Dyn DNS was attacked by IoT devices

The post-mortem of the attack has been posted by Dyn and it contains a timeline and some information about the attack.

There is an attack timeline which is useful:

Starting at approximately 7:00 am ET, Dyn began experiencing a DDoS attack. While it’s not uncommon for Dyn’s Network Operations Center (NOC) team to mitigate DDoS attacks, it quickly became clear that this attack was different (more on that later). Approximately two hours later, the NOC team was able to mitigate the attack and restore service to customers.

After restoring service, Dyn experienced a second wave of attacks just before noon ET. This second wave was more global in nature (i.e. not limited to our East Coast POPs), but was mitigated in just over an hour; service was restored at approximately 1:00 pm ET. Again, at no time was there a network-wide outage, though some customers would have seen extended latency delays during that time.

And here is some information about the attack itself (not nearly enough information in my opinion):

At this point we know this was a sophisticated, highly distributed attack involving 10s of millions of IP addresses. We are conducting a thorough root cause and forensic analysis, and will report what we know in a responsible fashion. The nature and source of the attack is under investigation, but it was a sophisticated attack across multiple attack vectors and internet locations. We can confirm, with the help of analysis from Flashpoint and Akamai, that one source of the traffic for the attacks were devices infected by the Mirai botnet. We observed 10s of millions of discrete IP addresses associated with the Mirai botnet that were part of the attack

The other articles about this attack are far more thorough in exploring how the Mirai code works and how it can infect Internet of Things devices and where the attacks originated from.

The article from Krebs on Security explains how the Mirai malware works and what types of devices were infected and how.

Copay – a shared bitcoin wallet

Copay – a shared bitcoin wallet

Copay is a Bitcoin wallet that distinguishes itself from other wallets by allowing multiple users to be part of an account. This means that friends and coworkers can use the same wallet and a transaction will not be approved until a certain number of participants (or all of them) have approved it. This is great for spending shared budgets like for conferences.

It’s also great for managing your Bitcoins which can then be donated to various free/open source projects.

hub – command line for Github

Github is a wonderful tool but as a developer I’ve always wanted to be able to see an overview of issues and pull requests through the command-line. And now I can by using hub, a command line interface to github.

What I like is that because it’s open source, you can look at the source code. When you look at the tests that have been written for hub, you can read through and see all of the features that are available: https://github.com/github/hub/tree/master/features

The tests even show you how to use the feature, for example you can use hub to create issues in github. That’s right, you can use the command-line to create a new issue! This is how it looks: hub issue create -m “hello” -l “wont fix,docs” -lnope

ProtonMail is encrypted email, open source.

If you wanted to use encrypted email in the past, it was hard to do so. ProtonMail makes it easy and it is fully open source.

Recently, Yahoo was caught leaking all of its users emails to the NSA. Yes, you read that correctly, Yahoo allowed the NSA to search through all emails. If your emails are unencrypted and you were using Yahoo Mail, the NSA knows a lot about it. It’s worse than that though, because emails can come from other mail providers. So your friend who uses Gmail or their own server will have all the emails sent to your Yahoo mail account searched by the NSA as well.


But enough fear-mongering, what can we do about it? The first step is checking out ProtonMail. The second step is telling your friends to check it out.

Email is your identity on the Internet and how you get things done. Email contains newsletters and important work-related data, and it can contain personal data. Using unecrypted email is dangerous and ProtonMail’s goal is to protect you by being open source and by encrypting email.

What I like about ProtonMail is that there is an Android app and it is easy to use. I will have to do a review of ProtonMail in comparison to TutaNota one day soon. They’re both great but I have a feeling ProtonMail is the better encrypted email provider.

The user interface of ProtonMail is awesome, check it out:


What’s new

Fedora and Emacs and Perl!

Fedora 25 beta is out, Emacs 25 is out now as well. Perl 6 is definitely in a usable state, in fact I wrote an article on using Perl 6 to work with JSON objects and to show off the object oriented-ness of the language.



I attended LinuxCon and volunteered at the Free Software Foundation booth. I will have the slides up soon that I presented on in the office to fellow coworkers hoping to encourage them to consider the importance of free/libre and open source software and how it affects our everyday software development work. The easiest example to work with is having to pay license fees for every server and laptop running all the databases and libraries we use. Not only paying license fees but being limited from patching the underlying code we need to run our services.

Click here to view some of the videos from LinuxCon.

Cory Doctorow Keynote

Cory Doctorow gave a great keynote at LinuxCon as well. The EFF is aiming to dismantle the DMCA Digital Millenium Copyright Act, they’re challenging the sections having to do with removing DRM. Highly important as some of us would love to be able to use any device to read the books we own and watch movies on any device.

LinuxVoice #31

92644-b99d68128b96402abb9c7915c474f6f4Latest issue of LinuxVoice #31 is also out and it has a great round up of social networking software. They recommend a few packages I hadn’t heard of like Elgg and Oxwall, and they do give a mention of Diaspora which is still going strong and in active development.

2600 Hacker Quarterly, Autumn 2016

33-3_cover_largeAlso out is the issue of 2600 The Hacker Quarterly which is awesome, what I am most excited about are the conference videos from the HOPE (Hackers On Planet Earth) conference. Can’t wait to buy them, they’re very cheap at 60 cents USD. The hacker spirit within the magazine’s articles shines through and it is always encouraging to see people who are exploring the constraints and limitations of systems and also offering advice on how to protect yourself while on the Internet.

Cool Retro Term

This is just a neat project, it displays a cool retro terminal/command line. It uses Qt 5 and it works on both GNU/Linux and Mac OS X. Looks really cool and is actually kinda sorta usable.


What this blog is about

One more important piece to note is that this blog is for free and open source software which includes talk about encryption and encrypted email and a little bit of talk about bitcoin and ethereum.

On my other blog I will be sticking to professional software development topics like management, leadership, and deep dives of code and soon it will have video tutorials for sale. So the nature of the blogs is different.

As an example of this, I am going to publish an article on SourceContribute about how I set up a podcast and edited my video tutorial/screencast. On NeverFriday I will be publishing the results of that work, rather than talking about the methods and process behind that work.

LinuxCon North America, 22-24 August 2016, Toronto ON Canada

LinuxCon North America, 22-24 August 2016, Toronto ON Canada

LinuxCon North America is coming up on 22nd August 2016, it’s a huge conference with great keynote speakers such as Jim Whitehurst, the CEO of Red Hat, and Cory Doctorow, author and prolific blogger on open left and open culture. Of course Linus Torvalds will also be there!

The event hashtag on Twitter and pump.io is #linuxcon and the event itself is hosted at the beautiful Westin Harbour Castle hotel in downtown Toronto, Canada.

Schedule and Sessions

Click here to view the schedule.


It’s not too late to register! Students get a discount.

Continue reading “LinuxCon North America, 22-24 August 2016, Toronto ON Canada”

TechBridge Makerspace: Help fund the Lethbridge Maker Space!

TechBridge Makerspace: Help fund the Lethbridge Maker Space!

The Techbridge Makerspace is attempting to create a new makerspace in the city of Lethbridge, Alberta. They’re raising money to create the space and have already raised $4080! There’s just TEN DAYS LEFT to fund them.

The perks they offer are:

  • a 3d printed bust when you donate $200 + shipping
  • a handmade laser cut letter when you donate $10
  • a handcrafted leather key fob when you donate $20
  • $50 gets you an engraved multitool
  • $1000 means you’ve basically bought equipment for the space and can name it anything you want, the example is a 3d printer named Printy McPrintface

They want to buy some of this equipment so that people can come in and learn how to create new things and build their own projects and products and prototypes:

  • CNC mill
  • Machina X20 3D printer
  • 3D scanner
  • heavy duty sewing machine
  • laser cutter
  • vinyl cutter
Lethbridge skyline, source: https://en.wikipedia.org/wiki/File:Lethbridge_skyline_August_2009.jpg

Hackerspaces and makerspaces should be helping each other more often, this is why I’m posting about this new makerspace here.

Crowdfunding isn’t just for funding new hardware, it’s for funding new spaces where people can learn how to build using that new hardware. It would be amazing to see people all over the world learn how to use 3d scanners and printers.

Click here to fund the Techbridge Makerspace and help Lethbridge residents see what all the excitement about the future of 3d printing is all about!