S1E17: "Is that Your Gun (or Are You Just Happy to See Me?)"

Posted
Comments 0

Navigation
Previous EpisodeNext Episode
Log
Recorded (UTC) Aired (UTC) Editor
2016-09-29 03:07:29 2016-10-10 00:19:43 "Edita"
Verification
Format SHA256 GPG Audio File
MP3 72c58bdc1074435d1957bdf87b2cfced227596ad43d162d2efe9295a6218dd34 click click
OGG 0bb65ee9eafb4eafa8516a2741a23da8bcf4f248793e4adf38cbbd8758ec8ed7 click click

Scripting and automation, and OpSec (“Operational Security”) in the workplace- physical security, concealed carry, etc.

News

Starts at 3m32s.

  • We’ve had more aggressive cuts in this episode and the previous episode!
    • Do you like them? Hate them? Didn’t notice?
    • And I’ve been leaving the full tracks in for the outro music pieces. Are you digging that? Do you listen?
    • We make the cuts and pass the savings on to YOUUUUUU!
  • Another openssl bug
  • Textpattern 4.6.0 dropped! Yay! (We talk about TXP in S0E6.)
  • Firefox is going to kill WoSign’s trust in their trust store.
  • You should probably just not even bother buying a Lenovo at this point, seriously.
  • There were reports of the Wi-FI at the political debate being, uh, controlled in a slightly less than savory manner…
  • There’s also a nasty bug in systemd…
    • Which, just like eeeeevery other bug in systemd, has been blown out of proportion.
    • I recommend reading this thread.
  • People have, apparently, been “drilling their own ‘headphone socket’ into the iPhone 7.
    • lol.
  • The oldest computer in use by the government has been tracked down.
  • Jthan doesn’t know how announcements work.

Notes

Starts at 14m43s.

I was drinking Knob Creek Whiskey (yes, again). Jthan was drinking a rum and coke (but didn’t specify which rum). Paden was drinking a Bold Rock Hard Cider.

  • Scripting!
    • I use a lot of the ansible command and shell modules, along with the speedtest-cli script.
    • I also use a lot of iperf3 and I mention mtr too, but they aren’t scripts.
    • DON’T PUSH IT ANYWHERE, but this cron job will save your ass: 0 2 * * * cd /etc ; git add --all . ; git commit -m "Nightly commit" (you need to cd /etc ; git init . first)
    • Things that make a good script (differs on the platform/environment):
      • If you’re a Windows admin, LEARN POWERSHELL. PERIOD.
      • A parser that’s available on every box in your fleet by default
      • Well-tested
      • Well-commented
      • Always fail on error (unless you’re expecting one)- bash’s set -e does a pretty decent job of this. (And set -x is handy for debugging scripts.)
      • Clean formatting (python/PEP-8 is a good way of enforcing this)
      • Separate out variables- define them all at the beginning of the script if possible. Try not to set variables right before they’re needed when possible.
      • Syntax highlighting helps a LOT when writing them. If you prefer a GUI editor, Atom and Brackets are great.
  • Workplace OpSec (29m09s)
    • There’s a “Physical” aspect and a “Cyber” aspect
    • OpSec can be summed up as applied security in your workflow, life, etc.- behavioral.
    • Be CAREFUL what is not only shared by YOU, but who you share WITH and what is even recorded in the first place.
    • Canaries are quite useful.
    • By the way, “smart” tampons are totally a thing.
    • The android app I mention that lets you set a different disk encryption passphrase vs. unlock passphrase is called Cryptfs Password.
    • ALWAYS VERIFY IDENTITIES/AUTHORIZATION.

Sysbadministration Award

In this segment, we highlight system administration mistakes. Think of them as the IT equivalent of the Darwin Awards. (1h13m38s)

A server was rebooted in the middle of a / transfer… with 81.2% done. Ouch.

Errata

  • Jthan’s second question was “If you had to learn just one scripting language and learn it well, what would it be?”
    • My response would be “it depends”. If you’re in a mixed environment, ABSOLUTELY the answer will be python. If you’re all Windows, Powershell. If you’re all *nix, bash (or sh, specifically).

Music

Music Credits
Track Title Artist Link Copyright/License
Intro Fioletovaya Tape Trillion Catz click CC-BY 4.0
Outro El Pago De Chile The Mugris click CC-BY 4.0
(All music is royalty-free, properly licensed for use, used under fair use, or public domain.)

Author
Categories Season One

Comments

There are currently no comments on this article.

Comment...

Enter your comment below. Fields marked * are required. You must preview your comment before submitting it.