S1E17: "Is that Your Gun (or Are You Just Happy to See Me?)"

Posted
Modified
Comments 0

Navigation
Previous EpisodeNext Episode
Log
Recorded (UTC) Aired (UTC) Editor
2016-09-29 03:07:29 2016-10-10 00:19:43 "Edita"
Verification
Format SHA256 GPG Audio File
MP3 96ae9604ca61f43ad8233d84d1d7db507f3494449fcebb25f44454a8636e5f52 click click
OGG 8197d3843afebec70ded2f5cf59954b0282e519584da761bf7911d1ba6a305e9 click click
Quicklisten:

Scripting and automation, and OpSec (“Operational Security”) in the workplace- physical security, concealed carry, etc.

News

Starts at 3m32s.

  • We’ve had more aggressive cuts in this episode and the previous episode!
    • Do you like them? Hate them? Didn’t notice?
    • And I’ve been leaving the full tracks in for the outro music pieces. Are you digging that? Do you listen?
    • We make the cuts and pass the savings on to YOUUUUUU!
  • Another openssl bug
  • Textpattern 4.6.0 dropped! Yay! (We talk about TXP in S0E6.)
  • Firefox is going to kill WoSign’s trust in their trust store.
  • You should probably just not even bother buying a Lenovo at this point, seriously.
  • There were reports of the Wi-FI at the political debate being, uh, controlled in a slightly less than savory manner…
  • There’s also a nasty bug in systemd…
    • Which, just like eeeeevery other bug in systemd, has been blown out of proportion.
    • I recommend reading this thread.
  • People have, apparently, been “drilling their own ‘headphone socket’ into the iPhone 7.
    • lol.
  • The oldest computer in use by the government has been tracked down.
  • Jthan doesn’t know how announcements work.

Notes

Starts at 14m43s.

I was drinking Knob Creek Whiskey (yes, again). Jthan was drinking a rum and coke (but didn’t specify which rum). Paden was drinking a Bold Rock Hard Cider.

  • Scripting!
    • I use a lot of the ansible command and shell modules, along with the speedtest-cli script.
    • I also use a lot of iperf3 and I mention mtr too, but they aren’t scripts.
    • DON’T PUSH IT ANYWHERE, but this cron job will save your ass: 0 2 * * * cd /etc ; git add --all . ; git commit -m "Nightly commit" (you need to cd /etc ; git init . first)
    • Things that make a good script (differs on the platform/environment):
      • If you’re a Windows admin, LEARN POWERSHELL. PERIOD.
      • A parser that’s available on every box in your fleet by default
      • Well-tested
      • Well-commented
      • Always fail on error (unless you’re expecting one)- bash’s set -e does a pretty decent job of this. (And set -x is handy for debugging scripts.)
      • Clean formatting (python/PEP-8 is a good way of enforcing this)
      • Separate out variables- define them all at the beginning of the script if possible. Try not to set variables right before they’re needed when possible.
      • Syntax highlighting helps a LOT when writing them. If you prefer a GUI editor, Atom and Brackets are great.
  • Workplace OpSec (29m09s)
    • There’s a “Physical” aspect and a “Cyber” aspect
    • OpSec can be summed up as applied security in your workflow, life, etc.- behavioral.
    • Be CAREFUL what is not only shared by YOU, but who you share WITH and what is even recorded in the first place.
    • Canaries are quite useful.
    • By the way, “smart” tampons are totally a thing.
    • The android app I mention that lets you set a different disk encryption passphrase vs. unlock passphrase is called Cryptfs Password.
    • ALWAYS VERIFY IDENTITIES/AUTHORIZATION.

Sysbadministration Award

In this segment, we highlight system administration mistakes. Think of them as the IT equivalent of the Darwin Awards. (1h13m38s)

A server was rebooted in the middle of a / transfer… with 81.2% done. Ouch.

Errata

  • Jthan’s second question was “If you had to learn just one scripting language and learn it well, what would it be?”
    • My response would be “it depends”. If you’re in a mixed environment, ABSOLUTELY the answer will be python. If you’re all Windows, Powershell. If you’re all *nix, bash (or sh, specifically).

Music

Music Credits
Track Title Artist Link Copyright/License
Intro Fioletovaya Tape Trillion Catz click CC-BY 4.0
Outro El Pago De Chile The Mugris click CC-BY 4.0
(All music is royalty-free, properly licensed for use, used under fair use, or public domain.)

Author
Categories

Comments

There are currently no comments on this article.

Comment...

Enter your comment below. Fields marked * are required. You must preview your comment before submitting it.