of both sites, told FOSS Force that the attack on TechRights began at about one o’clock Friday afternoon GMT.
“…an hour ago I got some automatic reports and some messages from readers saying that Tech Rights had gone offline,” he said. “I then checked logs, grepped on ‘NT’ (all the zombies are [running different versions of] NT), and saw pretty much the same pattern as on Tux Machines.”
As of eleven o’clock this evening EDT, both site were reachable from FOSS Force’s offices in North Carolina, but we’ve been unable to determine if this is because the attacks have ended or if this is only a temporary reprieve.
Other than the continuous scrambling to fix Shellshocked — if nothing else we in the FOSS world are both quick to respond to fixes and quick to come up with great names for epic bugs — this has been a relatively quiet week on our side of the digital street. Yeah, we can laugh at Apple for releasing an update that wasn’t really an update and at Microsoft for losing the ability to count, jumping from Window 8 to Windows 10, now with the improvement of having — wait for it — a command line.
But here are a couple of morsels in the FOSS realm this week, answering a few questions, like:
Hold the phone? Remember the Ubuntu Edge, the smartphone for which Mark Shuttleworth went, hat in hand, begging for $32 million so the wider digital community could fund his pet project?
A little over two weeks ago, I told you about the Brothers Nielsen, Jared and JR, who produce short educational videos which teach Linux and other tech skills to nine to thirteen-year-olds under the “Hello World” banner — a name which should be familiar to anyone who’s ever taken a “programming for dummies” course.
At the time of that article, the Nielsens were just a few days into an all-or-nothing Indiegogo fundraising campaign, hoping to raise the small amount of $2,048 to replace worn-out equipment. That’s it. They aren’t trying to raise money to cover a year’s worth of expenses; they’re not trying to get the public to finance their salaries for the next year; all they want is a little bit of cash for camera’s, lenses, lights and the like. When that article went online, they’d already raised $680, nearly a third of their target amount.
On a monthly basis — on the last Saturday each month — members of the Felton Linux Users Group drag their collective butts out of bed at the crack of 9:30, or possibly earlier, and make their way from various points in the sleepy little town just northeast of Santa Cruz to the solar-powered Felton Fire Station for their meeting.
It’s a good group with core regulars hosting meetings since the Lindependence Project held three open houses to introduce the town to Linux in the summer of 2008. In those open houses, various distros like Debian, Fedora, Ubuntu and Mandriva, along with hardware maker ZaReason, and even an open-source stuffed penguin maker called Open Animals based in Phoenix, appeared to show their wares to the curious in the San Lorenzo Valley area. Around 600 people appeared over the three days and more than 300 live CDs went out the door.
These are the ten most read articles on FOSS Force for the month of September, 2014. 1. Is Oracle Using Canonical to Counter Red Hat?…
Three a.m. can be an interesting time to be in a 24 hour Denny’s Restaurant. The clientèle can range from graveyard shift workers on their lunch break to people who have spent all night partying. I never did understand the “Let’s go to Denny’s” mindset after a night of drinking. Why would I want to ruin a $100.00 drinking spree with a $4.00 pancake breakfast?
Of course, the closest thing to alcohol I put in my mouth most days is mouth wash. I honestly don’t miss the hangovers. Neither do I miss the round of apologies I usually had to make the next day for the dumb stuff I had done the night before.
So, sitting at the counter at 3:20 a.m. working on my third cup of coffee, I watched an older gentleman grow more and more frustrated with the laptop in front of him. After a bit, he pulled an old flip phone from his shirt pocket and left a message when the party did not answer.
“James, this is Ed. Give me a call when you get up. This laptop is going blue screen again.”
Editor’s note: This article was updated on 9/29/14 at approx. 5:30 p.m. to include update from Tux Machines publisher Roy Schestowitz.
Since sometime last week the popular Linux site Tux Machines has been under an apparent distributed denial-of-service (DDOS) attack. For the last several days, those trying to visit the site have been redirected to Tech Rights, another site operated by Roy Schestowitz, the owner of Tux Machines, to a post dated Saturday by Schestowitz which reads:
“Windows botnets have been hammering on Tux Machines for nearly a week. It got a lot of worse yesterday and the site became unaccessible much of the time. We don’t know who the attacker is and what the motivations are, but in the mean time the site can be read via the RSS feed. The RSS feed links to all the latest news and the pages ought to work as usual. We apologise for this issue and we are working hard to find a permanent solution.”
