Swapped...

From: Mike Harrison 
------------------------------------------------------

3+ hours of phone calls and Web Chat=92s (with 4 total people in one sessio=
n) with Comcast over basic simple account settings, convinced me to sign up=
 to EPB.. =


I feel like I need a bath.  =97Mike--




Protecting password files (was: Name Cheap under attack)

From: Dan Lyke 
------------------------------------------------------
On Mon, 1 Sep 2014 21:41:13 -0400 (EDT)
Rod-Lists  wrote:
> http://community.namecheap.com/blog/2014/09/01/urgent-security-warning-may-affect-internet-users/

So I'm a Namecheap user, and, I'm slightly embarrassed to say, my
Namecheap password was one I've used on a few other sites (it's a
mid-tier password).

Obviously, I instantly went and changed it to something that came from
"pwgen 32".

Buuuuutttt... I have three password strategies:

1. A few I remember. Obviously this is not something I can use
   everywhere.

2. A few machines have a "passwords.txt" file in their documents
   directory.

3. I also have shared Firefox password storage.

#3 is awesome, except that  Firefox has broken this at least once, so I
always feel like that if I lose my laptop drive I could lose
everything, *and* I don't actually know how secure things are.

#2 is great if I were smart enough to put that file in git, and *then*
if I actually trusted that the machine I stored the git repos on wasn't
ever going to get compromised.

I'm unwilling to use a third party service for this because the cloud
is another name for "on someone else's computers at the whims of
someone else's security policies", ie: the most nebulous bits of #3.

So: What's the right way to put a passphrase on that passwords.txt
that'll go into a git repo? Something so that I can update it from
multiple places, diffs and merges are all handled reasonably, it's
backed up in multiple places, but I'm not exposing my on-line life on
exposed hosts?

Dan

Difference between EPBfi Residential & Commercial

From: Rod-Lists 
------------------------------------------------------
Other than Terms Of Service, static IP, and cost(which I have no idea of), what sets EPB Residential offerings for net from commercial net service?

ios remote support was lunch downtown today?

From: Ed King 
------------------------------------------------------
Walked down to Doctor Bldg.     Sorry you didn't get to see me!


So...   whats the "best" remote support solution for iphone? (eg: to tap IN=
TO the iphone)

I can't find one that offers full remote control w/o jailbreaking, so whats=
 the next best thing?   Looked at Logmein, Teamviewer, Bomgar so far

as this is for Mr McTightwad, I'm looking for the most expensive product av=
ailable


--------------------------------------------
On Thu, 8/14/14, Ed King  wrote:

 Subject: Re: [Chugalug] lunch downtown today?
 To: "Chattanooga Unix Gnu Android Linux Users Group" 
 Date: Thursday, August 14, 2014, 11:30 AM
 =

 maybe.=A0=A0=A0depends on
 where and when
 =

 =

 =

 --------------------------------------------
 On Thu, 8/14/14, Rod-Lists 
 wrote:
 =

  Subject: [Chugalug]
 lunch downtown today?
  To: "Chattanooga
 Unix Gnu Android Linux Users Group" 
  Date: Thursday, August 14, 2014, 10:01 AM
  =

  Whole office is on the
 road.
  Anyone up for lunch downtown?
  =

  =

  Rod
 =

 

EPB Running Cat5 in homes for gig service??

From: David White 
------------------------------------------------------
I just moved and had a technician come out to do the EPB install (actually
he's still here as there might be a problem with the ONT).

He tried to tell me that you don't need Cat6 for sustained gig speeds and
that the standard EPB install, regardless of the speed you get (I ordered
the 100mb, so don't much care).

This doesn't sound right to me. I am surprised EPB isn't using Cat6 from
the fiber handoff to the RJ45 jack, especially for 1gb orders.

Thoughts?

Fwd: Linux Journal: Awesome Tech Magazine or Extremist Forum?

From: Jonathan Calloway 
------------------------------------------------------


Begin forwarded message:

> From: Linux Journal 
> Subject: Linux Journal: Awesome Tech Magazine or Extremist Forum?
> Date: July 8, 2014 at 8:00:46 AM EDT
> To: jonathancalloway@epbfi.com
> Reply-To: Linux Journal =

>=20
> Linux Journal: Awesome Tech Magazine or Extremist Forum?
> =20
>=20
> NSA: Linux Journal is an "extremist forum" and its readers get flagged =
for extra surveillance
> by Kyle Rankin
> A new story published on the German site Tagesschau and followed up by =
BoingBoing and DasErste.de has uncovered some shocking details about who =
the NSA targets for surveillance including visitors to Linux Journal =
itself.
>=20
> While it has been revealed before that the NSA captures just about all =
Internet traffic for a short time, the Tagesschau story provides new =
details about how the NSA's XKEYSCORE program decides which traffic to =
keep indefinitely. XKEYSCORE uses specific selectors to flag traffic, =
and the article reveals that Web searches for Tor and Tails--software =
I've covered here in Linux Journal that helps to protect a user's =
anonymity and privacy on the Internet--are among the selectors that will =
flag you as "extremist" and targeted for further surveillance. If you =
just consider how many Linux Journal readers have read our Tor and Tails =
coverage in the magazine, that alone would flag quite a few innocent =
people as extremist.
>=20
> While that is troubling in itself, even more troubling to readers on =
this site is that linuxjournal.com has been flagged as a selector! =
DasErste.de has published the relevant XKEYSCORE source code, and if you =
look closely at the rule definitions, you will see =
linuxjournal.com/content/linux* listed alongside Tails and Tor. =
According to an article on DasErste.de, the NSA considers Linux Journal =
an "extremist forum". This means that merely looking for any Linux =
content on Linux Journal, not just content about anonymizing software or =
encryption, is considered suspicious and means your Internet traffic may =
be stored indefinitely.
>=20
> One of the biggest questions these new revelations raise is why. Up =
until this point, I would imagine most Linux Journal readers had =
considered the NSA revelations as troubling but figured the NSA would =
never be interested in them personally. Now we know that just visiting =
this site makes you a target. While we may never know for sure what it =
is about Linux Journal in particular, the Boing Boing article speculates =
that it might be to separate out people on the Internet who know how to =
be private from those who don't so it can capture communications from =
everyone with privacy know-how. If that's true, it seems to go much =
further to target anyone with Linux know-how.
>=20
> It's bad news to all of us who use and read about Linux on a daily =
basis, but fortunately we aren't completely helpless. Earlier in the =
year I started a series on security, privacy and anonymity in my Hack =
and / column that included articles on how to use the Tor browser bundle =
and Tails. With either piece of software in place, you can browse Linux =
Journal (and the rest of the Internet) in private.
>=20
> Read this and other privacy-related stories at LinuxJournal.com.
>=20
> A Bundle of Tor
> Tails above the Rest: the Installation
> Tails above the Rest, Part II
> Are you an extremist?
> Dolphins in the NSA Dragnet
> Are you an extremist?
> Get the T-Shirt!
> Get the T-Shirt by itself or take advantage of our special (and =
temporary) offer and get a 1-year subscription with your shirt for just =
$10 more!
>=20
>=20
>=20
>  Follow us on Twitter | Like us on Facebook
> Copyright =A9 2013 Linux Journal, All rights reserved.
> Our mailing address is:
> Linux Journal
> 2121 Sage Road, Ste 395
> Houston, TX 77056
>  If you do not wish to receive further e-mails regarding Linux Journal =
products, please visit: =
http://linuxjournalservices.com/portal/unsubscribe/?V77Dxgls%2FB0Xo8NsY%2B=
qzRuMrEAEQbeqSA.=20
> =20
>=20

EPB Device pushing bad DNS settings?

From: David White 
------------------------------------------------------
This is a bit OT, but I will ask it anyway. I went to a client's office
first thing this morning due to internet being "down". I quickly determined
it was a DNS issue. The client didn't have their login to their D-Link
router. I reset to defaults, rebuilt the network, and upgraded firmware.

Internet was working again for somefolks. 20 minutes later, some folks were
down. I took out my spare Linksys router, built the network on that,
plugged everything in.

Everything worked. 10-15 minutes later, some (but not all) users already
reporting issues again. I determined everytime a PC was "down" that for
some reason its primary DNS server was set to 192.168.15.1 (which was
pushed to it by the router). That was a Cisco device (I checked) obviously
managed by EPB - basically the next hop from the client's router, although
the external IP address was correctly assigned to the client's router.

(The client's network was 192.168.0.0/24 by the way)

I told the client even before I arrived that I had to be out by 10:00am
sharp. Under a time crunch, and nearing 10:30, I finally just went around
to eaxh machine and manually entered 8.8.8.8 as the primary DNS server (and
yes, I assigned Google's DNS servers to both the d-link and then the spare
linksys router too).

But for some reason that stupid 192.168.15.1 address kept getting assigned
via DHCP as the DNS server.

Ultimately,  this sounds like an issue EPB needs to deal with. Thoughts? Am
I missing something obvious?

Issues started happening a few days ago...

Redefining broadband as common carrier, was: "How to throttle the FCC to dial up modem speeds on your website using Ngin

From: Joseph Simoneau 
------------------------------------------------------
That's an interesting idea, rob. But, given what's been happening over the
last couple years and the history of what happened to the POTS controls, do
you really think ANYBODY would go for that?

I just want somebody other than Comcast to come to my apartment so I can
threaten them with switching if they try to charge me for not fixing
something again.

-js
On May 18, 2014 11:02 AM, "Rod"  wrote:

> Which is why I have thought since the 90's that cities should run fiber to
> home the rent it out to comcast, charter, epb etc.
> Unlike water pipes fiber can handle more than one utility.
>
> On Sun, 18 May 2014 10:33:41 -0400, Robert A. Kelly III  bluethegrappler@gmail.com> wrote:
>
>  On 05/17/2014 11:31 PM, Rod wrote:
>>
>>> http://blogs.hbr.org/2014/05/understanding-the-new-battle-
>>> over-net-neutrality/
>>>
>>>
>>> On Sat, 17 May 2014 18:16:09 -0400, Robert A. Kelly III
>>>  wrote:
>>>
>>>  On 05/12/2014 09:21 AM, Rod wrote:
>>>>
>>>>>
>>>>> Shouldn't we push the FCC to redifine broadband as common carrier. They
>>>>> CAN do that.
>>>>>
>>>>
>>>> What exactly are the implications of redefining it as common carrier? Is
>>>> this a good way to protect net neutrality?
>>>>
>>>
>> That was an interesting read. On the surface it sounds like classifying
>> broadband as common carrier would be a good thing. But then it sounds
>> like there is some provision requiring ISPs to allow others to use their
>> network, something along the lines of having Mediacom run lines to my
>> home but being able to choose Comcast as my ISP, but I'm not sure how
>> that sort of arrangement would work. It sounds like there is some
>> concern that this would remove incentive from ISPs to build out
>> infrastructure, which is something we would clearly rather encourage. So
>> I'm still not sure if reclassifying broadband is a good solution.
>>
>> 

Redefining broadband as common carrier, was: "How to throttle the FCC to dial up modem speeds on your website using Ngin

From: Rod 
------------------------------------------------------
Which is why I have thought since the 90's that cities should run fiber to  
home the rent it out to comcast, charter, epb etc.
Unlike water pipes fiber can handle more than one utility.

On Sun, 18 May 2014 10:33:41 -0400, Robert A. Kelly III  
 wrote:

> On 05/17/2014 11:31 PM, Rod wrote:
>> http://blogs.hbr.org/2014/05/understanding-the-new-battle-over-net-neutrality/
>>
>>
>> On Sat, 17 May 2014 18:16:09 -0400, Robert A. Kelly III
>>  wrote:
>>
>>> On 05/12/2014 09:21 AM, Rod wrote:
>>>>
>>>> Shouldn't we push the FCC to redifine broadband as common carrier.  
>>>> They
>>>> CAN do that.
>>>
>>> What exactly are the implications of redefining it as common carrier?  
>>> Is
>>> this a good way to protect net neutrality?
>
> That was an interesting read. On the surface it sounds like classifying
> broadband as common carrier would be a good thing. But then it sounds
> like there is some provision requiring ISPs to allow others to use their
> network, something along the lines of having Mediacom run lines to my
> home but being able to choose Comcast as my ISP, but I'm not sure how
> that sort of arrangement would work. It sounds like there is some
> concern that this would remove incentive from ISPs to build out
> infrastructure, which is something we would clearly rather encourage. So
> I'm still not sure if reclassifying broadband is a good solution.
>
> 

Chatt's first edcamp coming up in August, 2014

From: Phil Shapiro 
------------------------------------------------------


Edcamp's are wonderful unconferences where teachers and others who care about learning 
gather together and spontaneously share questions and answers in sessions that are determined 
on the morning of the event. I recently found out about this edcamp taking place in Chatt. 




"The first edcamp in Chattanooga, TN, will be held August 23, 2014. Free. All invited. Follow at @ edcampGigCity " 


Thanks for spreading the word to anyone you know who would be interested in attending. 


phil 


If you know folks in Atlanta who might want to attend, it's possible to reserve a round trip Megabus ticket 
for that day for a grand total of $8. If a person is able to travel on Friday, August 22, 2014 -- the round 
trip ticket to Chatt would be $2. 






-- 
Phil Shapiro, pshapiro@his.com 
http://www.his.com/pshapiro/briefbio.html 
http://www.twitter.com/philshapiro 
http://www.his.com/pshapiro/stories.menu.html 

"Wisdom begins with wonder." - Socrates 
"Learning happens thru gentleness." 


why does brightcove sound familiar?

From: Aaron welch 
------------------------------------------------------
Thought that was part of the Terenine debacle.

-AW


On Wed, Apr 16, 2014 at 2:20 PM, Rod  wrote:

> I tried to view a video and got this page.
> http://admin.brightcove.com/connect

=?iso8859-7?q?=F0_=28pi=29_Day_Chugalunch_=40_Taco_Mam?= =?iso8859-7?q?acita=27s_13=3A00_3/14/2014?=

From: Unkmar 
------------------------------------------------------
Don't forget tomorrow is pi day.  Be there or be tau. :)



On Mon, Mar 10, 2014 at 2:02 PM, Rod  wrote:

> A little heresy to discuss Friday.
>
> No, really, pi is wrong: The Tau Manifesto by Michael Hartl
> http://www.youtube.com/watch?v=H69YH5TnNXI
>
>
> On Wed, 05 Mar 2014 19:25:45 -0500, Rod  wrote:
>
>  Unkmar called the location.
>> Be there or be square.
>>
>>
>>
>
> --
> Using Opera's mail client: http://www.opera.com/mail/
> 

Odd EPB Behavior

From: AverageSecurityGuy 
------------------------------------------------------
I=92m sure that EPB does caching on its network but I=92ve not seen =
anything like this before. If you go to http://66.18.36.99/ then you =
will get Google=92s home page. If you go to https://66.18.36.99/ then =
Firefox complains that the cert is only for *.google.com. Is this =
typical caching behavior or is EPB, MiTM Google?

--
Stephen Haywood
Owner, ASG Consulting
CISSP, OSCP
423.305.3700
asgconsulting.co




Chugalug Digest, Vol 19, Issue 36

From: Luke Prince 
------------------------------------------------------
Rod, check out https://www.ingress.com/ and http://www.oculusvr.com/ .
Another good looking AR project using the Rift is
http://www.youtube.com/watch?v=jHscTRpz5WQ , although not strictly mobile.
Let me know what you think.


> Message: 5
> Date: Thu, 13 Feb 2014 15:38:36 -0500
> From: Rod 
> To: "chugalug@chugalug.org" 
> Subject: [Chugalug] Looking for case studies
> Message-ID: 
> Content-Type: text/plain; charset=iso-8859-15; format=flowed;
>         delsp=yes
>
> On what is being done with user points and/or persistent gaming ala
> enhanced reality style.
> I have a web/mobile game app idea.
>
> Any help on finding documentation on these subjects would be appreciated.
>
> --
> Using Opera's mail client: http://www.opera.com/mail/
>
>

pfSense Poll (and a follow-up question)

From: David White 
------------------------------------------------------
Let's take a poll. Who has experience with pfSense?

I spoke with a (tech savvy) board member of a local nonprofit early last
year about moving their organization off of a different (closed source)
firewall onto pfSense, and he expressed concern that if I went away,  not
many others in Chattanooga know pfSense.

If I had to guess, several of you know it. I know that I know others here
who know it.

That said, I've just sent an email to the assistant director (and the exec.
director) over there, making another recommendation and push for pfSense.

I did a network analysis, and have never been able to get more than 45mbps
with their current box to the outside world, although they have EPB (and
bypassing the firewall, I was able to get 115mbps on my laptop, even though
they're paying for 100mbps).

The throughput of their current box (Watchguard XTM 23) is 40mbps for when
services are running (VPN, WebBlocker, etc...), and 195mbps when those
services aren't running.

The Watchguard box only has 256mb of RAM.

I'm making a recommendation to purchase an embedded, fanless system 1.8ghz
system with 2GB of RAM, and let me install pfSense onto an SSD.

Does anyone have specific experience in regards to pfSense throughput on
similar hardware when a few different services are running such as VPN and
SquidGuard (which I'll use for web filtering - they run a student computer
lab)?

I'm almost certain I'll be able to increase their throughput up to the
amount EPB is giving them, but I wanted to run it by you guys and make sure
I'm not crazy.

-- 
David White
Founder & CEO

*Develop CENTS *
Computing, Equipping, Networking, Training & Supporting
Nonprofit Organizations Worldwide
http://developcents.com
423-693-4234

has anyone heard of this security tool?

From: AverageSecurityGuy 
------------------------------------------------------
I=92ve not heard of the tool but I do know about the attack vector.

--
Stephen Haywood
Owner, ASG Consulting
CISSP, OSCP
423.305.3700
asgconsulting.co



On Jan 27, 2014, at 4:48 PM, Rod  wrote:

> http://www.breaknenter.org/projects/inception/
>=20
> --=20
> Using Opera's mail client: http://www.opera.com/mail/
> 

Bitcloud

From: Mike Harrison 
------------------------------------------------------

https://github.com/wetube/bitcloud/blob/master/Bitcloud%20Nontechnical%20White%20Paper.md

With Bitcloud.. getting a GigE home connection in GigCity could be a good thing.


[Bulk] goodbye net neutrality

From: John Aldrich 
------------------------------------------------------
Quoting Matt Keys :

> What classifies a "carrier"? I take it Windstream would be classified
> as a carrier and not a broadband provider? What about EPB?
>
> I run both Comcast and Windstream for redundancy as I work from home.
> If Windstream is classified as a carrier give me an opportunity to
> route the "taxed" Comcast traffic through Windstream instead.
>
>
Good question. Windstream is both, but I'm guessing they are primarily  
classified as a carrier.

Colocation in Chattanooga?

From: James Nylen 
------------------------------------------------------
I'm moving out of Chattanooga soon and I'm really going to miss the EPB
internet.  So, can anyone recommend a good colo provider in town for a
personal server?

[Bulk] wireless routers

From: John Aldrich 
------------------------------------------------------
Quoting Rod :

>
> Make yourself a decorative wall mat(faraday cage) out of this.
> http://www.twpinc.com/wire-mesh/TWPCAT