1. IT-Security >
  2. Podcasts


ArabicEnglishFrenchGermanGreekItalianJapaneseKoreanPersianPolishPortugueseRussianSpanishTurkishVietnamese

Podcasts


Suchen

News RSS Quellen: 1x
News Kategorien unterhalb von Podcasts: 0x
News RSS Feeds dieser Podcasts Kategorie: RSS Feed Podcasts
Benutze Feedly zum Abonieren.Folge uns auf feedly
Download RSS Feed App für Windows 10 Store (Leider gibt es nicht mehr viele Extensions mit welchen Sie RSS-Feeds in einer Software abonieren können. Der Browser Support für RSS-Feeds wurde eingestellt (Firefox,Chrome).

Eigene IT Security Webseite / Blog / Quelle hinzufügen

Seitennavigation

Seite 1 von 2 Seiten (Bei Beitrag 1 - 35)
62x Beiträge in dieser Kategorie

Nächste 2 Seite | Letzte Seite

[ 2 ]

HPR2821: Interviewing some exhibitors at the 2019 vcfe.org event

Zur Kategorie wechselnPodcasts vom | Quelle: hackerpublicradio.org Direktlink direkt öffnen

I visited the vcfe.org event in Munich, Germany.

Below you will find some urls for the projects that I came across.

If you like these things, the next exhibition will be in September in Berlin (you can find more info on vcfb.de).

Regards, Jeroen Baten


News Bewertung

Weiterlesen Weiterlesen

HPR2820: 29 - CERT Home Security Tips

Zur Kategorie wechselnPodcasts vom | Quelle: hackerpublicradio.org Direktlink direkt öffnen

The Computer Emergency Readiness Team of the US Department of Homeland Security issues a security bulletin, ST15-002, which has tips for home network security. In this episode we review these tips and why they make sense.

Links:


News Bewertung

Weiterlesen Weiterlesen

HPR2819: Reply to Knightwise - podcasts

Zur Kategorie wechselnPodcasts vom | Quelle: hackerpublicradio.org Direktlink direkt öffnen

Knightwise, in HPR 2798, made the argument that podcasts are better if they are done by "pirates", i.e. not by corporations, but by individuals with something to say. While I see some merit in this view, I think the more significant feature of podcasts is that it gets us away from "broadcasting" (shows aimed at the lowest common denominator) and towards "narrowcasting", an environment where small niche interests can find an audience and thrive since podcasting does not require a lot of resources. But I do appreciate the chance to hear some radio programs that I would not otherwise be able to listen to when they are offered as podcasts.

Links:


News Bewertung

Weiterlesen Weiterlesen

HPR2818: Writing Web Game in Haskell - Science, part 1

Zur Kategorie wechselnPodcasts vom | Quelle: hackerpublicradio.org Direktlink direkt öffnen

Background

This is rather large topic, so I split it in two episodes. Next one should follow in two weeks if everything goes as planned. First part is about modeling research, while second part concentrates on how things change over time.

There’s three types of research: engineering, natural sciences and social sciences. Research costs points that are produced by various buildings.

Implementation

There’s three database tables, which are defined below:

CurrentResearch
    type Technology
    progress Int
    factionId FactionId

AvailableResearch
    type Technology
    category TopResearchCategory
    factionId FactionId

CompletedResearch
    type Technology
    level Int
    factionId FactionId
    date Int

Data types

Technology is enumeration of all possible technologies. Knowing these enable player to build specific buildings and space ships, enact various laws and so on. In the end this will be (hopefully) large list of technologies.

data Technology =
    HighSensitivitySensors
    | SideChannelSensors
    | HighTensileMaterials
    | SatelliteTechnology
    | BawleyHulls
    | SchoonerHulls
    | CaravelHulls
    ...
    deriving (Show, Read, Eq, Enum, Bounded, Ord)

All research belong to one of the top categories that are shown below:

data TopResearchCategory =
    Eng
    | NatSci
    | SocSci
    deriving (Show, Read, Eq, Ord)

ResearchCategory is more fine grained division of research. Each of the categories is further divided into sub-categories. Only EngineeringSubField is shown below, but other two are similarly divided.

data ResearchCategory =
    Engineering EngineeringSubField
    | NaturalScience NaturalScienceSubField
    | SocialScience SocialScienceSubField
    deriving (Show, Read, Eq)

data EngineeringSubField =
    Industry
    | Materials
    | Propulsion
    | FieldManipulation
    deriving (Show, Read, Eq)

ResearchScore is measure of how big some research is. It has type parameter a that is used to further quantify what kind of ResearchScore we’re talking about.

newtype ResearchScore a = ResearchScore { unResearchScore :: Int }
    deriving (Show, Read, Eq, Ord, Num)

TotalResearchScore is record of three different types of researches. I’m not sure if I should keep it as a record of three fields or if I should change it so that only one of those values can be present at any given time.

data TotalResearchScore a = TotalResearchScore
    { totalResearchScoreEngineering :: ResearchScore EngineeringCost
    , totalResearchScoreNatural :: ResearchScore NaturalScienceCost
    , totalResearchScoreSocial :: ResearchScore SocialScienceCost
    }
    deriving (Show, Read, Eq)

Following singleton values are used with ResearchScore and TotalResearchScore to quantify what kind of value we’re talking about.

data EngineeringCost = EngineeringCost
    deriving (Show, Read, Eq)

data NaturalScienceCost = NaturalScienceCost
    deriving (Show, Read, Eq)

data SocialScienceCost = SocialScienceCost
    deriving (Show, Read, Eq)

data ResearchCost = ResearchCost
    deriving (Show, Read, Eq)

data ResearchProduction = ResearchProduction
    deriving (Show, Read, Eq)

data ResearchLeft = ResearchLeft
    deriving (Show, Read, Eq)

Finally there’s Research, which is a record that uses many of the types introduced earlier. It describes what Technology is unlocked upon completion, what’s the cost is and if there are any technologies that have to have been researched before this research can start. The tier of research isn’t currently used for anything, but I have vague plans what to do about it in the future.

data Research = Research
    { researchName :: Text
    , researchType :: Technology
    , researchCategory :: ResearchCategory
    , researchAntecedents :: [Technology]
    , researchCost :: TotalResearchScore ResearchCost
    , researchTier :: ResearchTier
    }
    deriving (Show, Read, Eq)

Tech tree

Putting all this together, we can define a list of Research. Since finding an entry from this list based on research type of it is such a common operation, we also define another data structure for this specific purpose. Map in other programming languages is often known as dictionary, associative array or hash map. It stores key-value - pairs. In our case Technology is used as key and Research as value. We define it based on the list previously defined:

techMap :: Map.Map Technology Research
techMap = Map.fromList $ (\x -> (researchType x, x)) <$> unTechTree techTree

Next time we’ll look into how to actually use all these types and data that were defined.


News Bewertung

Weiterlesen Weiterlesen

HPR2817: Are you successful? Click to find out more!

Zur Kategorie wechselnPodcasts vom | Quelle: hackerpublicradio.org Direktlink direkt öffnen

Based on https://libranet.de/display/0b6b25a8-125c-a71f-c7ae-f1a686792961.

It’s pretty short, less than 4 minutes, but I think it’s important.

Who defines whether you are successful, or whether your project is successful, and does it matter?


News Bewertung

Weiterlesen Weiterlesen

HPR2816: Gnu Awk - Part 14

Zur Kategorie wechselnPodcasts vom | Quelle: hackerpublicradio.org Direktlink direkt öffnen

Introduction

This is the fourteenth episode of the “Learning Awk” series which is being produced by b-yeezi and myself.

In this episode and the next I want to start looking at redirection within Awk programs. I had originally intended to cover the subject in one episode, but there is just too much.

So, in the first episode I will be starting with output redirection and then in the next episode will spend some time looking at the getline command used for explicit input, often with redirection.

Long notes

I have provided detailed notes as usual for this episode, and these can be viewed here.

Links


News Bewertung

Weiterlesen Weiterlesen

HPR2815: Copy pasta

Zur Kategorie wechselnPodcasts vom | Quelle: hackerpublicradio.org Direktlink direkt öffnen

You can copy and paste on Linux the same way you do on any other OS: Ctrl+C to copy and Ctrl+V to paste (or use the Edit menu, or a right-click menu).

However, Linux doesn't limit you to just that. The primary GUI environment of Linux (at the time of this recording) is X, and the Inter-Client Communication Conventions Manual defines three X Selection states: Primary, Secondary, and Clipboard. The Secondary is rarely (if ever?) used, so I don't cover it here.

Primary

The primary X Selection is anything literally selected at any given moment. If you highlight a word in Firefox with your mouse, for instance, then it becomes the Primary Selection, and it is owned by Firefox. If you press the Middle Mouse Button in any application, then that application asks the owner (Firefox, in this example) for the data contained in the Primary Selection. Firefox sends the data to that application so that it can paste it for you.

A Primary selection remains the Primary Selection until it is overwritten by a new Primary Selection. In other words, text needn't be highlighted to be retained in the Primary Selection slot.

Clipboard

The Clipboard Selection is data that has explicitly been sent to the clipboard by a copy action. This is usually a right-click > Copy or a selection of Edit > Copy. When another application is told to paste from the clipboard, it pastes data from the Clipboard Selection.

Both

You can (and often do) have both a Primary Selection and a Clipboard selection. If you press Ctrl+V, you get the contents of the Clipboard Selection. If you press the middle mouse button, then you get the contents of the Primary Selection.

xsel

The xsel command allows you to retrieve the contents of an X Selection.


$ xsel --primary
dungeons
$ xsel --clipboard
dragons

Clipboard managers

Clipboard managers such as Klipper, CopyQ, Parcellite, and so on, provide a history for your clipboard. They track the latest 10 (or so) items you have copied or selected. They can be a little confusing, because they do tend to blur the line between the Primary Selection and the Clipboard Selection, but now that you know the technical difference, it shouldn't confuse you to see them both listed by a clipboard manager designed to conflate them.

GPM

GPM is a daemon allowing you to use your mouse without a GUI. Among its features, it permits you to select text in a text console (TTY) and then paste it with the middle mouse button.

GNU Screen and Tmux

Screen and tmux are "window managers for text consoles". I don't tend to use tmux as often as I should, having learnt GNU Screen long ago, so I'm not familiar with the process of copying and pasting with tmux. For Screen, you can copy text in this way:

  1. Press Ctrl+A to get out of insert mode.

  2. Press left-square_bracket to enter copy-mode

  3. Move your text to the position you want to start selecting and press Enter or Return

  4. Arrow to the position at which you want to end your selection and press Enter or Return again

To paste your selection:

  1. Press Ctrl+A to get out of insert mode.

  2. Press right-square_bracket to paste


News Bewertung

Weiterlesen Weiterlesen

HPR2814: Spectre and Meltdown and OpenBSD and our future

Zur Kategorie wechselnPodcasts vom | Quelle: hackerpublicradio.org Direktlink direkt öffnen

I discuss the entire Spectre and Meltdown issues and where we might go post an Intel world. My objective is to encourage others to leave Speculative processing backed by management engine based chips. SCATTER HUMANS!!! WE MUST LEAVE!!!!


News Bewertung

Weiterlesen Weiterlesen

HPR2813: Should we dump the linux Desktop.

Zur Kategorie wechselnPodcasts vom | Quelle: hackerpublicradio.org Direktlink direkt öffnen

Knightwise wonders if we should let go of the linux desktop environments and focus on cross-platform applications instead. Please bring your torches and pitchforks.


News Bewertung

Weiterlesen Weiterlesen

HPR2812: Is 5G mobile data a danger to your health?

Zur Kategorie wechselnPodcasts vom | Quelle: hackerpublicradio.org Direktlink direkt öffnen

This is mostly verbatim from my Fediverse post https://libranet.de/display/0b6b25a8-165c-9c7f-b55d-c7a077813050, with a few minor edits.

The anti-5G campaign has been cooking for many years now, and at the epicenter of it all are two men, Lennart Hardell and Rainer Nyberg. It’s a Swedish-Finnish phenomenon that is now really making the rounds and spreading internationally, as actual commercial deployment of 5G networks draws nearer.

As a Swede, I apologize. These two do not represent the Swedish or Finnish cancer or radiation research community, and our media have given them far more space in the public discourse than their work merits.

They are heavily quoted in networks of pseudoscience, including anti-vaccine sites, right-wing "alternative facts" sites and Strålskyddsstiftelsen ("Swedish Radiation Protection Foundation"), a private foundation created in 2012 with a deceptive name meant to invoke authority, which has had to be corrected on multiple occasions by the actual Swedish Radiation Safety Authority, Strålskyddsmyndigheten.

Strålskyddsstiftelsen received the 2013 "Misleader of the Year" award from the main Swedish scientific skeptics' society, Vetenskap och Folkbildning ("Science and Public Education") for "[their fearmongering propaganda and biased reporting on the health effects of mobile telephony use and wireless networks]".

https://www.vof.se/utmarkelser/tidigare-utmarkelser/aretas-forvillare-2013/ (in Swedish)

These networks are part of a feedback loop where they get media attention, politicians pick up on their claims and use them to invoke the precautionary principle and get precautionary regulation in place, or judges rule based on the claims, which then gets quoted by these entities as evidence that they were right all along.

They make it very hard to find factual information on whether millimeter-wavelength radiation actually has any different effect from the centimeter-wavelength radiation that we have been using for over two decades without any documented harmful effects, because wherever you look you just find these sites claiming that we have definitely had adverse health effects for the last two decades and the new frequency bands will definitely be far worse.

When you dig deeper into the claims on these sites you find a handful of cherry-picked articles, leading back to the two men mentioned at the top, to studies with flawed methodology like self-reported surveys on mobile telephony use among cancer patients, or to the pseudoscience/media/politics/law feedback loop. And it’s all about centimeter waves, which simply have shown no conclusive sign of increasing brain cancers or any other adverse health effect related to the radiation. For every positive report made you can find one that reports brain cancer fell as we introduced mobile phones. There is a massive body of data, and if the signal were there, we would have seen it by now.

I’m no cancer researcher, but neither is Rainer Nyberg, he’s a retired professor in pedagogy. He’s a concerned citizen. https://en.wikipedia.org/wiki/Lennart_Hardell is an actual oncologist and professor who has studied carcinogens, but his research results on the wireless/cancer connection have been dismissed as "non-informative", "post hoc", "barely statistically significant" and "flawed" by his peers. There is nothing there.

We know that high-voltage 16.7 Hz fields increase the risk for leukemia in train drivers, but we don’t know why. I am open to the possibility that 20-50 GHz waves have different consequences from 2 GHz waves, but I’d have to hear it from a credible source.

Straight up DNA mutation is out the window, and that’s one of the centerpoints of these campaigns. This is still frequencies below visual light, it’s not ionizing radiation. No plausible mechanism has been suggested, and there is no clear data on any adverse effects.

We use millimeter waves for the full body scans in US airports. Surely the effects of those have been studied? The top search results go to truthaboutcancer and infowars and similar names I won’t even bother to click. I don’t want to read another article about how all cancer research after 1950 has been wrong, we should all just eat chalk to balance our acidity, and cancer is a fungus.

Apart from the pseudoscience sites I found one paper on the first search results page, concluding that X-ray backscatter scanners have well-known risks, but radiation levels are far below safety standards, both for passengers and for security staff, and also below the background radiation exposure while flying, and millimeter-wave scanners, while an "alarmingly small amount of information about its potential health effects" is available, "The established health effects associated with non-ionizing radiation are limited to thermal effects" and "these scanners operate at outputs well below those required to produce tissue heating", that is, we currently don’t know of a way millimeter waves might be harmful: https://www.sciencedirect.com/science/article/pii/S1687850714000168 (https://doi.org/10.1016/j.jrras.2014.02.005)

For a guide on how to spot pseudoscience and how to read scientific papers, see ahuka’s excellent hpr2695: Problems with Studies.

https://en.wikipedia.org/wiki/Betteridge%27s_Law_of_Headlines


News Bewertung

Weiterlesen Weiterlesen

HPR2811: Interview with Alan Pope

Zur Kategorie wechselnPodcasts vom | Quelle: hackerpublicradio.org Direktlink direkt öffnen

A few years ago, when you wanted to install a package on your Linux system, you had to grab the source code, and the nightmare began. But nowadays, this is over. You have deb files, and snaps, and flatpacks, and many other package formats available. On this episode, I was joined by Alan Pope, from Canonical, to talk about one of them in particular : snaps.


News Bewertung

Weiterlesen Weiterlesen

HPR2810: Wi-Fi on Android

Zur Kategorie wechselnPodcasts vom | Quelle: hackerpublicradio.org Direktlink direkt öffnen

Background

You're running a firewall on your work and home networks right, so of course you're running one on your Smart Phone. Given this device holds more information about you than you probably know yourself, it would be only prudent to make sure that you are protecting what gets in but also what gets out.

I run AFWall+ which is available from the F-Droid app store. It runs fine on LineageOS.

I then set it on the children's phone so that no application is allowed to use mobile data, and then only applications that need Internet get Internet Access. This works well as it's a normal use case for mobile applications to have intermittent access to the Internet.

I see no reason why the Linux Kernel should need unfettered access to the Internet, so it's not allowed out. One issue you may come across is that even though you know that there is a Connection your phone doesn't, and so it will display the Wi-Fi Connected, no Internet message.

I'm not sure how this check is done but abqnm suggests at in the StackExchange question How does Android determine if it has an Internet connection? that it may be related to Google Cloud Messaging.

... this means that the device is unable to receive a response from GCM (Google Cloud Messaging, the framework that handles push notifications). This traffic is sent through ports 5228, 5229, and 5230. If the AP is blocking or interfering with traffic on those ports, push notifications won't work ...

I do indeed see blocked attempts by Google Play Services on my own phone, but not on the other phones that have no google services installed. The only entry I see in the logs is an ICMP attempt to "Comcast Cable Communications, Inc". If you know more please record a show for Hacker Public Radio about it.

Giving Access

Normally you will get a message saying that the Wi-Fi has no Internet access.

Android System. Wi-Fi has no Internet access. Tap for options

If you tap the message a popup will allow you to stay connected and will let you remember the choice.

OpenWireless.Org. This network has no Internet access. Stay connected? [] Don't ask again for this network NO YES

In some cases the router helpfully resets the connection before you can reply to the message meaning it goes into a loop continually popping up the message but not reacting to it.

In this case we can use Termux a Android Terminal emulator, to drop to a shell and fix the problem.

I used su to get root access but you could also change to the user wifi.

The file you need to edit is /data/misc/wifi/wpa_supplicant.conf. It's probably best to edit this file with the wifi off.

network={
	ssid="OpenWireless.Org"
	key_mgmt=NONE
	priority=15
	id_str="{snip}"
}

Scroll down to the network that is giving you trouble and add disabled=1

network={
	ssid="OpenWireless.Org"
	key_mgmt=NONE
	priority=15
	disabled=1
	id_str="{snip}"
}

I ended up copying the file to the sdcard, and editing it there. I then copied it back as su and used chown wifi:wifi /data/misc/wifi/wpa_supplicant.conf to fix the permissions.

Once that's done you can reboot the phone and connect to the network without a problem. You should also consider putting up an Open Wireless access point yourself.


News Bewertung

Weiterlesen Weiterlesen

HPR2809: The Blue Oak Model License and Its One Big Gotcha

Zur Kategorie wechselnPodcasts vom | Quelle: hackerpublicradio.org Direktlink direkt öffnen

The Blue Oak Model License 1.0.0 was just released this month. In this episode I read the license, explain where it sits in among other software licenses, and enumerate some of the problems it purports to solve.

I’m no legal expert, so take all of this as sort of a rough introduction to the license.

Overall, if you are looking at permissive (vs copyleft) licenses, I would strongly suggest you consider this license! It’s concise, robust, it was developed by credible people, and gives your users future-proof safety from a number of common legal traps.

However: just note that it has a feature, some would say bug, that might be a big deciding factor in whether you feel comfortable with it (listen for details)

Nevertheless, I believe this license, or at least its style of language, will soon become extremely common.

Further links:

  • The Blue Oak Model License 1.0.0 — the license itself. You may also wish to read the group’s statement about their methodology and how the license came to be.
  • Deprecation Notice: MIT and BSD — the blog post I mention in the recording, by Blue Oak council member, developer and IP lawyer Kyle Mitchell. He explains some problems he sees with the MIT and BSD licenses and how the BOML addresses them.
  • Discussion on Hacker News — This was a pretty good discussion. Kyle Mitchell also chimed in here to respond to some criticisms and tire-kicking of this license (you can recognize him by his handle kemitchell).

Not mentioned in the recording: One thing that caused me a bit of confusion at first was the term “attribution”. Kyle and the Blue Oak folks use this term mainly to talk about license terms, not authorship or credit. So for them an attribution requirement is a requirement to include the license terms with any distributed copies, not a requirement to give authorship credit to people.

If you want to use this license as a starting point for your own “bespoke” license, you can! As I mention in the recording, I created my own variant of the Blue Oak license for one of my own projects. My main change was a strong requirement for downstream users to give credit to upstream contributors—not just when redistributing source code, but in all published software, books and websites created with the software!

Of course, when you make your own changes, you had better think hard about them, and if possible, get the advice of an Actual Lawyer who can discuss your particular situation.


News Bewertung

Weiterlesen Weiterlesen

HPR2808: Haskell function types

Zur Kategorie wechselnPodcasts vom | Quelle: hackerpublicradio.org Direktlink direkt öffnen

Haskell is statically typed language, meaning that during compilation, programs are checked for type correctness. This means that you won’t accidentally mix for example text and numbers. Haskell does type inference. The compiler will try and figure out what kind of types would make your program to be valid in terms of types. Programmer could completely omit types, but it’s often helpful to write type signatures for at least top level definitions. These will be helpful for both the programmers and compilers.

concrete types

Simplest case is where types are spelled out definitely. Function add below takes two Integer parameters and produces Integer value. Note that types are written in upper case.

add :: Integer -> Integer -> Integer

It’s possible to not use concrete types. In following example a (note the lower case) can be anything. So function takes two values of a, a Boolea and produces a. This is useful technique for writing very general functions.

choose :: a -> a -> Boolean -> a

ad hoc polymorphism

In previous example, we wouldn’t be able to do much at all with a as we don’t know its type. Sometimes we need to know a bit more about type, without specifically declaring its type. For those cases type constraints are useful.

add :: (Num a) => a -> a -> a

This version of add again takes two parameters, both being type a and produces value a. But (Num a) => part in the signature constraints a to be instance of Num. This type class (I’ll talk about these some other time) defines that each instance of it will have set of functions: +, -, *, negate, abs, signum and fromInteger. So now our add function can use those functions, regardless of what specific type a is.

parametrized functions

Types used in function signature can be parametrized. If we wanted a function that returns a first element of any list, we could have following signature: first :: [a] -> Maybe a

first takes single parameter, list of a and returns Maybe a. Maybe is a type that is used to signify a value that might or might not be present and has following definition:

data Maybe a =
     Nothing
     | Just a

So our function would return Nothing when given an empty list and Just a when given a list of at least one element.

using functions

Function application in Haskell doesn’t require parentheses around arguments. Calling our add function is just add 1 2. If one of the values is result of another function call, we need to tell which parameters belong to which function. Using $ is one option: add 1 $ add 2 3, another option is to use parentheses: add 1 (add 2 3).

When function is called with less parameters than it expect, instead of run time error you’ll going to receive a function. In following example addLots 5 will produce same value as add 1000 5:

addLots = add 1000
addLots 5

Another contrived example of partial application:

findPodcasts :: [Podcast] -> Text -> [Podcast]
search = findPodcasts loadedPodcasts
myPodcasts = search "tuturto"

functions as types

Functions have type (that’s what the signature is for after all) and functions can be used as values. You can return function from another function or you can pass in a function as a parameter.

Common example is filter, which has following signature: filter :: (a -> Bool) -> [a] -> [a]

It takes two parameters, first one is function that has type a -> Bool and second one is list of a. Return value is list of a. You can produce a list of odd numbers between 1 and 10 with filter odd [1..10].

anonymous functions

Sometimes you need a function to pass in as a parameter, but the function is so small that you don’t want to give it a name. For those cases, anonymous function are good. If you wanted to produce a list of odd numbers that are greater that 5 in range from 1 10, you could write it as: filter (\x -> odd x && x > 5) [1..10]. If you squint hard enough \ looks almost like a lowercase greek letter λ.

Easiest way to catch me is either email or fediverse where I’m [email protected]


News Bewertung

Weiterlesen Weiterlesen

HPR2807: Are bash local variables local?

Zur Kategorie wechselnPodcasts vom | Quelle: hackerpublicradio.org Direktlink direkt öffnen

https://en.wikipedia.org/wiki/Scope_%28computer_science%29

In hpr2739, Dave talked briefly about local variables. But what are they?

In most modern languages, especially in compiled languages, "local" means that the value of a variable cannot be directly known, by looking up the name, outside the bounds of that function, but that’s not how it works in bash.

Languages like C and Python have lexical scope. Lexical scope means local variables are local in the text. The names are local.

If I’m writing code that is textually located outside the function, I cannot even describe how to access the variables within the function, because myvariable in my function is not the same variable, not the same place, as myvariable in your function.

Languages like Bash and Elisp have dynamic scope. That means local variables are local in time. The names are global.

What happens when you declare a variable local in bash is that the existing value of that variable is stowed away, to be brought back when your function exits.

#!/usr/bin/env bash
function sayscope() {
    echo The scope is $whatsmyscope
}

function globalscope() {
    whatsmyscope=global
}

function dynamicscope() {
    whatsmyscope=dynamic
}

function localscope() {
    local whatsmyscope=local
    sayscope
    dynamicscope
    sayscope
}

globalscope
sayscope
localscope
sayscope
The scope is global
The scope is local
The scope is dynamic
The scope is global

Perl has both, and it calls them local (dynamic scope, like bash) and my (lexical scope):

#!/usr/bin/env perl
use v5.10;

sub sayscope {
    say "Dynamic scope is $whatsmyscope";
}

sub globalscope {
    $whatsmyscope="global";
}

sub dynamicscope {
    $whatsmyscope="dynamic";
}

sub lexicalscope {
    my $whatsmyscope="lexical";
    say "Lexical scope is $whatsmyscope";
    sayscope;
}

sub localscope {
    local $whatsmyscope="local";
    sayscope;
    dynamicscope;
    sayscope;
    lexicalscope;
}

globalscope;
sayscope;
localscope;
sayscope;
Dynamic scope is global
Dynamic scope is local
Dynamic scope is dynamic
Lexical scope is lexical
Dynamic scope is dynamic
Dynamic scope is global

You almost never want to use local in Perl, it’s mostly there for historical reasons — lexical scope is a Perl 5 feature. https://perl.plover.com/local.html covers well the remaining few and narrow exceptions where local might be useful.

As dynamic scope has some valid use, it’s available in some otherwise lexically scoped languages. For example, Common LISP has the special form, and several Schemes and Racket have parameter objects:

To dig fully into the history and flora of dynamic and lexical scope merits another episode.


News Bewertung

Weiterlesen Weiterlesen

HPR2806: HPR Community News for April 2019

Zur Kategorie wechselnPodcasts vom | Quelle: hackerpublicradio.org Direktlink direkt öffnen

New hosts

There were no new hosts this month.

Last Month's Shows

Id Day Date Title Host
2781 Mon 2019-04-01 HPR Community News for March 2019 HPR Volunteers
2782 Tue 2019-04-02 Never stop gaming klaatu
2783 Wed 2019-04-03 The Windows "Shutdown.exe" Command Explained Claudio Miranda
2784 Thu 2019-04-04 The Yamaha Disklavier Jon Kulp
2785 Fri 2019-04-05 What is uCPE JWP
2786 Mon 2019-04-08 My YouTube Channels Tony Hughes AKA TonyH1212
2787 Tue 2019-04-09 NodeJS Part 1 operat0r
2788 Wed 2019-04-10 Looping in Haskell tuturto
2789 Thu 2019-04-11 Pacing In Storytelling lostnbronx
2790 Fri 2019-04-12 My YouTube Subscriptions #5 Ahuka
2791 Mon 2019-04-15 LUKS like truecrypt klaatu
2792 Tue 2019-04-16 Playing around with text to speech synthesis on Linux Jeroen Baten
2793 Wed 2019-04-17 bash coproc: the future (2009) is here clacke
2794 Thu 2019-04-18 Interview with Martin Wimpress Yannick the french guy from Switzerland
2795 Fri 2019-04-19 Dead Earth klaatu
2796 Mon 2019-04-22 IRS,Credit Freezes and Junk Mail Ohh My! operat0r
2797 Tue 2019-04-23 Writing Web Game in Haskell - Simulation at high level tuturto
2798 Wed 2019-04-24 Should Podcasters be Pirates ? knightwise
2799 Thu 2019-04-25 building an arduino programmer Brian in Ohio
2800 Fri 2019-04-26 My YouTube Subscriptions #6 Ahuka
2801 Mon 2019-04-29 Guitar Set Up Part 1. NYbill
2802 Tue 2019-04-30 Mid-life (?) assessment clacke

Comments this month

These are comments which have been made during the past month, either to shows released during the month or to past shows. There are 23 comments in total.

Past shows

There are 4 comments on 4 previous shows:

This month's shows

There are 19 comments on 7 of this month's shows:

  • hpr2783 (2019-04-03) "The Windows "Shutdown.exe" Command Explained" by Claudio Miranda.
    • Comment 1: Bubba on 2019-04-04: "Shutdown.exe command"
    • Comment 2: ClaudioM on 2019-04-06: "Also Useful with PsExec from Sysinternals Suite"

  • hpr2784 (2019-04-04) "The Yamaha Disklavier" by Jon Kulp.
    • Comment 1: tuturto on 2019-04-04: "music to ears"
    • Comment 2: Jan on 2019-04-04: "Translations"
    • Comment 3: Jon Kulp on 2019-04-04: "Ok but it wasn't the "Well-Tempered Piano""
    • Comment 4: Gavtres on 2019-04-05: "So cool!"
    • Comment 5: Dave Morriss on 2019-04-05: "What a wonderful device!"
    • Comment 6: Guy on 2019-04-06: "How far away are you?"
    • Comment 7: Jon Kulp on 2019-04-06: ""or" not "of""
    • Comment 8: Windigo on 2019-04-14: "Library of Congress"
    • Comment 9: Jon Kulp on 2019-04-15: "A great summer job"
    • Comment 10: Jon Kulp on 2019-04-18: "Older near-perfect player pianos"

  • hpr2787 (2019-04-09) "NodeJS Part 1" by operat0r.
    • Comment 1: tuturto on 2019-04-10: "looking for more"

  • hpr2789 (2019-04-11) "Pacing In Storytelling" by lostnbronx.
    • Comment 1: tuturto on 2019-04-11: "what about non-fictional stories"

  • hpr2793 (2019-04-17) "bash coproc: the future (2009) is here" by clacke.
    • Comment 1: Dave Morriss on 2019-04-22: "I really enjoyed this!"

  • hpr2796 (2019-04-22) "IRS,Credit Freezes and Junk Mail Ohh My!" by operat0r.
    • Comment 1: cogoman on 2019-04-25: "Credit card security"

  • hpr2798 (2019-04-24) "Should Podcasters be Pirates ?" by knightwise.
    • Comment 1: tuturto on 2019-04-24: "Yarrr, record me episodes"
    • Comment 2: Dave Morriss on 2019-04-27: "Memories of early podcasts and pirate radio"
    • Comment 3: DudeNamedBen on 2019-04-29: "Da Podfather, Adam Curry"

Mailing List discussions

Policy decisions surrounding HPR are taken by the community as a whole. This discussion takes place on the Mail List which is open to all HPR listeners and contributors. The discussions are open and available on the HPR server under Mailman.

The threaded discussions this month can be found here:

http://hackerpublicradio.org/pipermail/hpr_hackerpublicradio.org/2019-April/thread.html

Events Calendar

With the kind permission of LWN.net we are linking to The LWN.net Community Calendar.

Quoting the site:

This is the LWN.net community event calendar, where we track events of interest to people using and developing Linux and free software. Clicking on individual events will take you to the appropriate web page.

Any other business

HPR on Wikipedia

Please see the draft at https://en.wikipedia.org/w/index.php?title=Draft:Hacker_Public_Radio

If you are not already a host, then please help improve the site.

Tags and Summaries

Thanks to the following contributor for sending in updates in the past month: Tony Hughes

Over the period tags and/or summaries have been added to 36 shows which were without them.

If you would like to contribute to the tag/summary project visit the summary page at https://hackerpublicradio.org/report_missing_tags.php and follow the instructions there.


News Bewertung

Weiterlesen Weiterlesen

HPR2806: HPR Community News for April 2019

Zur Kategorie wechselnPodcasts vom | Quelle: hackerpublicradio.org Direktlink direkt öffnen

New hosts

There were no new hosts this month.

Last Month's Shows

Id Day Date Title Host
2781 Mon 2019-04-01 HPR Community News for March 2019 HPR Volunteers
2782 Tue 2019-04-02 Never stop gaming klaatu
2783 Wed 2019-04-03 The Windows "Shutdown.exe" Command Explained Claudio Miranda
2784 Thu 2019-04-04 The Yamaha Disklavier Jon Kulp
2785 Fri 2019-04-05 What is uCPE JWP
2786 Mon 2019-04-08 My YouTube Channels Tony Hughes AKA TonyH1212
2787 Tue 2019-04-09 NodeJS Part 1 operat0r
2788 Wed 2019-04-10 Looping in Haskell tuturto
2789 Thu 2019-04-11 Pacing In Storytelling lostnbronx
2790 Fri 2019-04-12 My YouTube Subscriptions #5 Ahuka
2791 Mon 2019-04-15 LUKS like truecrypt klaatu
2792 Tue 2019-04-16 Playing around with text to speech synthesis on Linux Jeroen Baten
2793 Wed 2019-04-17 bash coproc: the future (2009) is here clacke
2794 Thu 2019-04-18 Interview with Martin Wimpress Yannick the french guy from Switzerland
2795 Fri 2019-04-19 Dead Earth klaatu
2796 Mon 2019-04-22 IRS,Credit Freezes and Junk Mail Ohh My! operat0r
2797 Tue 2019-04-23 Writing Web Game in Haskell - Simulation at high level tuturto
2798 Wed 2019-04-24 Should Podcasters be Pirates ? knightwise
2799 Thu 2019-04-25 building an arduino programmer Brian in Ohio
2800 Fri 2019-04-26 My YouTube Subscriptions #6 Ahuka
2801 Mon 2019-04-29 Guitar Set Up Part 1. NYbill
2802 Tue 2019-04-30 Mid-life (?) assessment clacke

Comments this month

These are comments which have been made during the past month, either to shows released during the month or to past shows. There are 23 comments in total.

Past shows

There are 4 comments on 4 previous shows:

This month's shows

There are 19 comments on 7 of this month's shows:

  • hpr2783 (2019-04-03) "The Windows "Shutdown.exe" Command Explained" by Claudio Miranda.
    • Comment 1: Bubba on 2019-04-04: "Shutdown.exe command"
    • Comment 2: ClaudioM on 2019-04-06: "Also Useful with PsExec from Sysinternals Suite"

  • hpr2784 (2019-04-04) "The Yamaha Disklavier" by Jon Kulp.
    • Comment 1: tuturto on 2019-04-04: "music to ears"
    • Comment 2: Jan on 2019-04-04: "Translations"
    • Comment 3: Jon Kulp on 2019-04-04: "Ok but it wasn't the "Well-Tempered Piano""
    • Comment 4: Gavtres on 2019-04-05: "So cool!"
    • Comment 5: Dave Morriss on 2019-04-05: "What a wonderful device!"
    • Comment 6: Guy on 2019-04-06: "How far away are you?"
    • Comment 7: Jon Kulp on 2019-04-06: ""or" not "of""
    • Comment 8: Windigo on 2019-04-14: "Library of Congress"
    • Comment 9: Jon Kulp on 2019-04-15: "A great summer job"
    • Comment 10: Jon Kulp on 2019-04-18: "Older near-perfect player pianos"

  • hpr2787 (2019-04-09) "NodeJS Part 1" by operat0r.
    • Comment 1: tuturto on 2019-04-10: "looking for more"

  • hpr2789 (2019-04-11) "Pacing In Storytelling" by lostnbronx.
    • Comment 1: tuturto on 2019-04-11: "what about non-fictional stories"

  • hpr2793 (2019-04-17) "bash coproc: the future (2009) is here" by clacke.
    • Comment 1: Dave Morriss on 2019-04-22: "I really enjoyed this!"

  • hpr2796 (2019-04-22) "IRS,Credit Freezes and Junk Mail Ohh My!" by operat0r.
    • Comment 1: cogoman on 2019-04-25: "Credit card security"

  • hpr2798 (2019-04-24) "Should Podcasters be Pirates ?" by knightwise.
    • Comment 1: tuturto on 2019-04-24: "Yarrr, record me episodes"
    • Comment 2: Dave Morriss on 2019-04-27: "Memories of early podcasts and pirate radio"
    • Comment 3: DudeNamedBen on 2019-04-29: "Da Podfather, Adam Curry"

Mailing List discussions

Policy decisions surrounding HPR are taken by the community as a whole. This discussion takes place on the Mail List which is open to all HPR listeners and contributors. The discussions are open and available on the HPR server under Mailman.

The threaded discussions this month can be found here:

http://hackerpublicradio.org/pipermail/hpr_hackerpublicradio.org/2019-April/thread.html

Events Calendar

With the kind permission of LWN.net we are linking to The LWN.net Community Calendar.

Quoting the site:

This is the LWN.net community event calendar, where we track events of interest to people using and developing Linux and free software. Clicking on individual events will take you to the appropriate web page.

Any other business

HPR on Wikipedia

Please see the draft at https://en.wikipedia.org/w/index.php?title=Draft:Hacker_Public_Radio

If you are not already a host, then please help improve the site.

Tags and Summaries

Thanks to the following contributor for sending in updates in the past month: Tony Hughes

Over the period tags and/or summaries have been added to 36 shows which were without them.

If you would like to contribute to the tag/summary project visit the summary page at https://hackerpublicradio.org/report_missing_tags.php and follow the instructions there.


News Bewertung

Weiterlesen Weiterlesen

HPR2805: My 50th Show

Zur Kategorie wechselnPodcasts vom | Quelle: hackerpublicradio.org Direktlink direkt öffnen

Hallo this is again Tony Hughes for HPR. This is an auspicious show for me as it’s my 50th show that I have recorded and released on HPR in my own right. However prior to my 1st show in my own right I did guest on 2 shows.

The first of these was:

  • hpr0844 :: The Flying Handbag hosted by HPR Volunteers
    Released: 2011-10-26

Which was a show that was recorded at Barcamp Blackpool in 2011, when a group of us got together to record a podcast, the hilarious thing was that the only place we could find to record was a stairwell which happened to be next to the toilets, definitely not family friendly but if you want a laugh have a listen.

The next show I appeared on was an interview I did with Ken Fallon at my first OggCamp in the same year.

  • hpr0863 :: Tony Hughes Free Cycle hosted by Ken Fallon
    Released: 2011-11-22.

Ken was as usual trying to recruit new hosts and interviewed me with the hope that I would become one. Well I did but it took another 5 years before I finally recorded my first show in my own right.

First just to say the idea for this show comes from hpr2700 in which Ken created a script to automate the bot voice reading a list of every show that has been released on HPR, so to celebrate my 50th Show I thought I would list my shows but with me running through them and do a brief summary of the show where appropriate.

  1. hpr2051 :: My Linux Journey
    Released on 2016-06-13
    in this episode I talked about my journey in computing and starting to use Linux

  2. hpr2056 :: Interview with a young hacker
    Released on 2016-06-20
    This was my first of several interviews with @All_about_Code at my local Raspberry Jam

  3. hpr2065 :: Whats in My Bag
    Released on 2016-07-01
    Looking at this show so tells me I have to redo this show as my bag is very different these days

  4. hpr2076 :: What Magazines I read Part 1
    Released on 2016-07-18
    just what the title said, I talked about the magazines I was reading at that point in time.

  5. hpr2087 :: Magazines I read Part 2
    Released on 2016-08-02
    This was a follow up of the last show

  6. hpr2097 :: New Toys
    Released on 2016-08-16
    I talked about my hardware journey over the last 30 odd years and talked about the i7 system I had just bought 2nd hand

  7. hpr2101 :: What’s on my podcatcher
    Released on 2016-08-22
    A show about the podcasts I listen to.

  8. hpr2144 :: An Interview with All About Code at Manchester BarCamp
    Released on 2016-10-20
    a follow up interview with Josh

  9. hpr2151 :: BarCamp Manchester part 2
    Released on 2016-10-31
    An interview with Claire, the organiser of BarCamp Manchester.

  10. hpr2157 :: BarCamp Manchester part 3
    Released on 2016-11-08
    This was an interview with Alan O’Donohoe who had started the Raspberry Jam movement

  11. hpr2257 :: Watt OS
    Released on 2017-03-28
    Acer Aspire One Netbook – Review

  12. hpr2265 :: WattOS on Lenovo X61s
    Released on 2017
    Lenovo X61s – Review

  13. hpr2271 :: Raspberry Pi Zero W
    Released on 2017-04-17
    Review Episode on the then New Pi Zero W

  14. hpr2280 :: Lenovo X61s Part 2
    Released on 2017-04-28
    Follow up review after a SSD upgrade and using Linux Lite

  15. hpr2286 :: Surviving a Stroke
    Released on 2017-05-08
    A very personal episode about my surviving a Stroke in February 2017

  16. hpr2295 :: MX Linux
    Released on 2017-05-19
    A review episode using this OS on a Lenovo X230i after a hardware boot issue with Linux Mint and an SSD

  17. hpr2331 :: Liverpool Makefest 2017 Show 1
    Released on 2017-07-10
    The first of a number of interview shows from the 2017 Liverpool Makefest

  18. hpr2336 :: Liverpool Makefest 2017 Show 2
    Released on 2017-07-17

  19. hpr2341 :: Liverpool Makefest 2017 Show 3
    Released on 2017-07-24

  20. hpr2346 :: Liverpool Makefest 2017 Show 4
    Released on 2017-07-31

  21. hpr2352 :: Liverpool Makefest 2017 Show 5
    Released on 2017-08-08

  22. hpr2362 :: Raspbian X86 on Lenovo x61s
    Released on 2017-08-22
    Review of Raspbian X86 on a Lenovo X61s

  23. hpr2366 :: Making Bramble Jelly
    Released on 2017-08-28
    Just what it says on the tin I talk about making Bramble jelly,

  24. hpr2374 :: How to Make Sauerkraut
    Released on 2017-09-07
    Another food show on how to make Sauerkraut

  25. hpr2380 :: Raspbian X86 on P4 Tower
    Released on 2017-09-15
    Follow up this time running Raspbian X86 on an old P4 Tower

  26. hpr2405 :: Nokia 6 Review
    Released on 2017-10-20
    I reviewed my new phone

  27. hpr2432 :: Living with the Nokia 6 – an update to HPR 2405
    Released on 2017-11-28
    Follow up update show having lived with the phone for a couple of months.

  28. hpr2442 :: The sound of Woodbrooke Quaker Study centre in the Spring
    Released on 2017-12-12
    This was a soundscape recording I made at Woodbrooke Quaker Study Centre in Birmingham UK while I was there in April 2017.

  29. hpr2579 :: Ubuntu 18.04 Mate
    Released on 2018-06-21
    A review of the recently released Ubuntu 18.04 Mate

  30. hpr2590 :: Blowing a PC Power Supply
    Released on 2018-07-06
    A show about how not to blow your PC power supply

  31. hpr2595 :: New laptop bargain?
    Released on 2018-07-13
    A review on my recently purchased secondhand Toshiba Z30 laptop

  32. hpr2601 :: Liverpool Makerfest 2018
    Released on 2018-07-23
    Chris Dell

  33. hpr2606 :: Liverpool Makefest 2018 - interview with Dan Lynch
    Released on 2018-07-30
    A podcast Legend

  34. hpr2612 :: Liverpool Makefest 2018 - interview with Joe aka Concrete Dog
    Released on 2018-08-07
    About Rocketry

  35. hpr2616 :: Liverpool Makefest 2018 - interview with Josh - A.K.A - All About Code
    Released on 2018-08-13.
    This is another short interview recorded at Liverpool Makefest, with Josh talking about EduBlocks.

  36. hpr2621 :: Liverpool Makefest 2018 - Chan’nel Thomas a.k.a little pink maker
    Released on 2018-08-20
    I talk to Chan’nel Thomas aka little pink maker.

  37. hpr2626 :: Liverpool Makefest 2018 - interviews with Helen and Chris
    Released on 2018-08-27
    In this episode I talk to Helen from Manchester Hackspace and Chris from Wirral Code Club

  38. hpr2632 :: Liverpool Makefest 2018 - interviews with Robert and Carl
    Released on 2018-09-04
    In this episode I talk to Robert from Roberts Workshop and Carl from Edgehill University

  39. hpr2636 :: Liverpool Makefest 2018 - interviews with Noel from JMU FabLab
    Released on 2018-09-10

  40. hpr2641 :: Liverpool Makefest 2018 - interview with Rachel from the MicroBit Foundation
    Released on 2018-09-17

  41. hpr2646 :: Liverpool Makefest 2018 - Interview with Steve and Gerrard from the Liverpool Astronomical society.
    Released on 2018-09-24

  42. hpr2652 :: Liverpool Makefest 2018 - Interview with Caroline and John
    Released on 2018-10-02 under a CC-BY-SA license.
    This was the final interview from Makefest 2018 in Liverpool. In this interview I interview one of the founder members of Makefest, Caroline Keep, and the Head Teacher of the school where she works, John Carling.

  43. hpr2663 :: Short review on a 2.5 inch SSD/HDD caddy
    Released on 2018-10-17
    Quick hardware review

  44. hpr2702 :: Audacity set up and response to episode 2658
    Released on 2018-12-11
    I post my response to show 2658 by Dave and Al

  45. hpr2735 :: Soffritto
    Released on 2019-01-25
    Another food show

  46. hpr2738 :: My Applications
    Released on 2019-01-30
    This and my 47th episode were about the applications I use in Linux

  47. hpr2746 :: My software part 2
    Released on 2019-02-11

  48. hpr2772 :: My applications and software part 3
    A short show about the software I use in Linux Mint

  49. hpr2786 :: My YouTube Channels
    A short show about some of my YouTube channels inspired by Ahuka

http://hackerpublicradio.org/correspondents.php?hostid=338


News Bewertung

Weiterlesen Weiterlesen

HPR2804: Awk Part 13: Fix-Width Field Processing

Zur Kategorie wechselnPodcasts vom | Quelle: hackerpublicradio.org Direktlink direkt öffnen

Basic usage

Use the FIELDWIDTHS = "n1 n2 n3 ..." annotation in the BEGIN section of an awk command to specify the widths of the fields.

For instance, the following file has widths of 20, 10, and 12 characters.

NAME                STATE     TELEPHONE
John Smith          WA        418-311-4111
Mary Hartford       CA        319-219-4341
Evan Nolan          IL        219-532-5301
Boris Ratinski      NC        201-553-5555

Below is an example of processing such a file:

BEGIN  { FIELDWIDTHS = "20 10 12" }
NR > 1 {
    name = $1
    state = $2
    phone = $3
    sub(/ +$/, "", name)
    sub(/ +$/, "", state)
    sub(/ +$/, "", phone)
    printf("%s lives in %s. The phone number is %s.\n", name, state, phone)
}

Then you can run the command:

awk -f process_fixed_width.awk fixed_width.txt

News Bewertung

Weiterlesen Weiterlesen

HPR2803: Update on my Raspi 3 B OpenMedia Vault and Next Cloud instances

Zur Kategorie wechselnPodcasts vom | Quelle: hackerpublicradio.org Direktlink direkt öffnen

I use a Toshiba 4TB non-powered drive external usb 3 drive.


News Bewertung

Weiterlesen Weiterlesen

HPR2803: Update on my Raspi 3 B OpenMedia Vault and Next Cloud instances

Zur Kategorie wechselnPodcasts vom | Quelle: hackerpublicradio.org Direktlink direkt öffnen

I use a Toshiba 4TB non-powered drive external usb 3 drive.


News Bewertung

Weiterlesen Weiterlesen

HPR2802: Mid-life (?) assessment

Zur Kategorie wechselnPodcasts vom | Quelle: hackerpublicradio.org Direktlink direkt öffnen

At 40, I’m at the middle of the mean life expectancy in most parts of the world. What’s happened so far, and where do I go from here?

I look at my life’s past in increasingly smaller chunks of years, and then at my life’s future in increasingly larger chunks of years, and speculate about those 80 years — or perhaps many more? — of expected lifetime.

I’m saying mostly the things I wrote at https://loadaverage.org/conversation/10689347 but with some small updates from the last 9 months.


News Bewertung

Weiterlesen Weiterlesen

HPR2802: Mid-life (?) assessment

Zur Kategorie wechselnPodcasts vom | Quelle: hackerpublicradio.org Direktlink direkt öffnen

At 40, I’m at the middle of the mean life expectancy in most parts of the world. What’s happened so far, and where do I go from here?

I look at my life’s past in increasingly smaller chunks of years, and then at my life’s future in increasingly larger chunks of years, and speculate about those 80 years — or perhaps many more? — of expected lifetime.

I’m saying mostly the things I wrote at https://loadaverage.org/conversation/10689347 but with some small updates from the last 9 months.


News Bewertung

Weiterlesen Weiterlesen

HPR2801: Guitar Set Up Part 1.

Zur Kategorie wechselnPodcasts vom | Quelle: hackerpublicradio.org Direktlink direkt öffnen

NYbill talks about setting up a guitar.

Pics for the episode:

http://media.gunmonkeynet.net/u/nybill/collection/guitar-set-up/


News Bewertung

Weiterlesen Weiterlesen

HPR2801: Guitar Set Up Part 1.

Zur Kategorie wechselnPodcasts vom | Quelle: hackerpublicradio.org Direktlink direkt öffnen

NYbill talks about setting up a guitar.

Pics for the episode:

http://media.gunmonkeynet.net/u/nybill/collection/guitar-set-up/


News Bewertung

Weiterlesen Weiterlesen

HPR2720: Download youtube channels using the rss feeds

Zur Kategorie wechselnPodcasts vom | Quelle: hackerpublicradio.org Direktlink direkt öffnen

I had a very similar problem to Ahuka aka Kevin, in hpr2675 :: YouTube Playlists. I wanted to be able to download an entire youtube channel and store them so that I could play them in the order that they were posted.
See previous episode hpr2705 :: Youtube downloader for channels.

The problem with the original script is that it needs to download and check each video in each channel and it can crawl to a halt on large channels like EEEVblog.

The solution was given in hpr2544 :: How I prepared episode 2493: YouTube Subscriptions - update with more details in the full-length notes.

  1. Subscribe:
    Subscriptions are the currency of YouTube creators so don't be afraid to create an account to subscribe to the creators. Here is my current subscription_manager.opml to give you some ideas.
  2. Export:
    Login to https://www.youtube.com/subscription_manager and at the bottom you will see the option to Export subscriptions. Save the file and alter the script to point to it.
  3. Download: Run the script youtube-rss.bash

How it works

The first part allows you to define where you want to save your files. It also allows you to set what videos to skip based on length and strings in their titles.

savepath="/mnt/media/Videos/channels"
subscriptions="${savepath}/subscription_manager.opml"
logfile="${savepath}/log/downloaded.log"
youtubedl="/mnt/media/Videos/youtube-dl/youtube-dl"
DRYRUN="echo DEBUG: "
maxlength=7200 # two hours
skipcrap="fail |react |live |Best Pets|BLOOPERS|Kids Try"

After some checks and cleanup, we can then parse the opml file. This is an example of the top of mine.

<?xml version="1.0"?>
<opml version="1.1">
  <body>
    <outline text="YouTube Subscriptions" title="YouTube Subscriptions">
      <outline text="Wintergatan" title="Wintergatan" type="rss" xmlUrl="https://www.youtube.com/feeds/videos.xml?channel_id=UCcXhhVwCT6_WqjkEniejRJQ"/>
      <outline text="Primitive Technology" title="Primitive Technology" type="rss" xmlUrl="https://www.youtube.com/feeds/videos.xml?channel_id=UCAL3JXZSzSm8AlZyD3nQdBA"/>
      <outline text="John Ward" title="John Ward" type="rss" xmlUrl="https://www.youtube.com/feeds/videos.xml?channel_id=UC2uFFhnMKyF82UY2TbXRaNg"/>

Now we use the xmlstarlet tool to extract each of the urls and also the title. The title is just used to give some feedback, while the url needs to be stored for later. Now we have a complete list of all the current urls, in all the feeds.

xmlstarlet sel -T -t -m '/opml/body/outline/outline' -v 'concat( @xmlUrl, " ", @title)' -n "${subscriptions}" | while read subscription title
do
  echo "Getting "${title}""
  wget -q "${subscription}" -O - | xmlstarlet sel -T -t -m '/_:feed/_:entry/media:group/media:content' -v '@url' -n - | awk -F '?' '{print $1}'  >> "${logfile}_getlist"
done

The main part of the script then counts the total so we can have some feedback while we are running it. It then pumps the list from the previous step into a loop which first checks to make sure we have not already downloaded it.

count=1
total=$( sort "${logfile}_getlist" | uniq | wc -l )

sort "${logfile}_getlist" | uniq | while read thisvideo
do 
  if [ "$( grep "${thisvideo}" "${logfile}" | wc -l )" -eq 0 ];
  then

The next part takes advantage of the youtube-dl --dump-json command which downloads all sorts of information about the video which we store to query later.

    metadata="$( ${youtubedl} --dump-json ${thisvideo} )"
    uploader="$( echo $metadata | jq '.uploader' | awk -F '"' '{print $2}' )"
    title="$( echo $metadata | jq '.title' | awk -F '"' '{print $2}' )"
    upload_date="$( echo $metadata | jq '.upload_date' | awk -F '"' '{print $2}' )"
    id="$( echo $metadata | jq '.id' | awk -F '"' '{print $2}' )"
    duration="$( echo $metadata | jq '.duration' )"

Having the duration, we can skip long episodes.

    if [[ -z ${duration} || ${duration} -le 0 ]]
    then
      echo -e "nError: The duration "${length}" is strange. "${thisvideo}"."
      continue
    elif [[ ${duration} -ge ${maxlength} ]]
    then
      echo -e "nFilter: You told me not to download titles over ${maxlength} seconds long "${title}", "${thisvideo}""
      continue
    fi

Or videos that don't interest us.

    if [[ ! -z "${skipcrap}" && $( echo ${title} | egrep -i "${skipcrap}" | wc -l ) -ne 0 ]]
    then
      echo -e "nSkipping: You told me not to download this stuff. ${uploader}: "${title}", "${thisvideo}""
      continue
    else
      echo -e "n${uploader}: "${title}", "${thisvideo}""
    fi

Now we have a filtered list of urls we do want to keep. These we also save the description in a text file with the video id if we want to refer to it later.

    echo ${thisvideo} >> "${logfile}_todo"
    echo -e $( echo $metadata | jq '.description' ) > "${savepath}/description/${id}.txt"
  else
    echo -ne "rProcessing ${count} of ${total}"
  fi
  count=$((count+1))
done
echo ""

And finally we download the actual videos saving each channel in its own directory. The file names is first an ISO8601 date, then the title stored as ASCII with no space or ampersands. I then use a "⋄" as a delimiter before the video id.

# Download the list
if [ -e "${logfile}_todo" ];
then
  cat "${logfile}_todo" | ${youtubedl} --batch-file - --ignore-errors --no-mtime --restrict-filenames --format mp4 -o "${savepath}"'/%(uploader)s/%(upload_date)s-%(title)s⋄%(id)s.%(ext)s'
  cat "${logfile}_todo" >> ${logfile}
fi

Now you have a fast script that keeps you up to date with your feeds.


News Bewertung

Weiterlesen Weiterlesen

HPR2719: Bash Tips - 17

Zur Kategorie wechselnPodcasts vom | Quelle: hackerpublicradio.org Direktlink direkt öffnen

Bash Tips - 17 (Additional auxiliary Bash tips)

Arrays in Bash

This is the second of a small group of shows on the subject of arrays in Bash. It is also the seventeenth show in the Bash Tips sub-series.

In the last show we saw the two types of arrays, and learned about the multiple ways of creating them and populating them. We also looked at how array elements and entire arrays are accessed.

Now we want to continue looking at array access and some of the various parameter expansion operations available.

Long notes

I have provided detailed notes as usual for this episode, and these can be viewed here.

Links


News Bewertung

Weiterlesen Weiterlesen

HPR2718: Genre In Storytelling

Zur Kategorie wechselnPodcasts vom | Quelle: hackerpublicradio.org Direktlink direkt öffnen

Many people see genres as being largely interchangeable, but are they really? Why can some stories only be told in a particular genre? When are genre stories truly alike? And when are setting, character, and plot more important than genre? Lostnbronx takes a quick, rambling look at this complicated subject.


News Bewertung

Weiterlesen Weiterlesen

HPR2717: Mobile Device Security

Zur Kategorie wechselnPodcasts vom | Quelle: hackerpublicradio.org Direktlink direkt öffnen

Introduction

Hello and welcome to Hacker Public Radio, I’m Edward Miro and for this episode I decided to address mobile device security. As with most of the research and articles I’ve written in the past, these are geared toward standard users in a business setting and are meant to be a jumping off point for further research and to be a foundation for cyber security 101 level training classes. If you like what I do, and want to have me come speak to your team, feel free to email me.

As an information security researcher, I have noticed a trend in what potential clients lately have been interested in: cell phones. Almost everyone I have consulted for in the area of private investigations make this area their main priority. This makes sense as users have started to transition to using mobile devices more and more. Not only do cell phones represent the main conduit to the internet for a huge chunk of people, but many use them for work also. Many companies have smartly presented policies against this, but there are still many organizations that allow bring-your-own-device style implementations. In the following podcast I will try to define the threats, defense and considerations in very broad strokes.

Cell phones differ from a standard hacking target in a few ways. For the most part, many of the same vectors are still valid. Remote code execution however is more rare, but not out of the question. I’m going to attempt to present these different vectors in an ascending list of what is most likely to be used as an attack, in my humble (and possibly ignorant) opinion.

1. Passive Surveillance

This vector is one many in the hacking world will already be familiar with and it is a major concern for mobile devices as well. Attackers can monitor an access point where the mobile device is connected and collect packets in all the usual ways. Open public WiFi is a treasure trove and tons of data that’s being sent in the clear can be collected, analyzed and leveraged by attackers.

Defense here is a bit more complicated for the general user, but shouldn’t be too intrusive for most:

  1. Use a VPN on your mobile devices.
  2. Switch to a DNS provider that provides secure DNSSEC.
  3. Implement proper encryption on access points.

2. Spyware

Many commercial spyware applications are readily available on both of the main app stores. The challenges for attackers lie in either gaining physical access to the unlocked device to install the spyware, or tricking the user into installing it themselves. Most often the target’s spouse or close contact does this. Some of these apps can be disguised to look like innocuous applications as a feature, but with devices that are rooted/jailbroken, they can be completely hidden from the user. I found a few surveys that state the average smart phone user has about 30 apps installed. I don’t think it’s unreasonable to suspect the average person wouldn’t notice a second calculator or calendar app. These apps feature the full gamut of what you’d expect from a spyware app.

Defense against spyware is pretty simple:

  1. Don’t allow unsupervised access to your device.
  2. Use a strong passcode or biometric lock.
  3. Remove unused applications and be aware of new apps that may pop up.
  4. Don’t root or jailbreak your device.

3. Social Engineering

The tried and true vector that has always worked and will continue to work is social engineering. It doesn’t matter what kind of device a target is using if you can get them to click a malicious link, open a malicious attachment, or disclose their password to the attackers. With a user’s password you can conduct a vast amount of surveillance through their Google or Apple account. Not to mention leverage their password into all their other accounts as most users still use the same password for everything. We can also callback to the previous section on spyware by mentioning that many users are already familiar with enabling the installation of 3rd party applications and can be tricked into installing a cleverly disguised spyware application.

Basic OPSEC recommendations are applicable here:

  1. Don’t click strange or unsolicited links or attachments on your devices.
  2. Never disclose your password to anyone through a text message or voice call.
  3. Don’t install 3rd party applications. I’ll extend this to say not to install any shady or questionable apps, even ones hosted by the app stores. There have been instances of vetted apps being malicious.

4. IMSI catchers/Femtocells

I refer to these as DIY Stingrays. Stingrays are devices used by law enforcement to track and surveil cell phone traffic. These devices emulate a cell tower or boost cell phone signals when used in a legitimate way. Mobile phones are designed to prefer using stations that are the closest and strongest. Any technically proficient attacker can DIY one of these devices for not a lot of money. When an attacker deploys one of these devices, the target’s phone usually has no idea that the device isn’t an official cell tower and happily connects and passes traffic through it. The rogue stations can then be configured to pass the traffic on to an authentic tower and the user will have no idea. These rogue towers can not only collect identifying information about the mobile device that can be used to track or mark a target, they can also monitor voice calls, data, and SMS, as well as perform man-in-the-middle attacks. Often they can disable the native encryption of the target’s phone as well.

Defense against this vector is a bit more complicated:

  1. As before, use a VPN.
  2. Use Signal or other encrypted communication apps.
  3. Avoid disclosing sensitive information during voice calls.
  4. There is software that has been developed to detect and notify the user when a rogue station has been detected, but this is not going to be super helpful for standard users. There are also maps online of known cell towers and it is possible to use software to identify your connected tower.

5. Exploits

Speaking very generally, this attack vector is for the most part less of a concern (depending on your particular threat level), but we all know that the chance of this happening in the wild is probably remote for most people. The technical implementations of exploits such as Rowhammer, Stagefright, and Blueborne are well outside the scope of this particular talk, but we would be incorrect to not mention them and what can be done to protect against them. And we should also pay special attention to more and more exploits being developed to attack mobile devices as attackers have started putting a lot of attention in this area. Even though many of these vulnerabilities are being patched, we all know many users are still using old versions of Android and iOS, and many devices are simply outside the support period offered by the manufacturers and will never be updated past a certain point. Couple that with the general idea that mobile devices (or any device running a non Windows based OS) are “safer” because less exploits exist for them is currently a very poor assumption. This will probably get worse as the cost of keeping up with new devices now being over $1000 and many users won’t be able to get devices that are constantly being patched.

What we can do:

  1. Keep your mobile devices updated with most current OS updates and carrier settings. Also keep applications updated. I don’t know how many times I’ve noticed friends or family with devices that are ready to be updated, but the notifications go ignored.
  2. If it’s possible, replace devices when they are outside the support period.
  3. Be paranoid, if it applies to you. What this means is when you use any computer or device, always remember that zero day exploits can exist for years before being disclosed. You could follow ALL the best OPSEC practices, and you could still be vulnerable to exploits that haven’t been disclosed and/or patched. This might not matter if you’re just a general user, but if you work for the government or do intelligence work, act as if.

Well, thank you for taking the time to listen to my basic introduction to cell phone cyber defense. I know most of the information I provided is only the tip of the iceberg and if current trends hold up, this will only get worse in the future. If you want to add to or correct any mistakes I may have made, like I stated in the introduction, feel free to email me and let’s have a conversation. I don’t claim to know all there is to know and love feedback and any opportunities to learn more or collaborate with others in the field.

Thanks again, and have a great 2019!


News Bewertung

Weiterlesen Weiterlesen

HPR2716: Really Simple YouTube

Zur Kategorie wechselnPodcasts vom | Quelle: hackerpublicradio.org Direktlink direkt öffnen

Here are the two links I mentioned that let you pull RSS feeds out of YouTube


News Bewertung

Weiterlesen Weiterlesen

HPR2715: About ONAP

Zur Kategorie wechselnPodcasts vom | Quelle: hackerpublicradio.org Direktlink direkt öffnen

So I went to the open networking trade show sponsored by the Linux Foundation with Ken Fallon’s help.

The first thing they talked about was ONAP.

https://www.onap.org/
https://en.wikipedia.org/wiki/ONAP


News Bewertung

Weiterlesen Weiterlesen

HPR2714: Airplane stalls and Angle of Attack

Zur Kategorie wechselnPodcasts vom | Quelle: hackerpublicradio.org Direktlink direkt öffnen

stalls, a primer on why aircraft fly, and don’t fly

YouTube video of stall with narration (35 seconds)

https://www.youtube.com/watch?v=SiOiVHUEYao

AoA gauge from T-38 manual

https://goo.gl/images/ZH5UYx

Some definitions

  • chord - an imaginary line from the front of the wing to the back

  • relative wind - movement of air relative to the chord

  • angle of attack - the angle of the chord of the wing to the relative wind

  • stall - a condition where the air on the top of the wing is not flowing smoothly over the wing

  • critical angle of attack - the angle that the wing becomes stalled

  • fun - stalling and spinning and aircraft when its safe to do so

  • scary - stalling and spinning and aircraft when you don’t want to

Things not mentioned

This discussion pertained to subsonic speeds, super sonic flight introduces a whole other realm of issues.

The wings of aircraft do not stall all at once. They are designed (usually) to stall from the wing root (where the wing is attached to the fuselage) towards the tips. This ensures good roll control at slow speed and into the stall. This stalling characteristic is achieved by designing twist in the wing (washout) allowing different parts of the wing to hit the critical angle of attack at different times.

The most dangerous situation that you can find yourself in is a low altitude situation where one wing is stalled more than the other. The airplane then enters a spin. The dangerous part is the low altitude. Spins are fun, and the plane is still controllable, but you need altitude to recover. A wise man told me when turning low to the ground keep your nose down and speed up.

Most light aircraft will shudder or buffet as you approach the critical angle of attack this happens because of the disturbed airflow hitting the aircraft’s fuselage or tail. In larger aircraft no (i.e. airliners) no feel is given naturally as the plane approaches a stalled condition so systems like stick shakers vibrate the control artificially as you approach the critical angle of attack as measured by the AoA sensors. DC-9 stick shaker, a big cell phone vibrator artificial stall warning is mandatory in fly-by-wire aircraft (i.e. Airbus, f-16) as well as pure hydraulic controls (i.e. Boeing 757)

Author: Brian
Created: 2018-12-01 Sat 07:34
Emacs 25.3.1 (Org mode 8.2.10)


News Bewertung

Weiterlesen Weiterlesen

HPR2713: Resources in 4x game

Zur Kategorie wechselnPodcasts vom | Quelle: hackerpublicradio.org Direktlink direkt öffnen

Raw resources are integral part for most 4x games. Here’s one way of modeling them in Haskell. I wanted a system that is easy to use, doesn’t require too much typing and is type safe.

RawResource is basic building block:

newtype RawResource a = RawResource { unRawResource :: Int }
    deriving (Show, Read, Eq)

It can be parametrised with anything, but I’m using three different types:

data Biological = Biological
data Mechanical = Mechanical
data Chemical = Chemical

Example of defining harvest being 100 units of biological raw resources:

  harvest :: RawResource Biological
  harvest = RawResource 100

Raw resources are often manipulated (added and subtracted mostly). Defining Num instance allows us to use them as numbers:

instance Num (RawResource t) where
    (+) (RawResource a) (RawResource b) = RawResource $ a + b
    (-) (RawResource a) (RawResource b) = RawResource $ a - b
    (*) (RawResource a) (RawResource b) = RawResource $ a * b
    abs (RawResource a) = RawResource $ abs a
    signum (RawResource a) = RawResource $ signum a
    fromInteger a = RawResource $ fromInteger a

For example, adding harvest to stock pile:

  stock :: RawResource Biological
  stock = RawResource 1000

  harvest :: RawResource Biological
  harvest = RawResource 100

  newStock = stock + harvest

Comparing size of two resource piles is common operation. Ord instance has methods we need for comparing:

instance Ord (RawResource t) where
    (<=) (RawResource a) (RawResource b) = a <= b

One function is enough, as rest is defined in terms of it. Sometimes (usually for reasons of optimization), one might want to define other functions too.

Another way to add bunch of resources of same type together is defining Monoid instance:

instance Semigroup (RawResource t) where
    (<>) a b = a + b

instance Monoid (RawResource t) where
    mempty = RawResource 0

For example, combining harvests of many fields can be achieved as:

  harvests :: [RawResource Biological]
  harvests = [RawResource 20, RawResource 50, RawResource 25]

  total :: RawResource Biological
  total = mappend harvests

All these functions keep track of type of resources being manipulated. Compiler will emit an error if two different types of resources are being mixed together.

Raw resources are often grouped together for specific purpose. This again uses phantom types to keep track the intended usage:

data RawResources a = RawResources
    { ccdMechanicalCost :: RawResource Mechanical
    , ccdBiologicalCost :: RawResource Biological
    , ccdChemicalCost :: RawResource Chemical
    } deriving (Show, Read, Eq)

data ResourceCost = ResourceCost
data ConstructionSpeed = ConstructionSpeed
data ConstructionLeft = ConstructionLeft
data ConstructionDone = ConstructionDone
data ResourcesAvailable = ResourcesAvailable

And in order to be able to combine piles of RawResources, we’ll define Semigroup and Monoid instances. Notice how both instances make use of Semigroup and Monoid instances of RawResource:

instance Semigroup (RawResources t) where
    (<>) a b = RawResources
        { ccdMechanicalCost = ccdMechanicalCost a <> ccdMechanicalCost b
        , ccdBiologicalCost = ccdBiologicalCost a <> ccdBiologicalCost b
        , ccdChemicalCost = ccdChemicalCost a <> ccdChemicalCost b
        }

instance Monoid (RawResources t) where
    mempty = RawResources
        { ccdMechanicalCost = mempty
        , ccdBiologicalCost = mempty
        , ccdChemicalCost = mempty
        }

For those interested seeing some code, source is available at https://github.com/tuturto/deep-sky/ (https://github.com/tuturto/deep-sky/tree/baa0807dd36b61fd02174b17c10013862af4ec18 is situation before lots of Elm related changes that I mentioned in passing in the previous episode)


News Bewertung

Weiterlesen Weiterlesen

HPR2712: Steganography

Zur Kategorie wechselnPodcasts vom | Quelle: hackerpublicradio.org Direktlink direkt öffnen

Did you find the hidden message contained in Klaatu's previous two episodes?

If not, Klaatu reveals how to find it in this one, how to duplicate it, and what makes good steganography.


News Bewertung

Weiterlesen Weiterlesen

HPR2711: Raspberry Pi 3A+ Review

Zur Kategorie wechselnPodcasts vom | Quelle: hackerpublicradio.org Direktlink direkt öffnen

Raspberry Pi 3A+ review

In this episode of HPR, I will do a quick review of the Raspberry Pi 3A+, the latest release of the Raspberry Pi foundation.

Raspberry Pi 3A+Raspberry Pi 3A+

Specs
The Raspberry Pi 3A+ has almost the same hardware as its big brother/sister the 3B+ :

  • BCM2837 BO SOC (system on chip), a quad core 64-bit ARM v8 processor, running at 1.4 GHz
  • On board wireless :
    • WiFi : 2.4 and 5 GHz 802.11 c/y/n/ac
    • Bluetooth : 4.2 and BLE
  • MicroSD card for storing the operating system and the data
  • Full size HDMI connector
  • 3.5 mm jack connector for audio and composite video output
  • MicroUSB connector for the power supply
  • 40-pin header with the same pinout as every other Raspberry Pi

The differences are :

  • Only one full size USB connector, instead of four on the 3B+
  • No ethernet connector
  • Only 512 MB or SDRAM instead of 1 GB on the 3B+

Size
The Raspberry Pi 3A+ is 6.7 x 5.6 cm (2.6 x 2.2 in) and 11 mm high (.45 in). But if you plug a ribbon in the header, then it takes a lot of space.

Raspberry Pi 3A+

In this case, it’s probably better to unsolder the header, and solder a right angle header in place, so the pins are pointing to the side of the board and not upwards

Raspberry Pi 3A+Raspberry Pi 3A+

With a bit of caution and the help of some desoldering wick, it’s not a complex operation, because there is no component near the GPIO header.

Of course if you plan on using a HAT, then you’re better off using the straight header. The Raspberry Pi 3A+ is actually the same size than a standard HAT.

Raspberry Pi 3A+Raspberry Pi 3A+

Use case

Since the Raspberry Pi 3A+ doesn’t have an ethernet port, I think I will not use it for server stuff like Mosquitto or Pi-Hole, for which a good network connection is required. Also, those servers sometimes need a keyboard and a mouse, and with only one USB port, that’s not too practical.

For me, the A+ will be used to upgrade projects currently using a Raspberry Pi ZeroW, and for which I need a little more power. The on board WiFi and the small form factor, combined with the extra power, makes the 3A+ an ideal replacement for the ZeroW.

Credits

The sound used for the opening and closing sequence is Speaker X-Clash by Daniel H, and is released under a CC-BY-NC license.


News Bewertung

Weiterlesen Weiterlesen

Seitennavigation

Seite 1 von 2 Seiten (Bei Beitrag 1 - 35)
62x Beiträge in dieser Kategorie

Nächste 2 Seite | Letzte Seite

[ 2 ]