“Daarom wil hij snel de hand leggen op de gestolen cd-rom met Zwitserse bankrekeningen, die een onbekende man voor 2,5 miljoen euro aan Duitsland heeft aangeboden. De Duitse fiscus denkt zeker 100 miljoen euro terug te kunnen halen van Duitse zwartspaarders.”

Er is dus een gestolen CD-ROM, die schijnbaar gebruikt mag worden (heling?) bij het zoeken naar overtreders. Volgens mij is dit een stukje onrechtmatig verkregen bewijs. Mensen die dus ‘dingen’ stelen, en het vervolgens doorverkopen aan de staat die er (zoals altijd) aan wilt verdienen, krijgen een aai over de bol, maar als een zwerver een brood steelt omdat hij geen geld heeft, wordt ie opgesloten. Krom.

Ben eigenlijk wel benieuwd naar hoe rechtmatig een gestolen CD-ROM Wel niet is, en hoe bevestigd wordt dat de gegevens op het gestolen medium wel waar zijn. Daarnaast ben ik benieuwd naar hoe het bankgeheim van Zwitserland hiermee omgaat, immers er is een overeenkomst met de rekeninghouder dat zijn gegevens geheim zijn (ga ik maar even vanuit) en die zijn nu bestolen door iemand, EN de staat.

Het biedt natuurlijk ook nog vragen over hoe dit soort dingen nu doorwerken; een kleine 70 jaar geleden speelden mensen informatie door in de hoop op een beter leven, of een stuk extra kaas, nu worden gestolen CD-ROM’s door verkocht aan overheden. Ik vraag mij dan af, wordt er zo niet aangewakkerd dat je een “big brother” cultuur krijgt zoals in 1984? Dat als er iets gebeurd, je dat meldt, en vervolgens de ander de dupe is. Je zou bijna denken dat wij onze eigen “controleer je buurman” cultuur aan het opbouwen zijn, hoe denkt de lezer hierover?!

It seems to me that metereologic institutes are missing the boat a lot lately. Perhaps they want to keep up with the IPCC, who only misses items with a margin of 300 years.. A little mistake, thank you!

Currently I am checking the GRE and GIF interfaces, I am using them to create an OSPF network, and there are some oddities in them

So perhaps I can see why the oddities are there and if needed correct them (or myself when I am misbehaving )

You should test PFSense, it runs FreeBSD 8, and is awesome !

Er zal vast een reden zijn dat juist deze groep geraakt wordt, maar moeten daarvoor de consumenten de dupe worden? Er zit voor miljoenen in de garantiepot, nadat deze zo vol raakte dat er geen inleg meer nodig was.

Blijkbaar kan iedereen zonder meer lid worden van de SGR, vervolgens failliet gaan, en de SGR betaald uit. Zou het dan niet handiger zijn dat je aan de hand van strengere eisen de bedrijven lid laat worden? Ik zie niet zo snel een Arke Fly of TUI failliet gaan, deze blijven netjes lid, en ieder ander die lid wilt worden moet bijvoorbeeld aan een bepaalde voorwaarde voldoen. Net als dat geldt voor als je een hypotheek afsluit etc.

Het is allemaal zo simpel; maar feit is weer dat er een paar bedrijfseigenaren heel rijk geworden zijn (als ik de berichtgeving mag geloven is er iemand met het geld vandoor); en de consument draait ervoor op. Waar eindigt zoiets toch?

Dus als jij ook sneeuw in de straten hebt liggen, bedenk dan dat onze marketing stunt van http://snow.nl gelukt is!

Since the start of our ‘Be Counted!’ campaign in August of this year, over 350 new and returning donors have contributed to the FreeBSD Foundation. With your help, we are now 50% of the way to meeting our 2009 fund raising goal. Thank you donors, for your support! Now, in these last few weeks of 2009, the FreeBSD Foundation needs the support of those who have yet to donate to take us the rest of the way.

The recession has hit everyone hard. For many, every possible expense has been cut, and what spending they do is out of strict necessity. Unfortunately the challenges facing FreeBSD are undiminished by recessions and the technological landscape continues to change at a rampant pace. That is why the FreeBSD Foundation nearly doubled its 2008 budget for 2009 and needs your support so we can avoid cutting our investments in 2010.

If you benefit from FreeBSD, please donate so:

development projects are funded to support emerging technologies such as solid state disks, USB 3.0, machine and network virtualization, highly parallel processors, clustering, and data replication.
BSD conferences continue around the globe.
students and contributors have the opportunity to attend conferences and developer summits.
the infrastructure of computers and equipment supporting our community can be maintained.
the FreeBSD community is grown through marketing and outreach to users and businesses.
FreeBSD trademarks are protected and the project has access to legal counsel.
FreeBSD continues to serve as the foundation for research and enterprise.
Every donation, no matter its size, makes this work possible. As a non-profit with very low overhead, your donation is the best way to invest in FreeBSD. Please make that investment today so we can meet our dual goals for 2009 of 1000 donors and $300,000.

You can make a donation (including recurring subscriptions) by going to: http://www.freebsdfoundation.org/donate/.

When you mention these things towards people, they instantly recognize what you are telling them. They read the book. Sadly, when you mention that these things happen in real life, not many people recognize it. Why? We are already being controlled!

Currently every big-brother-ism is being driven by MONEY. You will see that the music-industry is lobbying very hard to take actions against revolting people. They do not wish to see the market, which seems to demand lower pricing of materials. Free is a viable alternative, reducing prices will increase people buying the goods, and will lower the amount of people that are “illegally” downloading copyrighted materials.

But the music industry isn’t the only group that is doing this. The US of A is demanding free access to -every- banktransaction within Europe. Why? Because a so called threat against the US of A. Your transactions will be logged and insightfull for the US of A, and when you come to visit the country for some reason, they will look into what you are doing. Why? Because they can!

I just mentioned the EU Government. The total idea of controlling a massive amount of people and land. A lot of countries like Ireland, the Netherlands and a few others where AGAINST the deal. People in a democracy voted NO. What happened? The EU leaders rewrote the name of the beast by calling it the European Treaty, and blowing away all people that resisted. EU Leaders wanted this to happen, they rewrite things where we are watching. A nice link to the 1984 book, where George wrote about leaders rewriting history to tell that someone didn’t exist, or some revolt didn’t happen. It’s happening right under our face and nobody is heavily revolting into it!

In the Netherlands the “government”-elite decided to bring in the OV-Chipkaart, which is a chip which you can use to travel with public transport. The chip logs every entry and exit within the public transport. Giving full access to agencies and people that pay enough money (or “have good reasons to view the system, as it is called legally”) about the whereabouts of the card holder.

It goes on… they are also considering “Kilometerheffing”, which is something that will have a box in every car, registering where the car is, every second of the day, and pricing the usage of it. It will again give full access to interested parties about the whereabouts of the car and the person in it. EU regulations are currently talking about enhancing this information with an automatic dial-112 procedure which is being used to report accidents etc, and allowing people to break into the car it self. More and more control over people.

Interestingly for both the publictransport chip and the kilometer heffing there are viable alternatives. We used to travel by a papercard, which is being stamped and deducted from your account. The papercard worked for decades! Everyone understood what was needed, and was a fair system. if public transport is becoming more expensive (which is the case with the chipcard eventhough the government lies and states that things will not become more expensive, like they said with the EURO, prices have doubled or tripled for most common goods since the introduction!), the price should be raised. That will meet resistance ofcourse, but would allow the system to keep working.

Beyond that, fuel prices makes sure that someone pays by usage, in the future electricity will be used for powering cars and fuel-demanding items, and you can charge on usage there as well. If you are using more then X amount of electricity, you will pay more. Like with the payroll tax, if you earn 100.000Euro’s, a large part of that will be in the 51% tax rate. If you earn 1000Euro’s, you will pay a maximum of 20% (or whatever the lowest scale is!), or even less if you are below the set rates.

Additionally, there is the electronic patientendossier, a file about hospital visits etc, giving the interested parties, like possible employers, full access to the medical status of an individual. vision that you are solliciting on a job, the employer reads your file, and tells you that he cannot give you the job because you are a great risk. Somehow the data was altered stating that you had HIV in the past. Same goes for medical treatment and the insurance, they can deny access to common-goods because something is written in the file.

The above is all being driven by money and “democratic” control. In the past Russia would have killed millions of people to get this information. Adolf Hitler would have given infinite resources to get this information, being able to massify the holocaust even more, because it’s easy to trace people with this. In the past these things where being held by governments etc because the collective-memory (something from 1984 again) was still remembering the wars, and what it caused. But slowly and surely, these things are being forgotten, technology advances and the democraty countries are being turned into police-states. You are guilty unless proven differently. You are no longer in charge of your country, you are a slave of your country. You are living in a dictative-regime. Why? Companies need money, do not want to get to the future, and invest in alternative ways on getting new funds.

People are naive, they believe what the government(s) tell them. Not many people see the urgent threat against their lives. They were afraid of Adolf Hitler and Joszef Stalin, but they do not recognize those faces from the smiling people in front of the camera’s, which are actually doing exactly the same!

It is time that people start revolting against these actions. IF we do not do that, 1984 WILL become very very real. Getting afraid? Good, because this threat is real!

Reference to a full summary of 1984: http://wikisummaries.org/1984

Edit: added the following information:

I just read an article from one of our ministers (Ter Horst), she said that she is happy that the people in the country are only allowed to vote for a new government, and nothing else. It had been quickly ‘corrected’ by someone later on, but I think this exactly hits the spot:
http://www.spitsnieuws.nl/archives/buitenland/2009/11/ter_horst_minarettenverbod_bed.html, yes the article is initially about something else, but that’s an entirely different topic.

In this article I will write about the latest release from FreeBSD, 8.0. This is a major version that offers new functionality and much improved parts of the code.

Why are major releases so special?

Major releases offer the possibility to include changes in the system that are not allowed in stable branches. This could be new applications or API/ABI interfaces, or serious changes to datastructures and things like that.

FreeBSD brings out major releases every 18 months. Ofcourse the 18 months may vary, depending on the amount of new features and problems found while preparing for the first .0 release. The schedule should guide as a reference on when to expect something new.

FreeBSD 8?

FreeBSD 8 will be the latest version of FreeBSD that is currently on the market, it was preceded by FreeBSD 6 and 7, where we found features like ZFS, Improved Jail support, the widely known Danish Axe was used to further take out the GIANT lock, and many more features that had been in the previous release.

What will FreeBSD 8 offer us?

FreeBSD 8 will offer us the following:

USB Storage hotplug removal

Previously it was not possible to take out lets say an USB storage device while the operating system was running, without crashing it. The system code is updated to make it possible to take out an USB storage device without the system crashing. This will make many people happy!

Multi-IP/IPv6 jails

With FreeBSD 8 it will be possible to assign multiple IPv4 addresses to a jail, as well as assigning IPv6 addresses. People that offer hosting services can greatly enjoy these features, a jailed webserver for example can now use many more addresses and do proper SSL virtualhosting.

NFSv4 support

NFSv4 support is added to the FreeBSD Operating System, while this is still experimental, it gives you a NFSv4 client, as well as a server that can service NFSv4 nodes. NFSv4 gives you better security access control’s, a stateful protocol, performance improvements, etc.

Enhanced ULE scheduler

The ULE scheduler is much improved for FreeBSD 8, this allows even better scheduling and responses to systems running FreeBSD 8, especially when used with SMP systems. Systems running the FreeBSD 8 operating system, have this scheduler enabled by default.

DTrace

DTrace is a suite of applications imported from Solaris. DTrace will assist you in profiling your system and applications, data which you can use to make the system perform even better under your specific configuration. Every key developer needs a tool like this.

Wireless Mesh Networking

The Wireless Mesh Networking (802.11s) is an experimental feature and early adoption framework that gives the ability to setup a Meshed Wireless network. Currently most Wireless networks are build around one central access points, with leaf nodes / bridges / repeaters attached to them. This experimental feature offers the ability to ‘perfectly’ roam accross the network, without being tied to one specific Access Point.

VIMAGE

VIMAGE, is an network virtualisation project that aims in delivering multiple networking related instances. So for example you can give your jails, their own vimage, enabling them to run IPSEC, Packet filter(s), setting their own routing tables etc. So this actually makes your jails, more or less independant servers.

Multiple routing tables

Multiple routing tables, enable you to select different routing tables for different services. For example you can setup different routes for your webserver(s) and mailserver(s). The “setfib” utility is added to provide a management layer for these FIB’s (Routing tables).

Equal Cost multipath routing

Equal-Cost Multi-Path Routing (ECMP) is a new feature under FreeBSD 8, that enables the administrator to loadbalance traffic by equally balancing traffic over various routes. In theory this could increase the bandwidth that you can use, so be sure to check this out!

FreeBSD ports Parallel building

The FreeBSD ports framework is adopted to that multiple ports can be build at once. People with multi core systems will definitly see significant improvements in this region. While this update is not limited to the 8.0 release itself, it is the first release that will have this feature onboard. (after fetching the ports tree ofcourse).

MPSafe TTY

The TTY subsystem is one of the last sections of the entire operating system that had not been rewritten or massively updated in the last decade or two. FreeBSD 8 will have a replaced version that no longer uses the GIANT lock. That reduces the impact of the lock even more and will assist with fine grained multiprocessor capabilities. It is also more modular and will make it easier to hook into the new layer. This will help in lagging console and X.org sessions.

Procstat

Procstat is a new application, eliminating the need for procfs(4), it gives the user information about processes, command line arguments, kernel thread stacks, and many other functions that could assist people in troubleshooting and debugging.

Textdumps

Textdumps had been written to make it much easier to get coredump information back from the Operating System after fatal events occured.

The application had been setup to generate a tar archive that includes several text files with valuable troubleshooting information. Users that send this tar file to one of the appropriate lists, make a much better chance in getting their problem fixed. Before this tool one needed to do this manually, often making this an impossible step for the average user. Not only will this help the user that is facing problems, but also the bugbusters that will have all required information available without needing to explain on how to get the information there.

Experimental AHCI driver

An experimental AHCI driver had been added to the tree, which gives direct and native AHCI commands through the CAM layer. This includes the NCQ feature (Native Command Queueing).

Gvinum v2

Gvinum had been updated and reworked, making it much more production ready and usable then before.

Disk utility upgrades

Several disk utility applications had been updated, or adjusted to become the default. For example the GEOM_PART utility becomes the defacto standard for disk slicing. One should pay attention when this comes in to play though, since the labels might be read differently with GEOM_PART your devices might be enumerated in a different way then before. Make sure you are actively involved with the upgrade and make sure you have serial access to the machine in case of problems!

Beyond that GPT partitions are now capable of being boot from, and the bsdlabel utility supports up to 26 partitions now.

ProPolice Stack Protector

The ProPolice SSP framework is added to the builds, protecting the kernel and userland (where configured) from being stack-smashed. This will make it harder to exploit stack based buffer overflows.

ZFS

ZFS is updated to version 13, and sees several improvements. The experimental warning is removed, making it a production ready filesystem which you can use with very large datapools. Make sure you have enough memory when playing with it though!

Wireless Virtual AP

The Wireless code is updated to support Virtual AP’s. Within the /etc/rc.conf file you are now able to clone the ‘direct hardware interface’ like ath0 into a wlan device. If you clone this more often you will be able to support more SSID’s and things like that. For small companies or freaky home users, you can setup your own protected SSID, and a guest SID which visitors can use and is protected differently.

VirtualBox Host support

The FreeBSD ports tree saw VirtualBox added to the tree, making FreeBSD 8 one of the possible candidates for Virtual Machines delivered through VirtualBox. This makes it a good alternative for VMWare.

NULL-pointer dereferences made harder

The FreeBSD Security Team included a little rewrite of the NULL pointer handling within FreeBSD. Programs are no longer able to make use of the NULL pointer by default and will be stacked on a random address location. This feature makes FreeBSD a bit safer against NULL pointer dereference vulnerabilities.

lukemftpd build disabled by default

Personally I axed the build of lukemftpd. This is one of the two ftp daemons that we have in the base system, and was opted for removal a long time ago. That had happened and the daemon is no longer available by default on the latest version of FreeBSD. Further removal of the lukemftpd software will be investigated to see what consequences will popup because of that.

How to upgrade?

Now that we spoiled you with all the new features in FreeBSD 8, there is probably interest in how one can upgrade to the FreeBSD 8 release.

Before explaining the process of upgrading the system, I expect that you already have a FreeBSD system running on 7.2 or 7-STABLE, if you are unsure on how to get that going, please refer to my previous article in BSDMag which explains this in great detail (and it includes pictures too!).

Ofcourse it is also be possible to install FreeBSD 8 from CD/DVD, please browse to ftp://ftp.langcode.FreeBSD.org/pub/FreeBSD/ISO-IMAGES-yourarchitecturehere/8.0
and fetch the proper media. All you have to do is follow the instructions that are printed on screen. If you need more details about this, there is an excellent handbook that will guide you through it, or again my previous article will assist you. The FreeBSD handbook can be found here:

http://www.FreeBSD.org/doc/en/books/handbook/

In some cases there are localised versions, like the Dutch Handbook:

http://www.FreeBSD.org/doc/nl/books/handbook

replace ‘/nl’ by ‘/yourlangcode’ to see whether your version also exists.

As mentioned we will be upgrading a running 7.2 / 7-STABLE system to FreeBSD 8.0-RELEASE.

We use “csup” for this, which will fetch our source code. This will lead up to a new system and new kernel.

For the instructions that follow, you will need “root” access, if you do not have this access, please consult your system administrator and ask him for help on how to upgrade FreeBSD as “root”.

Copy over the example csup file to /root and begin editing:

# cp /usr/share/examples/cvsup/stable-supfile /root/8-release
# vi /root/8-release

Navigate to the line which mentions ‘default host’, and change it to a server near you, so for example in the Netherlands you would use:

*default host=cvsup.nl.FreeBSD.org

Now find the part that has ‘default release’ mentioned. We need to update that as well. Change the contents of the tag parameter to RELENG_8_0. Thus the line would look like something as:

*default release=cvs tag=RELENG_8_0

Note that there is another tag that will give you the actual release bits (RELENG_8_0_0_RELEASE), but this will not get updated for Errata Notice’s and Security Advisories, making it an unwanted tag to use.

After making sure the above updates were done, we will need to update our tree. If you are a survivor of my previous article you will have an old tree and old objects tree which you might want to save for future reference.

# mv /usr/src /usr/src.releng7
# mv /usr/obj /usr/obj.releng7

Now we can download / update the new tree.

# csup /root/8-release

Wait for it to finish, and after that we can build a new kernel and world. We will not do modifications to the kernel and world this will be very straightforward.

# cd /usr/src
# make buildworld && make buildkernel

This will generate both a new world, and a new kernel, which we will use later on.

When this had been done, we will update the configuration files by issueing:

# mergemaster -p

This will update the configuration files that are needed before the new release can be started at all. If no output is given then the current configuration is sufficient to start the 8.0 version later on.

Configuration had been updated, so we can start by installing the kernel, after which we need to reboot the system:

# make installkernel
# reboot

The system will restart, when the bootloader starts, press a key and/or start the system in single user mode. In case you do not have the menu; you should issue “boot -s” on the command line so that the system starts in single user mode.

Assuming that nothing went wrong and the system starts normally into the single user mode, we can continue by installing the new world.

# cd /usr/src
# make installworld

Next we need to run a new mergemaster, but this time without any additional flags, so that “optional” configuration files will get updated.

# mergemaster

Walk through all differences and make updates where you think they are appropriate. Be carefull though, if you update passwd and group, you might no longer be able to login remotely. I have been there, done it and got the t-shirt. Again I’d assume you made all the changes you wanted to, without messing up with the system itself. We need to reboot one more time before we can be a happy 8.0 user.

# reboot

And the system will reboot and restart all services under the new world order.

Updating the jails:

In my previous article we also installed jails, that will do our hosting needs, without compromising the host machine. They are not updated through the way described above. Though a fairly simple way of doing that is by installing the new world over the old jail-world. For this you need to stop the jails, because otherwise the system might not be able to update essential files because they are in use.

Once again navigate to the usr/src tree so that we can start by updating the jails. I’d assume you have stopped the jails already so we are safe to go.

# cd /usr/src

Next, update the jails master infrastructure:

# make installworld DESTDIR=/home/j/mroot

However, please do note that it might be possible that certain ports need to be rebuild. Carefully inventorize what kind of applications you currently use, and check whether they might be using libraries that are no longer provided. After you did this you are free to cleanup old libraries:

# cd /usr/src
# make delete-old-libs
# make delete-old

Again this is at your own risk. If you fail to update bash for example to use the new libraries, you are no longer able to restart it if you relogin. Again I have been there, done it and, got a nice second t-shirt!

Conclusion:

So now you are running a fresh and modern 8 system, which you can use to do various kind of (new) things. Not only did we update your base system, we also updated your jail infrastructure and you also updated several ports so survive this cleanup. You also got an impression about what new features you can use under FreeBSD, so I’d suggest you start playing with them now. In case you find problematic things, please consider sending an email to the various mailing lists of FreeBSD, located at http://lists.FreeBSD.org

In case of a more serious problem, which cannot be resolved by the various mailing lists, please consider sending in a bug report so that the developer crew can act accordingly and if there is enough information available resolve the problem you are facing.

Do realise though: Most people working on FreeBSD is a volunteer, who all work for bosses or are being hired for different projects. They also have families, kids, and a social life that demand attention. Please take care when sending in a problem report. Make the report as detailed as possible, send in the textdump if that is available, and give people time to respond. Most often a gentle prod works better then bashing around.

References:

I used Ivan Voras’ list of “Whats cooking for FreeBSD 8″ as my main source for new and improved updates. You can find the list at the following URL:

http://ivoras.sharanet.org/freebsd/freebsd8.html

About the Author:

Remko Lodder is a 26 year old FreeBSD enthusiast, in his spare time he likes being with his son and girlfriend, playing with FreeBSD systems, and wearing various FreeBSD hats to help the community. In his professional life Remko is an Unix Engineer for Snow B.V. in the Netherlands mostly focussing on Firewalls and Security (Checkpoint/Juniper etc.). You can contact him by sending an email to: remko@FreeBSD.org, or if you want to hire him send an email to Remko.Lodder@Snow.nl or check out their website on: http://snow.nl