We started producing shows as Today with a Techie on 2005-09-19, 18 years, 6 months, 10 days ago. our shows are produced by listeners like you and can be on any topic that "are of interest to hackers". if you listen to HPR then please consider contributing one show a year. if you record your show now it could be released in 5 days.
Call for shows
We are running very low on shows at the moment. Have a look at the hosts page and if you don't see "2024-??-??" next to your name, or if your name is not listed, you might consider sending us in something.
Use gpt4-turbo with Tasker Chat GPT
goto Chat GPT > Tasks > ChatGPT Set GPT Version > then change
the varable Set from gpt-4 to whatever gpt-4-1106-preview see use gpt4
turboe openai
Hosted by Daniel Persson on 2024-03-28 is flagged as Clean and released under a CC-BY-SA license. machine learning, cloud learning.general.(Be the first).
I talk about my experience trying to run some GPU tasks online in
order to train a model. I've tried all the large cloud providers we have
out there and some of them were easier to work with, and some of them
impossible.
MrX and Dave Morriss bring you more chit-chat from Edinburgh
Hosted by Dave Morriss on 2024-03-26 is flagged as Explicit and released under a CC-BY-SA license. Edinburgh,Swanston Farm,meeting.general.(Be the first).
We recorded this on Saturday February 25th 2024. Our
favourite pub for lunch, The Steading, seemed to have closed
since we were last there. Research into what was going on led to the
information that the company owning this and several other pubs in the
area was selling them all.
We decided to try another place in the Pentland Hills area, and went
to the Brasserie at Swanston Farm for lunch, which was pretty
good. After lunch we as usual adjourned to Dave's Citroen car
(Studio C) in the car park, and recorded a chat.
Topics discussed
YouTube channel recommendations (Dave)
A channel about astronomy and science. Anton goes into a fair amount
of depth about subjects in the news relating to these themes: Anton Petrov
Terrible weather with highs winds and / or lashing rain (MrX)
Seems to be never ending.
Have noticed quite a few fences down
Large tree down blocking entrance to local park
Both parents houses sustained damage, fences and roof tiles.
So far we have been lucky with no damage
My mother was injured while going out to rescue her outside
bucket
Possibly related, it seems car insurance prices are increasing (MrX)
I have seen some link this to the high repair cost for modern cars
because they have lots of high tech included. In particular the sensors
placed in bumpers.
Some have speculated this to be because the high repair cost of
EV's.
I came across this YouTube video that shows that global insurance
claims have been historically large in recent years due to natural
disasters. While the video concentrates on properties I'm sure it also
will be affecting car insurance. I believe this likely to be having the
most prominent factor for insurance increases. Insurers ABANDONING high
climate risk properties
I got a Steam Deck for Christmas! (Dave)
I borrowed my son's Nintendo Switch in November 2023 to see if I
could see the screen and play games on it. I could, but haven't played
games since the 1980's so I'm terrible at it!
I told them I might buy myself a Steam Deck in 2024, but wasn't
sure.
Much to my surprise my family jointly bought me a Steam Deck for
Christmas!
I am pretty bad at using it, but I'm practising
I'm learning Stardew Valley at first, but I'd quite like to
try Kerbal Space Programme at some point.
Cinema visits / movies: (MrX)
Hunger Games pre sequel
Was not rated very highly but me and Mrs X actually really enjoyed
it.
Oppenheimer
Knowing something of the background story was advantageous
Barbie
Watched on DVD!
Ticks (Dave)
We spoke about this subject last time we met. Later, I was reminded
of a disease called alpha-gal
syndrome, first detected in the USA, which can follow a tick bite.
It is caused by the injection of a carbohydrate by the tick, which
it has obtained by feeding on another mammal. The carbohydrate is called
Galactose-α-1,3-galactose, also known as alpha-gal. This causes
a strong immune reaction because it's a foreign substance which isn't
found in humans.
The result is an allergy
to red meat, which contains alpha-gal!
This syndrome has been found in the USA and Australia and several
other places, but now seems to be coming to Europe and has been seen in
the UK.
Dog-friendly places (MrX)
Waterstones
book store is dog friendly. Possibly only relevant to people living in
Britain? They have a cafe upstairs which accepts dogs.
The pub we used to meet in, The Steading, was dog friendly as well.
The latest venue does not seem to be, but is a restaurant, not a
pub.
Raspberry Pi stuff (both)
Dave pre-ordered a RPi 5 in November 2023 and it arrived in
December. He decided to get a Pimoroni NVMe Base to take an SSD, and
ordered that once it was available on pre-order. Now the RPi 5 is
equipped with a 500GB SSD attached underneath, running off the PCIe
interface.
Dave is working at setting up two RPi 4B systems, and a RPi 3A to
run various services in his house. Currently setting up Pi-hole. The RPi
5 will be added to this combination in due course.
MrX bought a RPi 4B in 2023 (as they became more available) which he
initially intended setting up with XBMC. He had problems playing certain
video resolutions with the latest version of LibreELEC running XBMC. He
has now decided to use it to replace an ageing server located
upstairs.
Dave's 'what_pi' script that tells you about your Pi's
settings doesn't work on Raspberry Pi OS since this OS stores the
information it needs quite differently from Raspbian.
Visit to Blackpool (MrX)
Met up with family for the long weekend in Blackpool.
It was bitterly cold and very windy, but we had a good time.
While there we were lucky to get a trip on a 100 year old tram.
The tram had very unique seats that allowed you to flip the back
over, so they are pointed in either direction, depending on the
direction of travel. I thought this was very clever. Haven't seen this
on modern buses or trams, perhaps because they don't meet modern safety
regulations.
Following Dave's recommendation from our last show. Me, Mrs X and
our 4 legged companion took the tram all the way from Ingliston park and
ride to Newhaven. Our four legged companion loved the trams.
Seems there has been so much development.
Saw lots of new things along the way.
Lots of other interesting places and walks for future trips.
Can't believe it's taken us so long to appreciate the tram. We have
used the train in the past but it's a bit limited by the places it goes
though it is very convenient from our location.
Think we may be using the tram a bit more in future.
HPR changes (Dave)
Ken has enhanced some aspects of the calendar page:
Reserved show overview - a list of what's in the reserve queue with
date, host and show title (suggestion from Archer72).
Statistics - a call interface that returns JSON data containing most
of the old statistics plus a few more (requested by MrX).
These changes were also mentioned in the last Community
News
There is a help command in Bash which is useful for
getting information about Bash built-in commands. For example
'help read' will give you a one-page summary of this
command which saves a lot of searching through the Bash man page.
The example mentioned in the audio 'help test' also
works, but since it's a stand-alone command the result is quite similar
to typing 'man test'.
There are very few (if any) examples though, and that's where
tldr will be better!
CVE-2024-21899: If exploited, the improper authentication
vulnerability could allow users to compromise the security of the system
via a network.
CVE-2024-21900: If exploited, the injection vulnerability could
allow authenticated users to execute commands via a network.
CVE-2024-21901: If exploited, the SQL injection vulnerability could
allow authenticated administrators to inject malicious code via a
network.
The flaws impact various versions of QNAP's operating systems,
including QTS 5.1.x, QTS 4.5.x, QuTS hero h5.1.x, QuTS hero h4.5.x,
QuTScloud c5.x, and the myQNAPcloud 1.0.x service.
The data package published on the darknet comprised around 1.3
million files. Once the data had been downloaded, the NCSC took the lead
in systematically categorising and triaging all documents relevant to
the Federal Administration. The results showed that the volume of data
relevant to the Federal Administration comprised around 65,000
documents, or approximately 5% of the total published data set. The
majority of these files belonged to Xplain (47,413) with a share of over
70%; around 14% (9,040) belonged to the Federal Administration. Around
95% of the Federal Administration’s files belonged to the administrative
units of the Federal Department of Justice and Police (FDJP): the
Federal Office of Justice, Federal Office of Police, State Secretariat
for Migration and the internal IT service centre ISC-FDJP. With just
over 3% of the data, the Federal Department of Defence, Civil Protection
and Sport (DDPS) is slightly affected and the other departments are only
marginally affected in terms of volume.
Proportion of sensitive data.
Sensitive content such as personal data, technical information,
classified information and passwords was found in around half of the
Federal Administration's files (5,182). Personal data such as names,
email addresses, telephone numbers and postal addresses were found in
4,779 of these files. In addition, 278 files contained technical
information such as documentation on IT systems, software requirement
documents or architectural descriptions, 121 objects were classified in
accordance with the Information Protection Ordinance and 4 objects
contained readable passwords.
Xplain filed a criminal complaint after the incident, provided the
authorities with all the necessary information and cooperated with them
in investigating and limiting the damage. We rebuilt the entire IT
infrastructure in accordance with the recommendations of the National
Cyber Security Center (NCSC) and replaced the external operators. An
external audit of the infrastructure and processes was completed in
November. The NCSC subsequently wrote an assessment of the audit. The
Federal Council's strategy crisis team on data leaks (PSC-D) took note
of the report.
A threat actor is creating fake Skype, Google Meet, and Zoom
meetings, mimicking these popular collaboration applications to spread
various commodity malware that can steal sensitive data from both
Android and Windows users.
Additional Information.
What is a "Data
Breach"? A data breach is a security violation, in which sensitive,
protected or confidential data is copied, transmitted, viewed, stolen,
altered or used by an individual unauthorized to do so.
What is "Malware"?
Malware (a portmanteau for
malicious software) is any software intentionally designed to cause
disruption to a computer, server, client, or computer network, leak
private information, gain unauthorized access to information or systems,
deprive access to information, or which unknowingly interferes with the
user's computer security and privacy.
What is a "Payload"?
In the context of a computer virus or worm, the payload is the portion
of the malware which performs malicious action; deleting data, sending
spam or encrypting data. In addition to the payload, such malware also
typically has overhead code aimed at simply spreading itself, or
avoiding detection.
What is "Phishing"?
Phishing is a form of social engineering
where attackers deceive people into revealing sensitive information or
installing malware such as ransomware. Phishing
attacks have become increasingly sophisticated and often transparently
mirror the site being targeted, allowing the attacker to observe
everything while the victim is navigating the site, and transverse any
additional security boundaries with the victim.
Social
engineering (security) In the context of information security,
social engineering is the psychological
manipulation of people into performing actions or divulging
confidential information. A type of confidence trick for the purpose of
information gathering, fraud, or system access, it differs from a
traditional "con" in that it is often one of many steps in a more
complex fraud scheme.
Information Security Attributes:Confidentiality, Integrity and Availability (C.I.A.).
Information Systems are composed in three main portions, hardware,
software and communications with the purpose to help identify and apply
information security industry standards, as mechanisms of protection and
prevention, at three levels or layers: physical, personal and
organizational. Essentially, procedures or policies are implemented to
tell administrators, users and operators how to use products to ensure
information security within the organizations.
What is "Risk
management"? Risk management is the identification, evaluation, and
prioritization of risks followed by coordinated and economical
application of resources to minimize, monitor, and control the
probability or impact of unfortunate events or to maximize the
realization of opportunities.
What is a "Vulnerability"
(computing)? Vulnerabilities are flaws in a computer system that
weaken the overall security of the device/system. Vulnerabilities can be
weaknesses in either the hardware itself, or the software that runs on
the hardware.
What is an "Attack
Surface"? The attack surface of a software environment is the sum of
the different points (for "attack vectors") where an unauthorized user
(the "attacker") can try to enter data to or extract data from an
environment. Keeping the attack surface as small as possible is a basic
security measure.
What is an "Attack
Vector"? In computer security, an attack vector is a specific path,
method, or scenario that can be exploited to break into an IT system,
thus compromising its security. The term was derived from the
corresponding notion of vector in biology. An attack vector may be
exploited manually, automatically, or through a combination of manual
and automatic activity.
What is
"Standardization"? Standardization is the process of implementing
and developing technical standards based on the consensus of different
parties that include firms, users, interest groups, standards
organizations and governments. Standardization can help maximize
compatibility, interoperability, safety, repeatability, or quality. It
can also facilitate a normalization of formerly custom processes.
What is a "Replay
attack"? A replay attack is a form of network attack in which valid
data transmission is maliciously or fraudulently repeated or delayed.
Another way of describing such an attack is: "an attack on a security
protocol using a replay of messages from a different context into the
intended (or original and expected) context, thereby fooling the honest
participant(s) into thinking they have successfully completed the
protocol run."
What is a
"Man-in-the-middle attack"? In cryptography and computer security, a
man-in-the-middle, ..., attack is a cyberattack where the attacker
secretly relays and possibly alters the communications between two
parties who believe that they are directly communicating with each
other, as the attacker has inserted themselves between the two
parties.
What is "Transport Layer
Security" (TLS)? Transport Layer Security (TLS) is a cryptographic
protocol designed to provide communications security over a computer
network. The protocol is widely used in applications such as email,
instant messaging, and voice over IP, but its use in securing HTTPS
remains the most publicly visible.
What is a "Handshake"
(computing)?. In computing, a handshake is a signal between two
devices or programs, used to, e.g., authenticate, coordinate. An example
is the handshaking between a hypervisor and an application in a guest
virtual machine.
What is Security
theater? The practice of taking security measures that are
considered to provide the feeling of improved security while doing
little or nothing to achieve it.
We visit the beautiful city of Savannah, Georgia, and then move on to Charleston, South Carolina.
Hosted by Ahuka on 2024-03-22 is flagged as Clean and released under a CC-BY-SA license. RV, travel, southeast US, Georgia, South Carolina.Travel.(Be the first).
Savannah, Georgia is one of the most beautiful cities in the United
States, with a great history. It is one of the older cities in the south
that actually escaped destruction in the Civil War because the mayor
surrendered the city to General Sherman. After visiting this city, we
moved just a bit further north to Charleston, South Carolina, where the
Civil War began with the assault on Fort Sumter.
Free as in Freedom is dead. Long live The Corresponding Source
Hosted by Ken Fallon on 2024-03-21 is flagged as Clean and released under a CC-BY-SA license. Free, Libre, Open Source Software, FLOSS, Podcast, Free as in Freedom.general.(Be the first).
The Corresponding Source (formerly Free as in Freedom) is a bi-weekly oggcast, hosted and presented by
Bradley M. Kuhn and Karen Sandler.
The discussion includes legal, policy, and many other issues in the Free, Libre,
and Open Source Software (FLOSS) world. Occasionally, guests join
Bradley and Karen to discuss various topics regarding FLOSS.
You can download the accompanying visual handout/crib sheet for this episode and its predecessor (where we cover rhythm) from here:
https://enistello.info
I talk about setting up year around house lights !!
Hosted by operat0r on 2024-03-18 is flagged as Explicit and released under a CC-BY-SA license. home,house,arduino,lights,xmas,christmas lights.general.(Be the first).