Java 2 SDK 1.4.0 for Linux Installation Notes

CLI & GUI v0.17.1.3 'Oxygen Orion' released!

This is the CLI & GUI v0.17.1.3 'Oxygen Orion' point release. This release predominantly features bug fixes and performance improvements. Users, however, are recommended to upgrade, as it includes mitigations for the issue where transactions occasionally fail.

(Direct) download links (GUI)

(Direct) download links (CLI)

GPG signed hashes

We encourage users to check the integrity of the binaries and verify that they were signed by binaryFate's GPG key. A guide that walks you through this process can be found here for Windows and here for Linux and Mac OS X.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 # This GPG-signed message exists to confirm the SHA256 sums of Monero binaries. # # Please verify the signature against the key for binaryFate in the # source code repository (/utils/gpg_keys). # # ## CLI 38a04a7bd00733e9d943edba3004e44730c0848fe5e8a4fca4cb29c12d1e6b2f monero-android-armv7-v0.17.1.3.tar.bz2 0e94f58572646992ee21f01d291211ed3608e8a46ecb6612b378a2188390dba0 monero-android-armv8-v0.17.1.3.tar.bz2 ae1a1b61d7b4a06690cb22a3389bae5122c8581d47f3a02d303473498f405a1a monero-freebsd-x64-v0.17.1.3.tar.bz2 57d6f9c25bd1dbc9d6b39fcfb13260b21c5594b4334e8ed3b8922108730ee2f0 monero-linux-armv7-v0.17.1.3.tar.bz2 a0419993fbc6a5ca11bcd2e825acef13e429824f4d8c7ba4ec73ac446d2af2fb monero-linux-armv8-v0.17.1.3.tar.bz2 cf3fb693339caed43a935c890d71ecab5b89c430e778dc5ef0c3173c94e5bf64 monero-linux-x64-v0.17.1.3.tar.bz2 d107384ff7b1f77ee4db93940dbfda24d6045bf59c43169bc81a0118e3986bfa monero-linux-x86-v0.17.1.3.tar.bz2 79557c8bee30b229bda90bb9ee494097d639d60948fc2ad87a029359b56b1b48 monero-mac-x64-v0.17.1.3.tar.bz2 3eee0d0e896fb426ef92a141a95e36cb33ca7d1e1db3c1d4cb7383994af43a59 monero-win-x64-v0.17.1.3.zip c9e9dde61b33adccd7e794eba8ba29d820817213b40a2571282309d25e64e88a monero-win-x86-v0.17.1.3.zip # ## GUI 15ad80b2abb18ac2521398c4dad9b8bfea2e6fc535cf4ebcc60d99b8042d4fb2 monero-gui-install-win-x64-v0.17.1.3.exe 3bed02f9db5b7b2fe4115a636fecf0c6ec9079dd4e9284c8ce2c67d4996e2a4a monero-gui-linux-x64-v0.17.1.3.tar.bz2 23405534c7973a8d6908b76121b81894dc853039c942d7527d254dfde0bd2e8f monero-gui-mac-x64-v0.17.1.3.dmg 0a49ccccb561445f3d7ec0087ddc83a8b76f424fb7d5e0d725222f3639375ec4 monero-gui-win-x64-v0.17.1.3.zip # # # ~binaryFate -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEgaxZH+nEtlxYBq/D8K9NRioL35IFAl+oVkkACgkQ8K9NRioL 35Lmpw//Xs09T4917sbnRH/DW/ovpRyjF9dyN1ViuWQW91pJb+E3i9TY+wU3q85k LyTihDB5pV+3nYgKPL9TlLfaytJIQG0vYHykPWHVmYmvoIs9BLarGwaU3bjO0rh9 ST5GDMdvxmQ5Y1LTwVfKkmBJw26DAs0xAvjBX44oRQjjuUdH6JdLPsqa5Kb++NCM b453m5s8bT3Cw6w0eJB1FQEyQ5BoDrwYcFzzsS1ag/C4Ylq0l6CZfEambfOQvdUi 7D5Rywfhiz2t7cfn7LaoXb74KDA/B1bL+R1/KhCuFqxRTOQzq9IxRywh4VptAAMU UR7jFHFijOMoyggIbkD48JmAjlBnqIyQJt4D5gbHe+tSaSoKdgoTGBAmIvaCZIng jfn9pTNzIJbTptsQhhyZqQQIH87D8BctZfX7pREjJmMNGwN2jFxXqUNqYTso20E6 YLtC1mkZBBZ294xHqT1mQpfznc6uVJhhoJpta0eKxkr1ahrGvWBDGZeVhLswnBcq 9dafAkR14rdK1naiCsygb6hMvBqBohVu/bWuhycJcv6XRvlP7UHkR6R8+s6U4Tk2 zaJERQF+cHQpEak5aEJIvDlb/mxteGyvPkPyL7UmADEQh3C4nREwkDSdnitYnF+e HxJZkshoC98+YCkWUP4+JYOOT158jKao3u0laEOxVGOrPz1Nc64= =Ys4h -----END PGP SIGNATURE----- 

Upgrading (GUI)

Note that you should be able to utilize the automatic updater in the GUI that was recently added. A pop-up will appear shortly with the new binary.
In case you want to update manually, you ought to perform the following steps:
  1. Download the new binaries (the .zip file (Windows) or the tar.bz2 file (Mac OS X and Linux)) from the direct download links in this thread or from the official website. If you run active AV (AntiVirus) software, I'd recommend to apply this guide -> https://monero.stackexchange.com/questions/10798/my-antivirus-av-software-blocks-quarantines-the-monero-gui-wallet-is-there
  2. Extract the new binaries (the .zip file (Windows) or the tar.bz2 file (Mac OS X and Linux) you just downloaded) to a new directory / folder of your liking.
  3. Open monero-wallet-gui. It should automatically load your "old" wallet.
If, for some reason, the GUI doesn't automatically load your old wallet, you can open it as follows:
[1] On the second page of the wizard (first page is language selection) choose Open a wallet from file
[2] Now select your initial / original wallet. Note that, by default, the wallet files are located in Documents\Monero\ (Windows), Users//Monero/ (Mac OS X), or home//Monero/ (Linux).
Lastly, note that a blockchain resync is not needed, i.e., it will simply pick up where it left off.

Upgrading (CLI)

You ought to perform the following steps:
  1. Download the new binaries (the .zip file (Windows) or the tar.bz2 file (Mac OS X and Linux)) from the official website, the direct download links in this thread, or Github.
  2. Extract the new binaries to a new directory of your liking.
  3. Copy over the wallet files from the old directory (i.e. the v0.15.x.x, v0.16.x.x, or v0.17.x.x directory).
  4. Start monerod and monero-wallet-cli (in case you have to use your wallet).
Note that a blockchain resync is not needed. Thus, if you open monerod-v0.17.1.3, it will simply pick up where it left off.

Release notes (GUI)

Some highlights of this minor release are:
  • Android support (experimental)
  • Linux binary is now reproducible (experimental)
  • Simple mode: transaction reliability improvements
  • New transaction confirmation dialog
  • Wizard: minor design changes
  • Linux: high DPI support
  • Fix "can't connect to daemon" issue
  • Minor bug fixes
Some highlights of this major release are:
  • Support for CLSAG transaction format
  • Socks5 proxy support, automatically enabled on Tails
  • Simple mode transactions are sent trough local daemon, improved reliability
  • Portable mode, save wallets + config to "storage" folder
  • History page: improvements, incoming / outgoing labels
  • Transfer: new success dialog
  • CMake build system improvements
  • Windows cross compilation support using Docker
  • Various minor bug and UI fixes
Note that you can find a full change log here.

Release notes (CLI)

Some highlights of this minor release are:
  • Add support for I2P and Tor seed nodes (--tx-proxy)
  • Add --ban-list daemon option to ban a list of IP addresses
  • Switch to Dandelion++ fluff mode if no out connections for stem mode
  • Fix a bug with relay_tx
  • Fix a rare readline related crash
  • Use /16 filtering on IPv4-within-IPv6 addresses
  • Give all hosts the same chance of being picked for connecting
  • Minor bugfixes
Some highlights of this major release are:
  • Support for CLSAG transaction format
  • Deterministic unlock times
  • Enforce claiming maximum coinbase amount
  • Serialization format changes
  • Remove most usage of Boost library
  • Always send raw transactions through P2P, don't use bootstrap daemon
  • Update InProofV1, OutProofV1, and ReserveProofV1 to V2
  • ASM optimizations for wallet refresh (macOS / Linux)
  • Randomized delay when forwarding txes from i2p/tor -> ipv4/6
  • New show_qr_code wallet command for CLI
  • Add ZMQ/Pub support for txpool_add and chain_main events
  • Various bug fixes and performance improvements
Note that you can find a full change log here.

Further remarks

  • A guide on pruning can be found here.
  • Ledger Monero users, please be aware that version 1.7.4 of the Ledger Monero App is required in order to properly use CLI or GUI v0.17.1.3.

Guides on how to get started (GUI)

https://github.com/monero-ecosystem/monero-GUI-guide/blob/mastemonero-GUI-guide.md
Older guides: (These were written for older versions, but are still somewhat applicable)
Sheep’s Noob guide to Monero GUI in Tails
https://medium.com/@Electricsheep56/the-monero-gui-wallet-broken-down-in-plain-english-bd2889b8c202

Ledger GUI guides:

How do I generate a Ledger Monero wallet with the GUI (monero-wallet-gui)?
How do I restore / recreate my Ledger Monero wallet?

Trezor GUI guides:

How do I generate a Trezor Monero wallet with the GUI (monero-wallet-gui)?
How to use Monero with Trezor - by Trezor
How do I restore / recreate my Trezor Monero wallet?

Ledger & Trezor CLI guides

Guides to resolve common issues (GUI)

My antivirus (AV) software blocks / quarantines the Monero GUI wallet, is there a work around I can utilize?
I am missing (not seeing) a transaction to (in) the GUI (zero balance)
Transaction stuck as “pending” in the GUI
How do I move the blockchain (data.mdb) to a different directory during (or after) the initial sync without losing the progress?
I am using the GUI and my daemon doesn't start anymore
My GUI feels buggy / freezes all the time
The GUI uses all my bandwidth and I can't browse anymore or use another application that requires internet connection
How do I change the language of the 25 word mnemonic seed in the GUI or CLI?
I am using remote node, but the GUI still syncs blockchain?

Using the GUI with a remote node

In the wizard, you can either select Simple mode or Simple mode (bootstrap) to utilize this functionality. Note that the GUI developers / contributors recommend to use Simple mode (bootstrap) as this mode will eventually use your own (local) node, thereby contributing to the strength and decentralization of the network. Lastly, if you manually want to set a remote node, you ought to use Advanced mode. A guide can be found here:
https://www.getmonero.org/resources/user-guides/remote_node_gui.html

Adding a new language to the GUI

https://github.com/monero-ecosystem/monero-translations/blob/masteweblate.md
If, after reading all these guides, you still require help, please post your issue in this thread and describe it in as much detail as possible. Also, feel free to post any other guides that could help people.
submitted by dEBRUYNE_1 to Monero [link] [comments]

Red Hat OpenShift Container Platform Instruction Manual for Windows Powershell

Introduction to the manual
This manual is made to guide you step by step in setting up an OpenShift cloud environment on your own device. It will tell you what needs to be done, when it needs to be done, what you will be doing and why you will be doing it, all in one convenient manual that is made for Windows users. Although if you'd want to try it on Linux or MacOS we did add the commands necesary to get the CodeReady Containers to run on your operating system. Be warned however there are some system requirements that are necessary to run the CodeReady Containers that we will be using. These requirements are specified within chapter Minimum system requirements.
This manual is written for everyone with an interest in the Red Hat OpenShift Container Platform and has at least a basic understanding of the command line within PowerShell on Windows. Even though it is possible to use most of the manual for Linux or MacOS we will focus on how to do this within Windows.
If you follow this manual you will be able to do the following items by yourself:
● Installing the CodeReady Containers
● Updating OpenShift
● Configuring a CodeReady Container
● Configuring the DNS
● Accessing the OpenShift cluster
● Deploying the Mediawiki application
What is the OpenShift Container platform?
Red Hat OpenShift is a cloud development Platform as a Service (PaaS). It enables developers to develop and deploy their applications on a cloud infrastructure. It is based on the Kubernetes platform and is widely used by developers and IT operations worldwide. The OpenShift Container platform makes use of CodeReady Containers. CodeReady Containers are pre-configured containers that can be used for developing and testing purposes. There are also CodeReady Workspaces, these workspaces are used to provide any member of the development or IT team with a consistent, secure, and zero-configuration development environment.
The OpenShift Container Platform is widely used because it helps the programmers and developers make their application faster because of CodeReady Containers and CodeReady Workspaces and it also allows them to test their application in the same environment. One of the advantages provided by OpenShift is the efficient container orchestration. This allows for faster container provisioning, deploying and management. It does this by streamlining and automating the automation process.
What knowledge is required or recommended to proceed with the installation?
To be able to follow this manual some knowledge is mandatory, because most of the commands are done within the Command Line interface it is necessary to know how it works and how you can browse through files/folders. If you either don’t have this basic knowledge or have trouble with the basic Command Line Interface commands from PowerShell, then a cheat sheet might offer some help. We recommend the following cheat sheet for windows:
Https://www.sans.org/security-resources/sec560/windows\_command\_line\_sheet\_v1.pdf
Another option is to read through the operating system’s documentation or introduction guides. Though the documentation can be overwhelming by the sheer amount of commands.
Microsoft: https://docs.microsoft.com/en-us/windows-serveadministration/windows-commands/windows-commands
MacOS
Https://www.makeuseof.com/tag/mac-terminal-commands-cheat-sheet/
Linux
https://ubuntu.com/tutorials/command-line-for-beginners#2-a-brief-history-lesson https://www.guru99.com/linux-commands-cheat-sheet.html
http://cc.iiti.ac.in/docs/linuxcommands.pdf
Aside from the required knowledge there are also some things that can be helpful to know just to make the use of OpenShift a bit simpler. This consists of some general knowledge on PaaS like Dockers and Kubernetes.
Docker https://www.docker.com/
Kubernetes https://kubernetes.io/

System requirements

Minimum System requirements

The minimum system requirements for the Red Hat OpenShift CodeReady Containers has the following minimum hardware:
Hardware requirements
Code Ready Containers requires the following system resources:
● 4 virtual CPU’s
● 9 GB of free random-access memory
● 35 GB of storage space
● Physical CPU with Hyper-V (intel) or SVM mode (AMD) this has to be enabled in the bios
Software requirements
The minimum system requirements for the Red Hat OpenShift CodeReady Containers has the following minimum operating system requirements:
Microsoft Windows
On Microsoft Windows, the Red Hat OpenShift CodeReady Containers requires the Windows 10 Pro Fall Creators Update (version 1709) or newer. CodeReady Containers does not work on earlier versions or other editions of Microsoft Windows. Microsoft Windows 10 Home Edition is not supported.
macOS
On macOS, the Red Hat OpenShift CodeReady Containers requires macOS 10.12 Sierra or newer.
Linux
On Linux, the Red Hat OpenShift CodeReady Containers is only supported on Red Hat Enterprise Linux/CentOS 7.5 or newer and on the latest two stable Fedora releases.
When using Red Hat Enterprise Linux, the machine running CodeReady Containers must be registered with the Red Hat Customer Portal.
Ubuntu 18.04 LTS or newer and Debian 10 or newer are not officially supported and may require manual set up of the host machine.

Required additional software packages for Linux

The CodeReady Containers on Linux require the libvirt and Network Manager packages to run. Consult the following table to find the command used to install these packages for your Linux distribution:
Table 1.1 Package installation commands by distribution
Linux Distribution Installation command
Fedora Sudo dnf install NetworkManager
Red Hat Enterprise Linux/CentOS Su -c 'yum install NetworkManager'
Debian/Ubuntu Sudo apt install qemu-kvm libvirt-daemonlibvirt-daemon-system network-manage

Installation

Getting started with the installation

To install CodeReady Containers a few steps must be undertaken. Because an OpenShift account is necessary to use the application this will be the first step. An account can be made on “https://www.openshift.com/”, where you need to press login and after that select the option “Create one now”
After making an account the next step is to download the latest release of CodeReady Containers and the pulled secret on “https://cloud.redhat.com/openshift/install/crc/installer-provisioned”. Make sure to download the version corresponding to your platform and/or operating system. After downloading the right version, the contents have to be extracted from the archive to a location in your $PATH. The pulled secret should be saved because it is needed later.
The command line interface has to be opened before we can continue with the installation. For windows we will use PowerShell. All the commands we use during the installation procedure of this guide are going to be done in this command line interface unless stated otherwise. To be able to run the commands within the command line interface, use the command line interface to go to the location in your $PATH where you extracted the CodeReady zip.
If you have installed an outdated version and you wish to update, then you can delete the existing CodeReady Containers virtual machine with the $crc delete command. After deleting the container, you must replace the old crc binary with a newly downloaded binary of the latest release.
C:\Users\[username]\$PATH>crc delete 
When you have done the previous steps please confirm that the correct and up to date crc binary is in use by checking it with the $crc version command, this should provide you with the version that is currently installed.
C:\Users\[username]\$PATH>crc version 
To set up the host operating system for the CodeReady Containers virtual machine you have to run the $crc setup command. After running crc setup, crc start will create a minimal OpenShift 4 cluster in the folder where the executable is located.
C:\Users\[username]>crc setup 

Setting up CodeReady Containers

Now we need to set up the new CodeReady Containers release with the $crc setup command. This command will perform the operations necessary to run the CodeReady Containers and create the ~/.crc directory if it did not previously exist. In the process you have to supply your pulled secret, once this process is completed you have to reboot your system. When the system has restarted you can start the new CodeReady Containers virtual machine with the $crc start command. The $crc start command starts the CodeReady virtual machine and OpenShift cluster.
You cannot change the configuration of an existing CodeReady Containers virtual machine. So if you have a CodeReady Containers virtual machine and you want to make configuration changes you need to delete the virtual machine with the $crc delete command and create a new virtual machine and start that one with the configuration changes. Take note that deleting the virtual machine will also delete the data stored in the CodeReady Containers. So, to prevent data loss we recommend you save the data you wish to keep. Also keep in mind that it is not necessary to change the default configuration to start OpenShift.
C:\Users\[username]\$PATH>crc setup 
Before starting the machine, you need to keep in mind that it is not possible to make any changes to the virtual machine. For this tutorial however it is not necessary to change the configuration, if you don’t want to make any changes please continue by starting the machine with the crc start command.
C:\Users\[username]\$PATH>crc start 
\ it is possible that you will get a Nameserver error later on, if this is the case please start it with* crc start -n 1.1.1.1

Configuration

It is not is not necessary to change the default configuration and continue with this tutorial, this chapter is here for those that wish to do so and know what they are doing. However, for MacOS and Linux it is necessary to change the dns settings.

Configuring the CodeReady Containers

To start the configuration of the CodeReady Containers use the command crc config. This command allows you to configure the crc binary and the CodeReady virtual machine. The command has some requirements before it’s able to configure. This requirement is a subcommand, the available subcommands for this binary and virtual machine are:
get, this command allows you to see the values of a configurable property
set/unset, this command can be used for 2 things. To display the names of, or to set and/or unset values of several options and parameters. These parameters being:
○ Shell options
○ Shell attributes
○ Positional parameters
view, this command starts the configuration in read-only mode.
These commands need to operate on named configurable properties. To list all the available properties, you can run the command $crc config --help.
Throughout this manual we will use the $crc config command a few times to change some properties needed for the configuration.
There is also the possibility to use the crc config command to configure the behavior of the checks that’s done by the $crc start end $crc setup commands. By default, the startup checks will stop with the process if their conditions are not met. To bypass this potential issue, you can set the value of a property that starts with skip-check or warn-check to true to skip the check or warning instead of ending up with an error.
C:\Users\[username]\$PATH>crc config get C:\Users\[username]\$PATH>crc config set C:\Users\[username]\$PATH>crc config unset C:\Users\[username]\$PATH>crc config view C:\Users\[username]\$PATH>crc config --help 

Configuring the Virtual Machine

You can use the CPUs and memory properties to configure the default number of vCPU’s and amount of memory available for the virtual machine.
To increase the number of vCPU’s available to the virtual machine use the $crc config set CPUs . Keep in mind that the default number for the CPU’s is 4 and the number of vCPU’s you wish to assign must be equal or greater than the default value.
To increase the memory available to the virtual machine, use the $crc config set memory . Keep in mind that the default number for the memory is 9216 Mebibytes and the amount of memory you wish to assign must be equal or greater than the default value.
C:\Users\[username]\$PATH>crc config set CPUs  C:\Users\[username]\$PATH>crc config set memory > 

Configuring the DNS

Window / General DNS setup

There are two domain names used by the OpenShift cluster that are managed by the CodeReady Containers, these are:
crc.testing, this is the domain for the core OpenShift services.
apps-crc.testing, this is the domain used for accessing OpenShift applications that are deployed on the cluster.
Configuring the DNS settings in Windows is done by executing the crc setup. This command automatically adjusts the DNS configuration on the system. When executing crc start additional checks to verify the configuration will be executed.

macOS DNS setup

MacOS expects the following DNS configuration for the CodeReady Containers
● The CodeReady Containers creates a file that instructs the macOS to forward all DNS requests for the testing domain to the CodeReady Containers virtual machine. This file is created at /etc/resolvetesting.
● The oc binary requires the following CodeReady Containers entry to function properly, api.crc.testing adds an entry to /etc/hosts pointing at the VM IPaddress.

Linux DNS setup

CodeReady containers expect a slightly different DNS configuration. CodeReady Container expects the NetworkManager to manage networking. On Linux the NetworkManager uses dnsmasq through a configuration file, namely /etc/NetworkManageconf.d/crc-nm-dnsmasq.conf.
To set it up properly the dnsmasq instance has to forward the requests for crc.testing and apps-crc.testing domains to “192.168.130.11”. In the /etc/NetworkManageconf.d/crc-nm-dnsmasq.conf this will look like the following:
● Server=/crc. Testing/192.168.130.11
● Server=/apps-crc. Testing/192.168.130.11

Accessing the Openshift Cluster

Accessing the Openshift web console

To gain access to the OpenShift cluster running in the CodeReady virtual machine you need to make sure that the virtual machine is running before continuing with this chapter. The OpenShift clusters can be accessed through the OpenShift web console or the client binary(oc).
First you need to execute the $crc console command, this command will open your web browser and direct a tab to the web console. After that, you need to select the htpasswd_provider option in the OpenShift web console and log in as a developer user with the output provided by the crc start command.
It is also possible to view the password for kubeadmin and developer users by running the $crc console --credentials command. While you can access the cluster through the kubeadmin and developer users, it should be noted that the kubeadmin user should only be used for administrative tasks such as user management and the developer user for creating projects or OpenShift applications and the deployment of these applications.
C:\Users\[username]\$PATH>crc console C:\Users\[username]\$PATH>crc console --credentials 

Accessing the OpenShift cluster with oc

To gain access to the OpenShift cluster with the use of the oc command you need to complete several steps.
Step 1.
Execute the $crc oc-env command to print the command needed to add the cached oc binary to your PATH:
C:\Users\[username]\$PATH>crc oc-env 
Step 2.
Execute the printed command. The output will look something like the following:
PS C:\Users\OpenShift> crc oc-env $Env:PATH = "CC:\Users\OpenShift\.crc\bin\oc;$Env:PATH" # Run this command to configure your shell: # & crc oc-env | Invoke-Expression 
This means we have to execute* the command that the output gives us, in this case that is:
C:\Users\[username]\$PATH>crc oc-env | Invoke-Expression 
\this has to be executed every time you start; a solution is to move the oc binary to the same path as the crc binary*
To test if this step went correctly execute the following command, if it returns without errors oc is set up properly
C:\Users\[username]\$PATH>.\oc 
Step 3
Now you need to login as a developer user, this can be done using the following command:
$oc login -u developer https://api.crc.testing:6443
Keep in mind that the $crc start will provide you with the password that is needed to login with the developer user.
C:\Users\[username]\$PATH>oc login -u developer https://api.crc.testing:6443 
Step 4
The oc can now be used to interact with your OpenShift cluster. If you for instance want to verify if the OpenShift cluster Operators are available, you can execute the command
$oc get co 
Keep in mind that by default the CodeReady Containers disables the functions provided by the commands $machine-config and $monitoringOperators.
C:\Users\[username]\$PATH>oc get co 

Demonstration

Now that you are able to access the cluster, we will take you on a tour through some of the possibilities within OpenShift Container Platform.
We will start by creating a project. Within this project we will import an image, and with this image we are going to build an application. After building the application we will explain how upscaling and downscaling can be used within the created application.
As the next step we will show the user how to make changes in the network route. We also show how monitoring can be used within the platform, however within the current version of CodeReady Containers this has been disabled.
Lastly, we will show the user how to use user management within the platform.

Creating a project

To be able to create a project within the console you have to login on the cluster. If you have not yet done this, this can be done by running the command crc console in the command line and logging in with the login data from before.
When you are logged in as admin, switch to Developer. If you're logged in as a developer, you don't have to switch. Switching between users can be done with the dropdown menu top left.
Now that you are properly logged in press the dropdown menu shown in the image below, from there click on create a project.
https://preview.redd.it/ytax8qocitv51.png?width=658&format=png&auto=webp&s=72d143733f545cf8731a3cca7cafa58c6507ace2
When you press the correct button, the following image will pop up. Here you can give your project a name and description. We chose to name it CodeReady with a displayname CodeReady Container.
https://preview.redd.it/vtaxadwditv51.png?width=594&format=png&auto=webp&s=e3b004bab39fb3b732d96198ed55fdd99259f210

Importing image

The Containers in OpenShift Container Platform are based on OCI or Docker formatted images. An image is a binary that contains everything needed to run a container as well as the metadata of the requirements needed for the container.
Within the OpenShift Container Platform it’s possible to obtain images in a number of ways. There is an integrated Docker registry that offers the possibility to download new images “on the fly”. In addition, OpenShift Container Platform can use third party registries such as:
- Https://hub.docker.com/
- Https://catalog.redhat.com/software/containers/search
Within this manual we are going to import an image from the Red Hat container catalog. In this example we’ll be using MediaWiki.
Search for the application in https://catalog.redhat.com/software/containers/search

https://preview.redd.it/c4mrbs0fitv51.png?width=672&format=png&auto=webp&s=f708f0542b53a9abf779be2d91d89cf09e9d2895
Navigate to “Get this image”
Follow the steps to “create a registry service account”, after that you can copy the YAML.
https://preview.redd.it/b4rrklqfitv51.png?width=1323&format=png&auto=webp&s=7a2eb14a3a1ba273b166e03e1410f06fd9ee1968
After the YAML has been copied we will go to the topology view and click on the YAML button
https://preview.redd.it/k3qzu8dgitv51.png?width=869&format=png&auto=webp&s=b1fefec67703d0a905b00765f0047fe7c6c0735b
Then we have to paste in the YAML, put in the name, namespace and your pull secret name (which you created through your registry account) and click on create.
https://preview.redd.it/iz48kltgitv51.png?width=781&format=png&auto=webp&s=4effc12e07bd294f64a326928804d9a931e4d2bd
Run the import command within powershell
$oc import-image openshift4/mediawiki --from=registry.redhat.io/openshift4/mediawiki --confirm imagestream.image.openshift.io/mediawiki imported 

Creating and managing an application

There are a few ways to create and manage applications. Within this demonstration we’ll show how to create an application from the previously imported image.

Creating the application

To create an image with the previously imported image go back to the console and topology. From here on select container image.
https://preview.redd.it/6506ea4iitv51.png?width=869&format=png&auto=webp&s=c0231d70bb16c76cd131e6b71256e93550cc8b37
For the option image you'll want to select the “image stream tag from internal registry” option. Give the application a name and then create the deployment.
https://preview.redd.it/tk72idniitv51.png?width=813&format=png&auto=webp&s=a4e662cf7b96604d84df9d04ab9b90b5436c803c
If everything went right during the creating process you should see the following, this means that the application is successfully running.
https://preview.redd.it/ovv9l85jitv51.png?width=901&format=png&auto=webp&s=f78f350207add0b8a979b6da931ff29ffa30128c

Scaling the application

In OpenShift there is a feature called autoscaling. There are two types of application scaling, namely vertical scaling, and horizontal scaling. Vertical scaling is adding only more CPU and hard disk and is no longer supported by OpenShift. Horizontal scaling is increasing the number of machines.
One of the ways to scale an application is by increasing the number of pods. This can be done by going to a pod within the view as seen in the previous step. By either pressing the up or down arrow more pods of the same application can be added. This is similar to horizontal scaling and can result in better performance when there are a lot of active users at the same time.
https://preview.redd.it/s6i1vbcrltv51.png?width=602&format=png&auto=webp&s=e62cbeeed116ba8c55704d61a990fc0d8f3cfaa1
In the picture above we see the number of nodes and pods and how many resources those nodes and pods are using. This is something to keep in mind if you want to scale up your application, the more you scale it up, the more resources it will take up.

https://preview.redd.it/quh037wmitv51.png?width=194&format=png&auto=webp&s=5e326647b223f3918c259b1602afa1b5fbbeea94

Network

Since OpenShift Container platform is built on Kubernetes it might be interesting to know some theory about its networking. Kubernetes, on which the OpenShift Container platform is built, ensures that the Pods within OpenShift can communicate with each other via the network and assigns them their own IP address. This makes all containers within the Pod behave as if they were on the same host. By giving each pod its own IP address, pods can be treated as physical hosts or virtual machines in terms of port mapping, networking, naming, service discovery, load balancing, application configuration and migration. To run multiple services such as front-end and back-end services, OpenShift Container Platform has a built-in DNS.
One of the changes that can be made to the networking of a Pod is the Route. We’ll show you how this can be done in this demonstration.
The Route is not the only thing that can be changed and or configured. Two other options that might be interesting but will not be demonstrated in this manual are:
- Ingress controller, Within OpenShift it is possible to set your own certificate. A user must have a certificate / key pair in PEM-encoded files, with the certificate signed by a trusted authority.
- Network policies, by default all pods in a project are accessible from other pods and network locations. To isolate one or more pods in a project, it is possible to create Network Policy objects in that project to indicate the allowed incoming connections. Project administrators can create and delete Network Policy objects within their own project.
There is a search function within the Container Platform. We’ll use this to search for the network routes and show how to add a new route.
https://preview.redd.it/8jkyhk8pitv51.png?width=769&format=png&auto=webp&s=9a8762df5bbae3d8a7c92db96b8cb70605a3d6da
You can add items that you use a lot to the navigation
https://preview.redd.it/t32sownqitv51.png?width=1598&format=png&auto=webp&s=6aab6f17bc9f871c591173493722eeae585a9232
For this example, we will add Routes to navigation.
https://preview.redd.it/pm3j7ljritv51.png?width=291&format=png&auto=webp&s=bc6fbda061afdd0780bbc72555d809b84a130b5b
Now that we’ve added Routes to the navigation, we can start the creation of the Route by clicking on “Create route”.
https://preview.redd.it/5lgecq0titv51.png?width=1603&format=png&auto=webp&s=d548789daaa6a8c7312a419393795b52da0e9f75
Fill in the name, select the service and the target port from the drop-down menu and click on Create.
https://preview.redd.it/qczgjc2uitv51.png?width=778&format=png&auto=webp&s=563f73f0dc548e3b5b2319ca97339e8f7b06c9d6
As you can see, we’ve successfully added the new route to our application.
https://preview.redd.it/gxfanp2vitv51.png?width=1588&format=png&auto=webp&s=1aae813d7ad0025f91013d884fcf62c5e7d109f1
Storage
OpenShift makes use of Persistent Storage, this type of storage uses persistent volume claims(PVC). PVC’s allow the developer to make persistent volumes without needing any knowledge about the underlying infrastructure.
Within this storage there are a few configuration options:
It is however important to know how to manually reclaim the persistent volumes, since if you delete PV the associated data will not be automatically deleted with it and therefore you cannot reassign the storage to another PV yet.
To manually reclaim the PV, you need to follow the following steps:
Step 1: Delete the PV, this can be done by executing the following command
$oc delete  
Step 2: Now you need to clean up the data on the associated storage asset
Step 3: Now you can delete the associated storage asset or if you with to reuse the same storage asset you can now create a PV with the storage asset definition.
It is also possible to directly change the reclaim policy within OpenShift, to do this you would need to follow the following steps:
Step 1: Get a list of the PVs in your cluster
$oc get pv 
This will give you a list of all the PV’s in your cluster and will display their following attributes: Name, Capacity, Accesmodes, Reclaimpolicy, Statusclaim, Storageclass, Reason and Age.
Step 2: Now choose the PV you wish to change and execute one of the following command’s, depending on your preferred policy:
$oc patch pv  -p '{"spec":{"persistentVolumeReclaimPolicy":"Retain"}}' 
In this example the reclaim policy will be changed to Retain.
$oc patch pv  -p '{"spec":{"persistentVolumeReclaimPolicy":"Recycle"}}' 
In this example the reclaim policy will be changed to Recycle.
$oc patch pv  -p '{"spec":{"persistentVolumeReclaimPolicy":"Delete"}}' 
In this example the reclaim policy will be changed to Delete.

Step 3: After this you can check the PV to verify the change by executing this command again:
$oc get pv 

Monitoring

Within Red Hat OpenShift there is the possibility to monitor the data that has been created by your containers, applications, and pods. To do so, click on the menu option in the top left corner. Check if you are logged in as Developer and click on “Monitoring”. Normally this function is not activated within the CodeReady containers, because it uses a lot of resources (Ram and CPU) to run.
https://preview.redd.it/an0wvn6zitv51.png?width=228&format=png&auto=webp&s=51abf8cc31bd763deb457d49514f99ee81d610ec
Once you have activated “Monitoring” you can change the “Time Range” and “Refresh Interval” in the top right corner of your screen. This will change the monitoring data on your screen.
https://preview.redd.it/e0yvzsh1jtv51.png?width=493&format=png&auto=webp&s=b2c563635cfa60ea7ce2f9c146aa994df6aa1c34
Within this function you can also monitor “Events”. These events are records of important information and are useful for monitoring and troubleshooting within the OpenShift Container Platform.
https://preview.redd.it/l90vkmp3jtv51.png?width=602&format=png&auto=webp&s=4e97f14bedaec7ededcdcda96e7823f77ced24c2

User management

According to the documentation of OpenShift is a user, an entity that interacts with the OpenShift Container Platform API. These can be a developer for developing applications or an administrator for managing the cluster. Users can be assigned to groups, which set the permissions applied to all the group’s members. For example, you can give API access to a group, which gives all members of the group API access.
There are multiple ways to create a user depending on the configured identity provider. The DenyAll identity provider is the default within OpenShift Container Platform. This default denies access for all the usernames and passwords.
First, we’re going to create a new user, the way this is done depends on the identity provider, this depends on the mapping method used as part of the identity provider configuration.
for more information on what mapping methods are and how they function:
https://docs.openshift.com/enterprise/3.1/install_config/configuring_authentication.html
With the default mapping method, the steps will be as following
$oc create user  
Next up, we’ll create an OpenShift Container Platform Identity. Use the name of the identity provider and the name that uniquely represents this identity in the scope of the identity provider:
$oc create identity : 
The is the name of the identity provider in the master configuration. For example, the following commands create an Identity with identity provider ldap_provider and the identity provider username mediawiki_s.
$oc create identity ldap_provider:mediawiki_s 
Create a useidentity mapping for the created user and identity:
$oc create useridentitymapping :  
For example, the following command maps the identity to the user:
$oc create useridentitymapping ldap_provider:mediawiki_s mediawiki 
Now were going to assign a role to this new user, this can be done by executing the following command:
$oc create clusterrolebinding  \ --clusterrole= --user= 
There is a --clusterrole option that can be used to give the user a specific role, like a cluster user with admin privileges. The cluster admin has access to all files and is able to manage the access level of other users.
Below is an example of the admin clusterrole command:
$oc create clusterrolebinding registry-controller \ --clusterrole=cluster-admin --user=admin 

What did you achieve?

If you followed all the steps within this manual you now should have a functioning Mediawiki Application running on your own CodeReady Containers. During the installation of this application on CodeReady Containers you have learned how to do the following things:
● Installing the CodeReady Containers
● Updating OpenShift
● Configuring a CodeReady Container
● Configuring the DNS
● Accessing the OpenShift cluster
● Deploying an application
● Creating new users
With these skills you’ll be able to set up your own Container Platform environment and host applications of your choosing.

Troubleshooting

Nameserver
There is the possibility that your CodeReady container can't connect to the internet due to a Nameserver error. When this is encountered a working fix for us was to stop the machine and then start the CRC machine with the following command:
C:\Users\[username]\$PATH>crc start -n 1.1.1.1 
Hyper-V admin
Should you run into a problem with Hyper-V it might be because your user is not an admin and therefore can’t access the Hyper-V admin user group.
  1. Click Start > Control Panel > Administration Tools > Computer Management. The Computer Management window opens.
  2. Click System Tools > Local Users and Groups > Groups. The list of groups opens.
  3. Double-click the Hyper-V Administrators group. The Hyper-V Administrators Properties window opens.
  4. Click Add. The Select Users or Groups window opens.
  5. In the Enter the object names to select field, enter the user account name to whom you want to assign permissions, and then click OK.
  6. Click Apply, and then click OK.

Terms and definitions

These terms and definitions will be expanded upon, below you can see an example of how this is going to look like together with a few terms that will require definitions.
Kubernetes is an open-source system for automating deployment, scaling, and management of containerized applications. Openshift is based on Kubernetes.
Clusters are a collection of multiple nodes which communicate with each other to perform a set of operations.
Containers are the basic units of OpenShift applications. These container technologies are lightweight mechanisms for isolating running processes so that they are limited to interacting with only their designated resources.
CodeReady Container is a minimal, preconfigured cluster that is used for development and testing purposes.
CodeReady Workspaces uses Kubernetes and containers to provide any member of the development or IT team with a consistent, secure, and zero-configuration development environment.

Sources

  1. https://www.ibm.com/support/knowledgecenteen/SSMKFH/com.ibm.apmaas.doc/install/hyperv_config_add_nonadmin_user_hyperv_usergroup.html
  2. https://access.redhat.com/documentation/en-us/openshift_container_platform/4.5/
  3. https://docs.openshift.com/container-platform/3.11/admin_guide/manage_users.html
submitted by Groep6HHS to openshift [link] [comments]

./play.it 2.12: API, GUI and video games

./play.it 2.12: API, GUI and video games

./play.it is a free/libre software that builds native packages for several Linux distributions from DRM-free installers for a collection of commercial games. These packages can then be installed using the standard distribution-provided tools (APT, pacman, emerge, etc.).
A more complete description of ./play.it has already been posted in linux_gaming a couple months ago: ./play.it, an easy way to install commercial games on GNU/Linux
It's already been one year since version 2.11 was released, in January 2019. We will only briefly review the changelog of version 2.12 and focus on the different points of ./play.it that kept us busy during all this time, and of which coding was only a small part.

What’s new with 2.12?

Though not the focus of this article, it would be a pity not to present all the added features of this brand new version. ;)
Compared to the usual updates, 2.12 is a major one, especially since for two years, we slowed down the addition of new features. Some patches took dust since the end of 2018 before finally be integrated in this update!
The list of changes for this 2.12 release can be found on our forge. Here is a full copy for convenience:

Development migration

History

As many free/libre projects, ./play.it development started on some random sector of a creaking hard drive, and unsurprisingly, a whole part of its history (everything predating version 1.13.15 released on Mars 30th, 2016) disappeared into the limbs because some unwise operation destroyed the only copy of the repository… Lesson learned, what's not shared don't stay long, and so was born the first public Git repository of the project. The easing of collaborative work was only accidentally achieved by this quest for eternity, but wasn't the original motivation for making the repository publicly available.
Following this decision, ./play.it source code has been hosted successively by many shared forge platforms:

Dedicated forge

As development progressed, ./play.it began to increase its need for resources, dividing its code into several repositories to improve the workflow of the different aspects of the projects, adding continuous integration tests and their constraints, etc. A furious desire to understand the nooks and crannies behind a forge platform was the last deciding factor towards hosting a dedicated forge.
So it happened, we deployed a forge platform on a dedicated server, hugely benefiting from the tremendous work achieved by the GitLab's package Debian Maintainers team. In return, we tried to contribute our findings in improving this software packaging.
That was not expected, but this migration happened just a little time before the announcement “Déframasoftisons Internet !” (French article) about the planned end of Framagit.
This dedicated instance used to be hosted on a VPS rented from Digital Ocean until the second half of July 2020, and since then has been moved to another VPS, rented from Hetzner. The specifications are similar, as well as the service, but thanks to this migration our hosting costs have been cut in half. Keeping in mind that this is paid by a single person, so any little donation helps a lot on this front. ;)
To the surprise of our system administrator, this last migration took only a couple hours with no service interruption reported by our users.

Forge access

This new forge can be found at forge.dotslashplay.it. Registrations are open to the public, but we ask you to not abuse this, the main restriction being that we do not wish to host projects unrelated to ./play.it. Of course exceptions are made for our active contributors, who are allowed to host some personal projects there.
So, if you wish to use this forge to host your own work, you first need to make some significant contributions to ./play.it.

API

The collection of supported games growing endlessly, we have started the development of a public API allowing access to lots of information related to ./play.it.
This API, which is not yet stabilized, is simply an interface to a versioned database containing all the ./play.it scripts, handled archives, games installable through the project. Relations are, of course, handled between those items, enabling its use for requests like : « What packages are required on my system to install Cæsar Ⅲ ? » or « What are the free (as in beer) games handled via DOSBox ? ».
Originally developed as support for the new, in-development, Web site (we'll talk about it later on), this API should facilitate the development of tools around ./play.it. For example, it'll be useful for whomever would like to build a complete video game handling software (downloading, installation, starting, etc.) using ./play.it as one of its building bricks.
For those curious about the technical side, it's an API based on Lumeneffectuant that makes requests on a MariaDB database, all self-hosted on a Debian Sid. Not only is the code of the API versioned on our forge, but also the structure and content of the databases, which will allow those who desired it to install a local version easily.

New website

Based on the aforementioned API, a new website is under development and will replace our current website based on DokuWiki.
Indeed, if the lack of database and the plain text files structure of DokuWiki seemed at first attractive, as ./play.it supported only a handful of games (link in French), this feature became more inconvenient as the library of ./play.it supported games grew.
We shall make an in-depth presentation of this website for the 2.13 release of ./play.it, but a public demo of the development version from our forge is already available.
If you feel like providing an helping hand on this task, some priority tasks have been identified to allow opening a new Web site able to replace the current one. And for those interested in technical details, this web Site was developed in PHP using the framework Laravel. The current in-development version is hosted for now on the same Debian Sid than the API.

GUI

A regular comment that is done about the project is that, if the purpose is to make installing games accessible to everyone without technical skills, having to run scripts in the terminal remains somewhat intimidating. Our answer until now has been that while the project itself doesn't aim to providing a graphical interface (KISS principle "Keep it simple, stupid"), still and always), but that it would be relatively easy to, later on, develop a graphical front-end to it.
Well, it happens that is now reality. Around the time of our latest publication, one of our contributors, using the API we just talked about, developed a small prototype that is usable enough to warrant a little shout out. :-)
In practice, it is some small Python 3 code (an HCI completely in POSIX shell is for a later date :-°), using GTK 3 (and still a VTE terminal to display the commands issued, but the user shouldn't have to input anything in it, except perhaps the root password to install some packages). This allowed to verify that, as we used to say, it would be relatively easy, since a script of less than 500 lines of code (written quickly over a week-end) was enough to do the job !
Of course, this graphical interface project stays independent from the main project, and is maintained in a specific repository. It seems interesting to us to promote it in order to ease the use of ./play.it, but this doesn't prevent any other similar projects to be born, for example using a different language or graphical toolkit (we, globally, don't have any particular affinity towards Python or GTK).
The use of this HCI needs three steps : first, a list of available games is displayed, coming directly from our API. You just need to select in the list (optionally using the search bar) the game you want to install. Then it switches to a second display, which list the required files. If several alternatives are available, the user can select the one he wants to use. All those files must be in the same directory, the address bar on the top enabling to select which one to use (click on the open button on the top opens a filesystem navigation window). Once all those files available (if they can be downloaded, the software will do it automatically), you can move ahead to the third step, which is just watching ./play.it do its job :-) Once done, a simple click on the button on the bottom will run the game (even if, from this step, the game is fully integrated on your system as usual, you no longer need this tool to run it).
To download potentially missing files, the HCI will use, depending on what's available on the system, either wget, curl or aria2c (this last one also handling torrents), of which the output will be displayed in the terminal of the third phase, just before running the scripts. For privilege escalation to install packages, sudo will be used preferentially if available (with the option to use a third-party application for password input, if the corresponding environment variable is set, which is more user-friendly), else su will be used.
Of course, any suggestion for an improvement will be received with pleasure.

New games

Of course, such an announcement would not be complete without a list of the games that got added to our collection since the 2.11 release… So here you go:
If your favourite game is not supported by ./play.it yet, you should ask for it in the dedicated tracker on our forge. The only requirement to be a valid request is that there exists a version of the game that is not burdened by DRM.

What’s next?

Our team being inexhaustible, work on the future 2.13 version has already begun…
A few major objectives of this next version are :
If your desired features aren't on this list, don't hesitate to signal it us, in the comments of this news release. ;)

Links

submitted by vv224 to linux_gaming [link] [comments]

CLI & GUI v0.16.0.3 'Nitrogen Nebula' released!

This is the CLI & GUI v0.16.0.3 'Nitrogen Nebula' point release. This release predominantly features bug fixes and performance improvements.

(Direct) download links (GUI)

(Direct) download links (CLI)

GPG signed hashes

We encourage users to check the integrity of the binaries and verify that they were signed by binaryFate's GPG key. A guide that walks you through this process can be found here for Windows and here for Linux and Mac OS X.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 # This GPG-signed message exists to confirm the SHA256 sums of Monero binaries. # # Please verify the signature against the key for binaryFate in the # source code repository (/utils/gpg_keys). # # ## CLI 75b198869a3a117b13b9a77b700afe5cee54fd86244e56cb59151d545adbbdfd monero-android-armv7-v0.16.0.3.tar.bz2 b48918a167b0961cdca524fad5117247239d7e21a047dac4fc863253510ccea1 monero-android-armv8-v0.16.0.3.tar.bz2 727a1b23fbf517bf2f1878f582b3f5ae5c35681fcd37bb2560f2e8ea204196f3 monero-freebsd-x64-v0.16.0.3.tar.bz2 6df98716bb251257c3aab3cf1ab2a0e5b958ecf25dcf2e058498783a20a84988 monero-linux-armv7-v0.16.0.3.tar.bz2 6849446764e2a8528d172246c6b385495ac60fffc8d73b44b05b796d5724a926 monero-linux-armv8-v0.16.0.3.tar.bz2 cb67ad0bec9a342b0f0be3f1fdb4a2c8d57a914be25fc62ad432494779448cc3 monero-linux-x64-v0.16.0.3.tar.bz2 49aa85bb59336db2de357800bc796e9b7d94224d9c3ebbcd205a8eb2f49c3f79 monero-linux-x86-v0.16.0.3.tar.bz2 16a5b7d8dcdaff7d760c14e8563dd9220b2e0499c6d0d88b3e6493601f24660d monero-mac-x64-v0.16.0.3.tar.bz2 5d52712827d29440d53d521852c6af179872c5719d05fa8551503d124dec1f48 monero-win-x64-v0.16.0.3.zip ff094c5191b0253a557be5d6683fd99e1146bf4bcb99dc8824bd9a64f9293104 monero-win-x86-v0.16.0.3.zip # ## GUI 50fe1d2dae31deb1ee542a5c2165fc6d6c04b9a13bcafde8a75f23f23671d484 monero-gui-install-win-x64-v0.16.0.3.exe 20c03ddb1c82e1bcb73339ef22f409e5850a54042005c6e97e42400f56ab2505 monero-gui-linux-x64-v0.16.0.3.tar.bz2 574a84148ee6af7119fda6b9e2859e8e9028fe8a8eec4dfdd196aeade47e9c90 monero-gui-mac-x64-v0.16.0.3.dmg 371cb4de2c9ccb5ed99b2622068b6aeea5bdfc7b9805340ea7eb92e7c17f2478 monero-gui-win-x64-v0.16.0.3.zip # # # ~binaryFate -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEgaxZH+nEtlxYBq/D8K9NRioL35IFAl81bL8ACgkQ8K9NRioL 35J+UA//bgY6Mhikh8Cji8i2bmGXEmGvvWMAHJiAtAG2lgW3BT9BHAFMfEpUP5rk svFNsUY/Uurtzxwc/myTPWLzvXVMHzaWJ/EMKV9/C3xrDzQxRnl/+HRS38aT/D+N gaDjchCfk05NHRIOWkO3+2Erpn3gYZ/VVacMo3KnXnQuMXvAkmT5vB7/3BoosOU+ B1Jg5vPZFCXyZmPiMQ/852Gxl5FWi0+zDptW0jrywaS471L8/ZnIzwfdLKgMO49p Fek1WUUy9emnnv66oITYOclOKoC8IjeL4E1UHSdTnmysYK0If0thq5w7wIkElDaV avtDlwqp+vtiwm2svXZ08rqakmvPw+uqlYKDSlH5lY9g0STl8v4F3/aIvvKs0bLr My2F6q9QeUnCZWgtkUKsBy3WhqJsJ7hhyYd+y+sBFIQH3UVNv5k8XqMIXKsrVgmn lRSolLmb1pivCEohIRXl4SgY9yzRnJT1OYHwgsNmEC5T9f019QjVPsDlGNwjqgqB S+Theb+pQzjOhqBziBkRUJqJbQTezHoMIq0xTn9j4VsvRObYNtkuuBQJv1wPRW72 SPJ53BLS3WkeKycbJw3TO9r4BQDPoKetYTE6JctRaG3pSG9VC4pcs2vrXRWmLhVX QUb0V9Kwl9unD5lnN17dXbaU3x9Dc2pF62ZAExgNYfuCV/pTJmc= =bbBm -----END PGP SIGNATURE----- 

Upgrading (GUI)

Note that you should be able to utilize the automatic updater in the GUI that was recently added. A pop-up will appear with the new binary.
In case you want to update manually, you ought to perform the following steps:
  1. Download the new binaries (the .zip file (Windows) or the tar.bz2 file (Mac OS X and Linux)) from the direct download links in this thread or from the official website. If you run active AV (AntiVirus) software, I'd recommend to apply this guide -> https://monero.stackexchange.com/questions/10798/my-antivirus-av-software-blocks-quarantines-the-monero-gui-wallet-is-there
  2. Extract the new binaries (the .zip file (Windows) or the tar.bz2 file (Mac OS X and Linux) you just downloaded) to a new directory / folder of your liking.
  3. Open monero-wallet-gui. It should automatically load your "old" wallet.
If, for some reason, the GUI doesn't automatically load your old wallet, you can open it as follows:
[1] On the second page of the wizard (first page is language selection) choose Open a wallet from file
[2] Now select your initial / original wallet. Note that, by default, the wallet files are located in Documents\Monero\ (Windows), Users//Monero/ (Mac OS X), or home//Monero/ (Linux).
Lastly, note that a blockchain resync is not needed, i.e., it will simply pick up where it left off.

Upgrading (CLI)

You ought to perform the following steps:
  1. Download the new binaries (the .zip file (Windows) or the tar.bz2 file (Mac OS X and Linux)) from the official website, the direct download links in this thread, or Github.
  2. Extract the new binaries to a new directory of your liking.
  3. Copy over the wallet files from the old directory (i.e. the v0.15.x.x or v0.16.0.x directory).
  4. Start monerod and monero-wallet-cli (in case you have to use your wallet).
Note that a blockchain resync is not needed. Thus, if you open monerod-v0.16.0.3, it will simply pick up where it left off.

Release notes (GUI)

  • macOS app is now notarized by Apple
  • CMake improvments
  • Add support for IPv6 remote nodes
  • Add command history to Logs page
  • Add "Donate to Monero" button
  • Indicate probability of finding a block on Mining page
  • Minor bug fixes
Note that you can find a full change log here.

Release notes (CLI)

  • DoS fixes
  • Add option to print daily coin emission and fees in monero-blockchain-stats
  • Minor bug fixes
Note that you can find a full change log here.

Further remarks

  • A guide on pruning can be found here.
  • Ledger Monero users, please be aware that version 1.6.0 of the Ledger Monero App is required in order to properly use CLI or GUI v0.16.

Guides on how to get started (GUI)

https://github.com/monero-ecosystem/monero-GUI-guide/blob/mastemonero-GUI-guide.md
Older guides: (These were written for older versions, but are still somewhat applicable)
Sheep’s Noob guide to Monero GUI in Tails
https://medium.com/@Electricsheep56/the-monero-gui-wallet-broken-down-in-plain-english-bd2889b8c202

Ledger GUI guides:

How do I generate a Ledger Monero wallet with the GUI (monero-wallet-gui)?
How do I restore / recreate my Ledger Monero wallet?

Trezor GUI guides:

How do I generate a Trezor Monero wallet with the GUI (monero-wallet-gui)?
How to use Monero with Trezor - by Trezor
How do I restore / recreate my Trezor Monero wallet?

Ledger & Trezor CLI guides

Guides to resolve common issues (GUI)

My antivirus (AV) software blocks / quarantines the Monero GUI wallet, is there a work around I can utilize?
I am missing (not seeing) a transaction to (in) the GUI (zero balance)
Transaction stuck as “pending” in the GUI
How do I move the blockchain (data.mdb) to a different directory during (or after) the initial sync without losing the progress?
I am using the GUI and my daemon doesn't start anymore
My GUI feels buggy / freezes all the time
The GUI uses all my bandwidth and I can't browse anymore or use another application that requires internet connection
How do I change the language of the 25 word mnemonic seed in the GUI or CLI?
I am using remote node, but the GUI still syncs blockchain?

Using the GUI with a remote node

In the wizard, you can either select Simple mode or Simple mode (bootstrap) to utilize this functionality. Note that the GUI developers / contributors recommend to use Simple mode (bootstrap) as this mode will eventually use your own (local) node, thereby contributing to the strength and decentralization of the network. Lastly, if you manually want to set a remote node, you ought to use Advanced mode. A guide can be found here:
https://www.getmonero.org/resources/user-guides/remote_node_gui.html

Adding a new language to the GUI

https://github.com/monero-ecosystem/monero-translations/blob/masteweblate.md
If, after reading all these guides, you still require help, please post your issue in this thread and describe it in as much detail as possible. Also, feel free to post any other guides that could help people.
submitted by dEBRUYNE_1 to Monero [link] [comments]

GSAT linux live cd (how to easily and safely stress test memory)

Skip to the bottom if you don't care about the technicalities of how this was made.
I stumbled upon this thread over at overclock.net featuring a linux live cd that has GSAT built in. I decided to try and improve upon this despite my very limited linux knowledge and managed to create a fully automatic linux live cd image that automatically runs GSAT once you boot your PC from it meaning you don't have to fear corrupting your windows install when testing memory stability unlike with windows based RAM testers and because it's GSAT it should be atleast as reliable as any windows based utility. Google themselves developed this and use this to test memory along with Asus.
This is how I made this:
I started by downloading a fresh 64bit TinyCore linux image from here (CorePure64-10.1.iso). I also downloaded the image made by ToBeOC and extracted the compiled stressapptest binary from /uslocal/bin (using 7-Zip). Then I extracted boot/corepure64.gz from the clean TinyCore image I downloaded previously and moved that over to a Ubuntu 19.10 virtual machine where I did the following:
  1. Created a new folder (called 123) on my desktop and moved corepure64.gz there and opened a terminal window where I first switched directories to my newly created folder with cd 123 and then switched to root with sudo su.
  2. Extracted corepure64.gz with the following command: zcat corepure64.gz | cpio -i -H newc -d (which I found here)
  3. Opened the file explorer with root permissions by running this command: nautilus
  4. Navigated to /home/useDesktop/123/uslocal/bin in the file explorer.
  5. Copied the stresstestapp binary over to that directory and made it executable by right clicking on it, going to properties, opening the Permissions tab and and checking "Allow executing file as program".
  6. Navigated to /home/useDesktop/123/etc/profile.d and placed a file called gsat.sh which I made there which I also marked as executable just like in the previous step. This is just a text file which you can open in notepad++ and edit if you wish. Make sure to save it with linux file endings (Edit > EOL Conversion in notepad++) if you edit it!
  7. Blanked out /home/useDesktop/123/etc/motd (this step isn't necessary just removes the TinyCore linux motd).
  8. Opened the 123 folder on my desktop again and deleted the old corepure64.gz
  9. Repacked corepure64.gz by running the following command using the terminal window I opened previously that was already in the right directory and running as root: find | cpio -o -H newc | gzip -2 > /home/useDesktop/corepure64.gz
  10. Moved the new corepure64.gz back to Windows.
In Windows I then used UltraISO to open the clean CorePure64-10.1.iso file and there opened the boot directory where I dragged and dropped the new corepure64.gz file replacing the old one. I then opened the isolinux directory and extracted the isolinux.cfg file, opened that in notepad++ and changed prompt 1 to prompt 0 and then moved that back in and replaced the old isolinux.cfg file. Then I simply choose Save As in UltraISO and saved the modified iso file.
The final product is just 15mb in size and can be flashed to any usb drive using Rufus. I tested this iso file in a virtual machine but also on 2 different physical machines once flashed to a usb drive (my main Ryzen rig and an older Intel PC).

You can download the final iso file from here: https://drive.google.com/uc?id=1TyeNihg6bKIrmyNwtJ7Fc3asD7XBnXsq&export=download

Here's how to use it:
  1. Download Rufus and flash the iso file to an empty usb flash drive.
  2. Reboot your PC and enter your BIOS (this is usually done by spamming the DEL key while your PC is booting up).
  3. Make sure secure boot is disabled (probably already is) and that CSM is Enabled. Check your motherboard manual which you can find online or google for more indepth instructions.
  4. Save your changes by pressing F10 after which your PC will reboot. Now you need to access your PCs boot menu which is usually F8 but not always, again check your motherboard manual for the exact key. You can also re-enter your BIOS and look for a boot override option or change your boot order. Pick your usb flash drive and boot your PC from it.
  5. That's it. The stress test will automatically start and you can let it run for as long as you wish. I recommend running it over night for a throughout test but a quick 1 hour test should also suffice. Once you are ready to stop the test press CTRL+C to see the results. If it says PASS that means no errors were detected. If it says FAIL errors were detected and your memory settings aren't stable.
Here's a quick screen capture of what it looks like: https://streamable.com/4v06w
Lastly I want to thank ToBeOC for doing all the heavy lifting. And if anyone reading this has more experience with linux and in particular remastering a TinyCore linux iso by all means release a iso done "right" since this is a just a dirty mash up and the best I managed with my limited skills. I just wanted something that anyone with zero linux experience can use where you don't have to remember any commands just plug a usb stick in and boot from it.
submitted by 4wh457 to Amd [link] [comments]

Vault 7 - CIA Hacking Tools Revealed

Vault 7 - CIA Hacking Tools Revealed
March 07, 2017
from Wikileaks Website


https://preview.redd.it/9ufj63xnfdb41.jpg?width=500&format=pjpg&auto=webp&s=46bbc937f4f060bad1eaac3e0dce732e3d8346ee

Press Release
Today, Tuesday 7 March 2017, WikiLeaks begins its new series of leaks on the U.S. Central Intelligence Agency.
Code-named "Vault 7" by WikiLeaks, it is the largest ever publication of confidential documents on the agency.
The first full part of the series, "Year Zero", comprises 8,761 documents and files from an isolated, high-security network situated inside the CIA's Center for Cyber Intelligence (below image) in Langley, Virgina.
It follows an introductory disclosure last month of CIA targeting French political parties and candidates in the lead up to the 2012 presidential election.
Recently, the CIA lost control of the majority of its hacking arsenal including,
  1. malware
  2. viruses
  3. trojans
  4. weaponized "zero day" exploits
  5. malware remote control systems

...and associated documentation.
This extraordinary collection, which amounts to more than several hundred million lines of code, gives its possessor the entire hacking capacity of the CIA.
The archive appears to have been circulated among former U.S. government hackers and contractors in an unauthorized manner, one of whom has provided WikiLeaks with portions of the archive.
"Year Zero" introduces the scope and direction of the CIA's global covert hacking program, its malware arsenal and dozens of "zero day" weaponized exploits against a wide range of U.S. and European company products, include,

  1. Apple's iPhone
  2. Google's Android
  3. Microsoft's Windows
  4. Samsung TVs,

...which are turned into covert microphones.
Since 2001 the CIA has gained political and budgetary preeminence over the U.S. National Security Agency (NSA).
The CIA found itself building not just its now infamous drone fleet, but a very different type of covert, globe-spanning force - its own substantial fleet of hackers.
The agency's hacking division freed it from having to disclose its often controversial operations to the NSA (its primary bureaucratic rival) in order to draw on the NSA's hacking capacities.
By the end of 2016, the CIA's hacking division, which formally falls under the agency's Center for Cyber Intelligence (CCI - below image), had over 5000 registered users and had produced more than a thousand,
hacking systems trojans viruses,
...and other "weaponized" malware.


https://preview.redd.it/3jsojkqxfdb41.jpg?width=366&format=pjpg&auto=webp&s=e92eafbb113ab3e972045cc242dde0f0dd511e96

Such is the scale of the CIA's undertaking that by 2016, its hackers had utilized more codes than those used to run Facebook.
The CIA had created, in effect, its "own NSA" with even less accountability and without publicly answering the question as to whether such a massive budgetary spend on duplicating the capacities of a rival agency could be justified.
In a statement to WikiLeaks the source details policy questions that they say urgently need to be debated in public, including whether the CIA's hacking capabilities exceed its mandated powers and the problem of public oversight of the agency.
The source wishes to initiate a public debate about the security, creation, use, proliferation and democratic control of cyberweapons.
Once a single cyber 'weapon' is 'loose' it can spread around the world in seconds, to be used by rival states, cyber mafia and teenage hackers alike.

Julian Assange, WikiLeaks editor stated that,
"There is an extreme proliferation risk in the development of cyber 'weapons'.
Comparisons can be drawn between the uncontrolled proliferation of such 'weapons', which results from the inability to contain them combined with their high market value, and the global arms trade.
But the significance of 'Year Zero' goes well beyond the choice between cyberwar and cyberpeace. The disclosure is also exceptional from a political, legal and forensic perspective."

Wikileaks has carefully reviewed the "Year Zero" disclosure and published substantive CIA documentation while avoiding the distribution of 'armed' cyberweapons until a consensus emerges on the technical and political nature of the CIA's program and how such 'weapons' should analyzed, disarmed and published.

Wikileaks has also decided to Redact (see far below) and Anonymize some identifying information in "Year Zero" for in depth analysis. These redactions include ten of thousands of CIA targets and attack machines throughout,
Latin America Europe the United States

While we are aware of the imperfect results of any approach chosen, we remain committed to our publishing model and note that the quantity of published pages in "Vault 7" part one ("Year Zero") already eclipses the total number of pages published over the first three years of the Edward Snowden NSA leaks.

Analysis

CIA malware targets iPhone, Android, smart TVs
CIA malware and hacking tools are built by EDG (Engineering Development Group), a software development group within CCI (Center for Cyber Intelligence), a department belonging to the CIA's DDI (Directorate for Digital Innovation).
The DDI is one of the five major directorates of the CIA (see above image of the CIA for more details).
The EDG is responsible for the development, testing and operational support of all backdoors, exploits, malicious payloads, trojans, viruses and any other kind of malware used by the CIA in its covert operations world-wide.
The increasing sophistication of surveillance techniques has drawn comparisons with George Orwell's 1984, but "Weeping Angel", developed by the CIA's Embedded Devices Branch (EDB), which infests smart TVs, transforming them into covert microphones, is surely its most emblematic realization.
The attack against Samsung smart TVs was developed in cooperation with the United Kingdom's MI5/BTSS.
After infestation, Weeping Angel places the target TV in a 'Fake-Off' mode, so that the owner falsely believes the TV is off when it is on. In 'Fake-Off' mode the TV operates as a bug, recording conversations in the room and sending them over the Internet to a covert CIA server.
As of October 2014 the CIA was also looking at infecting the vehicle control systems used by modern cars and trucks. The purpose of such control is not specified, but it would permit the CIA to engage in nearly undetectable assassinations.
The CIA's Mobile Devices Branch (MDB) developed numerous attacks to remotely hack and control popular smart phones. Infected phones can be instructed to send the CIA the user's geolocation, audio and text communications as well as covertly activate the phone's camera and microphone.
Despite iPhone's minority share (14.5%) of the global smart phone market in 2016, a specialized unit in the CIA's Mobile Development Branch produces malware to infest, control and exfiltrate data from iPhones and other Apple products running iOS, such as iPads.
CIA's arsenal includes numerous local and remote "zero days" developed by CIA or obtained from GCHQ, NSA, FBI or purchased from cyber arms contractors such as Baitshop.
The disproportionate focus on iOS may be explained by the popularity of the iPhone among social, political, diplomatic and business elites.
A similar unit targets Google's Android which is used to run the majority of the world's smart phones (~85%) including Samsung, HTC and Sony. 1.15 billion Android powered phones were sold last year.
"Year Zero" shows that as of 2016 the CIA had 24 "weaponized" Android "zero days" which it has developed itself and obtained from GCHQ, NSA and cyber arms contractors.
These techniques permit the CIA to bypass the encryption of, WhatsApp
  1. Signal
  2. Telegram
  3. Wiebo
  4. Confide
  5. Cloackman
...by hacking the "smart" phones that they run on and collecting audio and message traffic before encryption is applied.
CIA malware targets Windows, OSx, Linux, routers
The CIA also runs a very substantial effort to infect and control Microsoft Windows users with its malware.
This includes multiple local and remote weaponized "zero days", air gap jumping viruses such as "Hammer Drill" which infects software distributed on CD/DVDs, infectors for removable media such as USBs, systems to hide data in images or in covert disk areas ("Brutal Kangaroo") and to keep its malware infestations going.
Many of these infection efforts are pulled together by the CIA's Automated Implant Branch (AIB), which has developed several attack systems for automated infestation and control of CIA malware, such as "Assassin" and "Medusa".
Attacks against Internet infrastructure and webservers are developed by the CIA's Network Devices Branch (NDB).
The CIA has developed automated multi-platform malware attack and control systems covering Windows, Mac OS X, Solaris, Linux and more, such as EDB's "HIVE" and the related "Cutthroat" and "Swindle" tools, which are described in the examples section far below.
CIA 'hoarded' vulnerabilities ("zero days")
In the wake of Edward Snowden's leaks about the NSA, the U.S. technology industry secured a commitment from the Obama administration that the executive would disclose on an ongoing basis - rather than hoard - serious vulnerabilities, exploits, bugs or "zero days" to Apple, Google, Microsoft, and other US-based manufacturers.
Serious vulnerabilities not disclosed to the manufacturers places huge swathes of the population and critical infrastructure at risk to foreign intelligence or cyber criminals who independently discover or hear rumors of the vulnerability.
If the CIA can discover such vulnerabilities so can others.
The U.S. government's commitment to the Vulnerabilities Equities Process came after significant lobbying by US technology companies, who risk losing their share of the global market over real and perceived hidden vulnerabilities.
The government stated that it would disclose all pervasive vulnerabilities discovered after 2010 on an ongoing basis.
"Year Zero" documents show that the CIA breached the Obama administration's commitments. Many of the vulnerabilities used in the CIA's cyber arsenal are pervasive and some may already have been found by rival intelligence agencies or cyber criminals.
As an example, specific CIA malware revealed in "Year Zero" is able to penetrate, infest and control both the Android phone and iPhone software that runs or has run presidential Twitter accounts.
The CIA attacks this software by using undisclosed security vulnerabilities ("zero days") possessed by the CIA but if the CIA can hack these phones then so can everyone else who has obtained or discovered the vulnerability.
As long as the CIA keeps these vulnerabilities concealed from Apple and Google (who make the phones) they will not be fixed, and the phones will remain hackable.
The same vulnerabilities exist for the population at large, including the U.S. Cabinet, Congress, top CEOs, system administrators, security officers and engineers.
By hiding these security flaws from manufacturers like Apple and Google the CIA ensures that it can hack everyone at the expense of leaving everyone hackable.
'Cyberwar' programs are a serious proliferation risk
Cyber 'weapons' are not possible to keep under effective control.
While nuclear proliferation has been restrained by the enormous costs and visible infrastructure involved in assembling enough fissile material to produce a critical nuclear mass, cyber 'weapons', once developed, are very hard to retain.
Cyber 'weapons' are in fact just computer programs which can be pirated like any other. Since they are entirely comprised of information they can be copied quickly with no marginal cost.
Securing such 'weapons' is particularly difficult since the same people who develop and use them have the skills to exfiltrate copies without leaving traces - sometimes by using the very same 'weapons' against the organizations that contain them.
There are substantial price incentives for government hackers and consultants to obtain copies since there is a global "vulnerability market" that will pay hundreds of thousands to millions of dollars for copies of such 'weapons'.
Similarly, contractors and companies who obtain such 'weapons' sometimes use them for their own purposes, obtaining advantage over their competitors in selling 'hacking' services.
Over the last three years the United States intelligence sector, which consists of government agencies such as the CIA and NSA and their contractors, such as Booz Allan Hamilton, has been subject to unprecedented series of data exfiltrations by its own workers.
A number of intelligence community members not yet publicly named have been arrested or subject to federal criminal investigations in separate incidents.
Most visibly, on February 8, 2017 a U.S. federal grand jury indicted Harold T. Martin III with 20 counts of mishandling classified information.
The Department of Justice alleged that it seized some 50,000 gigabytes of information from Harold T. Martin III that he had obtained from classified programs at NSA and CIA, including the source code for numerous hacking tools.
Once a single cyber 'weapon' is 'loose' it can spread around the world in seconds, to be used by peer states, cyber mafia and teenage hackers alike.
U.S. Consulate in Frankfurt is a covert CIA hacker base
In addition to its operations in Langley, Virginia the CIA also uses the U.S. consulate in Frankfurt as a covert base for its hackers covering Europe, the Middle East and Africa.
CIA hackers operating out of the Frankfurt consulate ("Center for Cyber Intelligence Europe" or CCIE) are given diplomatic ("black") passports and State Department cover.
The instructions for incoming CIA hackers make Germany's counter-intelligence efforts appear inconsequential: "Breeze through German Customs because you have your cover-for-action story down pat, and all they did was stamp your passport" Your Cover Story (for this trip) Q: Why are you here? A: Supporting technical consultations at the Consulate. Two earlier WikiLeaks publications give further detail on CIA approaches to customs and secondary screening procedures.
Once in Frankfurt CIA hackers can travel without further border checks to the 25 European countries that are part of the Shengen open border area - including France, Italy and Switzerland.
A number of the CIA's electronic attack methods are designed for physical proximity.
These attack methods are able to penetrate high security networks that are disconnected from the internet, such as police record database. In these cases, a CIA officer, agent or allied intelligence officer acting under instructions, physically infiltrates the targeted workplace.
The attacker is provided with a USB containing malware developed for the CIA for this purpose, which is inserted into the targeted computer. The attacker then infects and exfiltrates data to removable media.
For example, the CIA attack system Fine Dining, provides 24 decoy applications for CIA spies to use.
To witnesses, the spy appears to be running a program showing videos (e.g VLC), presenting slides (Prezi), playing a computer game (Breakout2, 2048) or even running a fake virus scanner (Kaspersky, McAfee, Sophos).
But while the decoy application is on the screen, the underlying system is automatically infected and ransacked.
How the CIA dramatically increased proliferation risks
In what is surely one of the most astounding intelligence own goals in living memory, the CIA structured its classification regime such that for the most market valuable part of "Vault 7", the CIA's, weaponized malware (implants + zero days) Listening Posts (LP) Command and Control (C2) systems, ...the agency has little legal recourse.
The CIA made these systems unclassified.
Why the CIA chose to make its cyber-arsenal unclassified reveals how concepts developed for military use do not easily crossover to the 'battlefield' of cyber 'war'.
To attack its targets, the CIA usually requires that its implants communicate with their control programs over the internet.
If CIA implants, Command & Control and Listening Post software were classified, then CIA officers could be prosecuted or dismissed for violating rules that prohibit placing classified information onto the Internet.
Consequently the CIA has secretly made most of its cyber spying/war code unclassified. The U.S. government is not able to assert copyright either, due to restrictions in the U.S. Constitution.
This means that cyber 'arms' manufactures and computer hackers can freely "pirate" these 'weapons' if they are obtained. The CIA has primarily had to rely on obfuscation to protect its malware secrets.
Conventional weapons such as missiles may be fired at the enemy (i.e. into an unsecured area). Proximity to or impact with the target detonates the ordnance including its classified parts. Hence military personnel do not violate classification rules by firing ordnance with classified parts.
Ordnance will likely explode. If it does not, that is not the operator's intent.
Over the last decade U.S. hacking operations have been increasingly dressed up in military jargon to tap into Department of Defense funding streams.
For instance, attempted "malware injections" (commercial jargon) or "implant drops" (NSA jargon) are being called "fires" as if a weapon was being fired.
However the analogy is questionable.
Unlike bullets, bombs or missiles, most CIA malware is designed to live for days or even years after it has reached its 'target'. CIA malware does not "explode on impact" but rather permanently infests its target. In order to infect target's device, copies of the malware must be placed on the target's devices, giving physical possession of the malware to the target.
To exfiltrate data back to the CIA or to await further instructions the malware must communicate with CIA Command & Control (C2) systems placed on internet connected servers.
But such servers are typically not approved to hold classified information, so CIA command and control systems are also made unclassified.
A successful 'attack' on a target's computer system is more like a series of complex stock maneuvers in a hostile take-over bid or the careful planting of rumors in order to gain control over an organization's leadership rather than the firing of a weapons system.
If there is a military analogy to be made, the infestation of a target is perhaps akin to the execution of a whole series of military maneuvers against the target's territory including observation, infiltration, occupation and exploitation.
Evading forensics and anti-virus
A series of standards lay out CIA malware infestation patterns which are likely to assist forensic crime scene investigators as well as, Apple
  1. Microsoft
  2. Google
  3. Samsung
  4. Nokia
  5. Blackberry
  6. Siemens
  7. anti-virus companies,
...attribute and defend against attacks.
"Tradecraft DO's and DON'Ts" contains CIA rules on how its malware should be written to avoid fingerprints implicating the "CIA, US government, or its witting partner companies" in "forensic review".
Similar secret standards cover the, use of encryption to hide CIA hacker and malware communication (pdf) describing targets & exfiltrated data (pdf) executing payloads (pdf) persisting (pdf), ...in the target's machines over time.
CIA hackers developed successful attacks against most well known anti-virus programs.
These are documented in, AV defeats Personal Security Products Detecting and defeating PSPs PSP/DebuggeRE Avoidance For example, Comodo was defeated by CIA malware placing itself in the Window's "Recycle Bin". While Comodo 6.x has a "Gaping Hole of DOOM".
CIA hackers discussed what the NSA's "Equation Group" hackers did wrong and how the CIA's malware makers could avoid similar exposure.

Examples

The CIA's Engineering Development Group (EDG) management system contains around 500 different projects (only some of which are documented by "Year Zero") each with their own sub-projects, malware and hacker tools.
The majority of these projects relate to tools that are used for,
penetration infestation ("implanting") control exfiltration
Another branch of development focuses on the development and operation of Listening Posts (LP) and Command and Control (C2) systems used to communicate with and control CIA implants.
Special projects are used to target specific hardware from routers to smart TVs.
Some example projects are described below, but see the table of contents for the full list of projects described by WikiLeaks' "Year Zero".
UMBRAGE
The CIA's hand crafted hacking techniques pose a problem for the agency.
Each technique it has created forms a "fingerprint" that can be used by forensic investigators to attribute multiple different attacks to the same entity.
This is analogous to finding the same distinctive knife wound on multiple separate murder victims. The unique wounding style creates suspicion that a single murderer is responsible.
As soon one murder in the set is solved then the other murders also find likely attribution.
The CIA's Remote Devices Branch's UMBRAGE group collects and maintains a substantial library of attack techniques 'stolen' from malware produced in other states including the Russian Federation.
With UMBRAGE and related projects the CIA cannot only increase its total number of attack types but also misdirect attribution by leaving behind the "fingerprints" of the groups that the attack techniques were stolen from.
UMBRAGE components cover,
keyloggers
  1. password collection
  2. webcam capture
  3. data destruction
  4. persistence
  5. privilege escalation
  6. stealth
  7. anti-virus (PSP) avoidance
  8. survey techniques

Fine Dining
Fine Dining comes with a standardized questionnaire i.e menu that CIA case officers fill out.
The questionnaire is used by the agency's OSB (Operational Support Branch) to transform the requests of case officers into technical requirements for hacking attacks (typically "exfiltrating" information from computer systems) for specific operations.
The questionnaire allows the OSB to identify how to adapt existing tools for the operation, and communicate this to CIA malware configuration staff.
The OSB functions as the interface between CIA operational staff and the relevant technical support staff.
Among the list of possible targets of the collection are,
  • 'Asset'
  • 'Liason Asset'
  • 'System Administrator'
  • 'Foreign Information Operations'
  • 'Foreign Intelligence Agencies'
  • 'Foreign Government Entities'
Notably absent is any reference to extremists or transnational criminals. The 'Case Officer' is also asked to specify the environment of the target like the type of computer, operating system used, Internet connectivity and installed anti-virus utilities (PSPs) as well as a list of file types to be exfiltrated like Office documents, audio, video, images or custom file types.
The 'menu' also asks for information if recurring access to the target is possible and how long unobserved access to the computer can be maintained.
This information is used by the CIA's 'JQJIMPROVISE' software (see below) to configure a set of CIA malware suited to the specific needs of an operation.
Improvise (JQJIMPROVISE)
  1. 'Improvise' is a toolset for configuration, post-processing, payload setup and execution vector
  2. selection for survey/exfiltration tools supporting all major operating systems like,
  3. Windows (Bartender)
  4. MacOS (JukeBox)
  5. Linux (DanceFloor)
  6. Its configuration utilities like Margarita allows the NOC (Network Operation Center) to customize tools
based on requirements from 'Fine Dining' questionnaires.
HIVE
HIVE is a multi-platform CIA malware suite and its associated control software.
The project provides customizable implants for Windows, Solaris, MikroTik (used in internet routers) and Linux platforms and a Listening Post (LP)/Command and Control (C2) infrastructure to communicate with these implants.
The implants are configured to communicate via HTTPS with the webserver of a cover domain; each operation utilizing these implants has a separate cover domain and the infrastructure can handle any number of cover domains.
Each cover domain resolves to an IP address that is located at a commercial VPS (Virtual Private Server) provider.
The public-facing server forwards all incoming traffic via a VPN to a 'Blot' server that handles actual connection requests from clients.
It is setup for optional SSL client authentication: if a client sends a valid client certificate (only implants can do that), the connection is forwarded to the 'Honeycomb' toolserver that communicates with the implant.
If a valid certificate is missing (which is the case if someone tries to open the cover domain website by accident), the traffic is forwarded to a cover server that delivers an unsuspicious looking website.
The Honeycomb toolserver receives exfiltrated information from the implant; an operator can also task the implant to execute jobs on the target computer, so the toolserver acts as a C2 (command and control) server for the implant.
Similar functionality (though limited to Windows) is provided by the RickBobby project.
See the classified user and developer guides for HIVE.

Frequently Asked Questions

Why now?
WikiLeaks published as soon as its verification and analysis were ready. In February the Trump administration has issued an Executive Order calling for a "Cyberwar" review to be prepared within 30 days.
While the review increases the timeliness and relevance of the publication it did not play a role in setting the publication date.
Redactions
Names, email addresses and external IP addresses have been redacted in the released pages (70,875 redactions in total) until further analysis is complete. Over-redaction: Some items may have been redacted that are not employees, contractors, targets or otherwise related to the agency, but are, for example, authors of documentation for otherwise public projects that are used by the agency.
Identity vs. person: the redacted names are replaced by user IDs (numbers) to allow readers to assign multiple pages to a single author. Given the redaction process used a single person may be represented by more than one assigned identifier but no identifier refers to more than one real person.
Archive attachments (zip, tar.gz, ...), are replaced with a PDF listing all the file names in the archive. As the archive content is assessed it may be made available; until then the archive is redacted.
Attachments with other binary content, are replaced by a hex dump of the content to prevent accidental invocation of binaries that may have been infected with weaponized CIA malware. As the content is assessed it may be made available; until then the content is redacted.
Tens of thousands of routable IP addresses references, (including more than 22 thousand within the United States) that correspond to possible targets, CIA covert listening post servers, intermediary and test systems, are redacted for further exclusive investigation.
Binary files of non-public origin, are only available as dumps to prevent accidental invocation of CIA malware infected binaries.
Organizational Chart
The organizational chart (far above image) corresponds to the material published by WikiLeaks so far.
Since the organizational structure of the CIA below the level of Directorates is not public, the placement of the EDG and its branches within the org chart of the agency is reconstructed from information contained in the documents released so far.
It is intended to be used as a rough outline of the internal organization; please be aware that the reconstructed org chart is incomplete and that internal reorganizations occur frequently.
Wiki pages
"Year Zero" contains 7818 web pages with 943 attachments from the internal development groupware. The software used for this purpose is called Confluence, a proprietary software from Atlassian.
Webpages in this system (like in Wikipedia) have a version history that can provide interesting insights on how a document evolved over time; the 7818 documents include these page histories for 1136 latest versions.
The order of named pages within each level is determined by date (oldest first). Page content is not present if it was originally dynamically created by the Confluence software (as indicated on the re-constructed page).
What time period is covered?
The years 2013 to 2016. The sort order of the pages within each level is determined by date (oldest first).
WikiLeaks has obtained the CIA's creation/last modification date for each page but these do not yet appear for technical reasons. Usually the date can be discerned or approximated from the content and the page order.
If it is critical to know the exact time/date contact WikiLeaks.
What is "Vault 7"
"Vault 7" is a substantial collection of material about CIA activities obtained by WikiLeaks.
When was each part of "Vault 7" obtained?
Part one was obtained recently and covers through 2016. Details on the other parts will be available at the time of publication.
Is each part of "Vault 7" from a different source?
Details on the other parts will be available at the time of publication.
What is the total size of "Vault 7"?
The series is the largest intelligence publication in history.
How did WikiLeaks obtain each part of "Vault 7"?
Sources trust WikiLeaks to not reveal information that might help identify them.
Isn't WikiLeaks worried that the CIA will act against its staff to stop the series?
No. That would be certainly counter-productive.
Has WikiLeaks already 'mined' all the best stories?
No. WikiLeaks has intentionally not written up hundreds of impactful stories to encourage others to find them and so create expertise in the area for subsequent parts in the series. They're there.
Look. Those who demonstrate journalistic excellence may be considered for early access to future parts.
Won't other journalists find all the best stories before me?
Unlikely. There are very considerably more stories than there are journalists or academics who are in a position to write them.
submitted by CuteBananaMuffin to conspiracy [link] [comments]

Blindspot Whitepaper: Specialized Threat Assessment and Protection (STAP) for the Blockchain

BlindSpot™
Stop attacks before ”zero day” and stop the Advanced Persistent Threat (APT)
We live in a dangerous world — our information technology systems face that danger every single day. Hackers are constantly attempting to infiltrate systems, steal information, damage government and corporate reputations, and take control of systems and processes.
Hackers share and use a variety of tools and techniques to gain access to, and
maintain access to, IT systems, including groups and techniques so dangerous
they have their own category - the Advanced Persistent Threat (APT). At the
center of the APT are sophisticated techniques using malware to exploit vulnerabilities in systems. Traditional cyber security technologies use file signatures to locate these tools and hacker malware, but hackers are now actively camouflaging their tools by changing, customizing, and “morphing” them into new files that do not match any known signatures (‘Polymorphic Malware’). This introduces a massive gap in malicious file detection which leaves the enterprise open to exploitation — and it’s just not possible for traditional signature-based systems to keep up. In fact, signature-based anti-virus and anti-malware systems are only around 25% effective today. BlindSpot™ sees through it all, even as the files morph and change in a futile attempt to remain camouflaged.
Digital File Fingerprints
Any File Type, Any Language, Partial Matches, Exact Matches
BlindSpot™, the adaptive security solution from BlindSpot™, can see through the
Polymorphic camouflage used by the worlds most advanced hackers by utilizing
digital file fingerprints and our proprietary adaptive BlindSpot™ ‘brain’ that constantly analyzes the fingerprints of known malicious files and tools to locate partial matches within the files on your systems - servers, laptops, desktops, USB drives, and even mobile devices. BlindSpot™ can cut right through the Polymorphic files, revealing the true hacking tools underneath, even if they are only fragments or pieces of a more complete set of hacking tools and technologies.
Most cyber attacks happen weeks or even months after their initial penetration and access to a network or system, and even the simplest attacks tend to have a fuse that is typically several days. It takes them time to map out a system, probe for the information they want, and obtain or forge credentials with the type of access they need. But from the moment their tools first land on your network and systems, BlindSpot™ sees them. If fact, BlindSpot™ can see them sitting on a newly inserted USB drive even if the files are not copied to your systems. This means BlindSpot™ can identify and alert you to malicious files and potential illicit activities before the attack happens - before zero day!
How does BlindSpot™ work? BlindSpot™ sits on the endpoint and continuously monitors file activity. Digital fingerprints, which can be used to find partial matches of any file type in any language, are reported back where they are kept forever in a temporal repository.
BlindSpot™ looks through all of the digital fingerprints — both those from files on your systems and those in a constantly updated database of known malicious files and hacking tools, to locate and alert you to any indication of hacking, malicious files, or illicit activity. BlindSpot™ is a disruptive technology that can see polymorphic malware and stop attacks before zero day.
Digital File Fingerprints are created from a file or a piece of digital data/information by using advanced mathematics to look at all of the small pieces of data that make up the file to create a very small, unique piece of mathematical data — a digital file fingerprint. Files may be of any file type and in any language - digital fingerprints can find partial and exact matches regardless of what is in the file itself.
Just like with humans, once a fingerprint has been taken, you no longer need the
person to identify them. The fingerprint is enough. Even a partial fingerprint is
enough, and sometimes a smudge will do. Digital fingerprints work on the same
principle. Once BlindSpot™ has taken a digital fingerprint of a file, the file is no longer needed to identify it or to compare it with other files. And because digital fingerprints are tiny, they are easy to store. Even a multi-gigabyte file has a digital fingerprint that is no larger than 10k bytes.
Once you have two sets of digital fingerprints, you can compare them. Because BlindSpot™ starts with full fingerprints of known malicious files, it can identify matching files even when the digital fingerprint is only partially there. And with BlindSpot™’s advanced processing capabilities, file fragments, recovered data from a hard drive, partially downloaded documents, damaged files (both intentional and accidental) and other incomplete file structures can be properly fingerprinted in a way that still allows matches to be found.
Other technologies and software use static signatures, which do not work if any part of a file, regardless of how small, is different from another, or if the file is damaged in any way. BlindSpot™ and digital fingerprints enable partial matching, and can see through the camouflage that has become the industry standard for hackers across the globe. Static signature based solutions simply cannot do this.
Imagine your favorite detective drama on TV. The prosecutor says “This partial
fingerprint was found at the crime scene and the video camera across the
street recorded a perfect image of the person’s face.” The jury deliberates and
compares the picture and fingerprints of the defendant that were taken the day
before. They conclude, because the fingerprint was not all there and was not 100% identical, and because one picture showed a mustache that looked identical but was one millimeter longer than the other picture, that the two people were not identical - and set the criminal free. Well, that show wouldn’t be on TV long because crime would run rampant. Now imagine they had BlindSpot™. Criminals would be caught, the town would be a much safer place, and the show would be on for years to come.
Now imagine your network and systems without BlindSpot™, where traditional
exact match signature software is on your front line of defense. All kinds of
malicious files could walk right through and sit down on your hard drives, just
waiting for hackers to activate them. But you don’t have to imagine what your
systems would be like with BlindSpot™ — instead, simply contact us, get BlindSpot™ in place, and we’ll work with you to show you what’s really on your systems and help you keep those systems safe.
Ensuring System Compliance
Take the guesswork out of compliance assessment
All Government systems go through Certification and Accreditation. BlindSpot™ can help you with malicious code protection, for both security considerations and required compliance. Guidelines found in NIST 800-53 Revisions 3+ Security Requirements for System Integrity, SI-3 Malicious Code Protection, state that malicious code protection mechanisms must be employed at information system entry and exit points, including workstations, notebook computers, and mobile devices, to detect and eradicate malicious code.
BlindSpot™, with its continuous monitoring of the files on your endpoints and its
continuous updating of its known malicious file repository, will provide the
required real-time and full monthly re-scans of your files, will alert your
administrative staff when malicious code is found, will provide reports on
potential malicious files, illicit activity, and follow-up with very short false positive reports. BlindSpot™’s false positive rate is less than 0.01%. BlindSpot™ helps organizations meet the security requirements set forth and ensure compliance.
Intellectual Property Protection
Track sensitive information as it changes and moves around the enterprise
BlindSpot™ uses digital file fingerprints to identify partial and exact matches between files, regardless of file type or language. This ability can be used to track movements of and changes to files on a network of computers.
Government entities and corporations need to addresses the issue of monitoring
documents and files that contain sensitive information intellectual property, and it
is no longer sufficient to simply store them on a secure server and require specific credentials to access the information. People, both unintentionally and sometimes with malicious intent, copy and paste parts of documents, move files to USB drives, and otherwise edit and transfer files in order to get them on to a laptop, share them with a co-worker, or exfiltrate confidential information to outside networks and systems. BlindSpot™ carefully watches all of the files on your network, including what’s going with USB drives. If someone copies part of a file that has sensitive data to another file, BlindSpot™ sees it. Furthermore, BlindSpot™ can alert you when it sees questionable activity with certain documents/files or with specific computers/individuals.
Your sensitive files now have a watchdog that catches both unintentional and
malicious exposure to non-secure systems. Use BlindSpot™ to set up a custom
database of the locations where your sensitive files are stored, and BlindSpot™ will create a set of digital file fingerprints that can be used to track those files across your network and systems. This ensures that an organization can know where its proprietary and sensitive information is 365/7/24, in real-time.
Supervisory Control and Data Acquisition (SCADA) Systems
Supervisory Control and Data Acquisition (SCADA) is a system for remote monitoring and control that operates with coded signals over communication channels (using typically one communication channel per remote station).
SCADA networks contain computers and applications that perform key functions in providing essential services and commodities (e.g. electricity, natural gas, gasoline, water, waste treatment, transportation) to all Americans. They are part of the nation’s critical infrastructure, provide great efficiency, are widely used, and require protection from a variety of cyber threats.
One of the most significant threats is benign files residing on the computers on
the network that morph into tools that hackers can use to gain access to the
network and the equipment it monitors and/or controls. These files might be part
of the operating system (binary files), might be a normal file that includes
scripting, or can even be a general data file moved onto the computer through a
network or a USB drive. By morphing, these files circumvent detection and
countermeasures. This is just one example of how a hacker can compromise and
exploit the system and the worst part is that you will never know until it is too late!
The recent Department of Justice announcement charging Iranian hackers
believed to be tied to the 2013 hacking of a New York dam illustrates this threat
clearly.
Enter BlindSpot™’s BlindSpot™ Adaptive Security — BlindSpot™ monitors all files of all types (any format or language) without the requirement of a translator or human operator. BlindSpot™ can see right through the hacker’s camouflage of
morphing files to quickly identify problems and threats before hackers have the
opportunity to active and use their tools. For U.S. and foreign based systems,
BlindSpot™ is a must have cyber security solution.
The BlindSpot™ team has extensive experience with SCADA systems and critical infrastructure. Our BlindSpot™ solution is critical to the overall security framework of such systems as it was designed to find the morphing, malicious files and associated illicit file activity that can lead to compromise of the integrity, confidentiality and/or availability of the system. Threats loom on both the inside and outside, and the dynamic nature of these systems require continuous, temporal monitoring to stop cyber attacks before they happen.
Stop Ransomware
Identify and remove Ransomware before it encrypts your files
Ransomware attacks are on the rise and affect Fortune 500 companies, Federal
organizations, and consumers. This vicious type of attack affects your user’s ability to get their work done and prevents users from accessing files on a device or network by making the device or network unusable, by encrypting the files your users need to access, and/or by stopping certain applications from running (e.g. the web browser). A ransom is then demanded (an electronic payment of currency or bitcoins) with the promise that your data will be unencrypted and accessible again following the payment.
If the ransom payment is made, there is no guarantee that the data will be
unencrypted or returned to a state of integrity and/or availability. Furthermore,
there is also no guarantee that the people behind the ransom will not re-infect
your systems again with a variant of what was initially used. Payment encourages future attacks because they know you cannot detect it and will pay again next time. Surprisingly, there are only a handful of known ransomware files in use today (e.g. Crowti, Fakebsod). Safeguards exist that use static signatures to find exact matches for these known files, but the moment these files morph or are changed in any way they become undetectable by these solutions. BlindSpot™ digs deeper with digital file fingerprints and can find the new files, enabling you to analyze, quarantine, or delete them before they activate. This pro-active approach can be the difference between a system being protected and a system being made completely unavailable with encrypted data being held hostage for a ransom. The image below is an actual Fakebsod notification message.
BlindSpot™ uses digital file fingerprints to detect the ransomware by looking at
both partial and exact matches and can report the problem before it happens.
Ransomeware of the past attacked your personal computer and today’s variant
attacks the servers — BlindSpot™ can detect both.
Case Study: March 2016 - Two more healthcare networks are hit by ransomware targeting servers. Advice from law enforcement — pay the ransom! (They did). File backups are insufficient. Paying ransoms is costly and only encourages repeat attacks.
BlindSpot™ is the most comprehensive solution available to detect and root out
ransomware. Take charge of the situation and put BlindSpot™ to work continuously monitoring your systems.
Get BlindSpot™ Now
Commercial or Government, with multiple contract vehicles available
How Can I Get BlindSpot™?
CYBR develops and sells its adaptive enterprise cyber security software product, BlindSpot™, and provides professional services and support for BlindSpot™ implementations.
Product
BlindSpot™ Adaptive Security is a continuous monitoring enterprise solution that tracks file-based activity on the endpoint using digital file fingerprints, can identify problems and cyber threats before zero day, and can see through morphing, camouflaged (polymorphic) files to make accurate determinations of malicious files and illicit activity.
Deployment Options
BlindSpot™ can deployed as a secure cloud application for maximum flexibility, a standalone Enterprise implementation for maximum security, or the two combined in an Enterprise implementation augmented through a secure cloud gateway.
Professional Services and Training
BlindSpot™’s team of cyber security experts have the expertise to support
you by creating a holistic, enterprise security framework that consists of people,
policy, procedures and technology that will ensure a security posture that implements the best risk management strategies, tactics and operations available.
Email us at [[email protected]](mailto:[email protected]) for more information.
BlindSpot Solution Brief
June 29, 2018
POC: Shawn R. Key CEO, President
[[email protected]](mailto:[email protected])
Executive Summary and Estimated Pricing
CYBR’s BlindSpot is an enterprise cyber security solution that pro-actively identifies unknown and known malicious files and circumventive activity on endpoint devices. It is designed to interact with the CYBR Ecosystem and associated Web Portal. Distributed clients serve as the connection to the various BlindSpot server tiers.
BlindSpot identifies Illicit File Activity (IFA) and associated hacker activity via perceptive, industry standard algorithms. BlindSpot identifies exact AND similar files regardless of file type and/or language. This applies to ALL file types (e.g. documents, images, audio and video, carrier, etc.). Currently implemented safeguards and counter measures (such as anti-virus (AV), content filters and malware analysis tools) cannot address polymorphic/adaptive files and emerging threats. This introduces a massive gap in illicit file detection and leaves the enterprise open to exploitation. BlindSpot fills that void.
Additionally, corporations and government entities have a need to address known files and associated activity with regards to content and data management. The uncertainty of Intellectual Property (IP) location and propagation poses significant risk to the organization. The ability to identify the life cycle of a file (origin, source, destination, attributes and proliferation) ensures an organization knows where its proprietary, sensitive and privacy information is 365/24/7, in near real-time.
BlindSpot, is significantly different from solutions in the emerging Specialized Threat Assessment and Protection (STAP) marketplace, as it scales to meet the needs of enterprise organizations and the commercial marketplace. BlindSpot’s proprietary database consists of millions of unique, digital identifiers (hash values) that identify exact AND similar, modified files. This ensures that files existing in their original state or those which have been intentionally modified, do not circumvent detection. Our algorithms ensure near zero false positive return rates. The combinatory effect and the rare expertise of our executives and development thwarts potential competition as BlindSpot is an enterprise solution; not a tool.
The enterprise solution is provide as a license per IP address with associated appliance and/or server hardware requirements.
CYBR BlindSpot Technical Deep Dive
CYBR’s BlindSpot product is currently available as a Software as a Service) (SaaS) deployment blockchain solution and will be available as a full enterprise-install by Q2 2019. In both implementations, end-point agent software monitors the hard drive(s) of a computer or server, analyses any files that change, and reports [multiple] file hashes back to the main system. This enables the main system to effectively monitor which files could be malicious or represent intellectual property on the computers and servers within the customer’s network. By using fuzzy hashing algorithms, the system can detect polymorphic malware and intellectual property that has been partially hidden or obfuscated.
Applications
End-point (client) agent: native to each major OS as a fat client. Currently we have end-point agents for Microsoft Windows-based systems using MS .NET c# 2.0/4.5 and C++, although the c# portion will be replaced with all c++ code to increase scalability, efficiency, and security, in Q1 2016. End-point agents for Mac OS (written in Objective-C) and popular Linux platforms (written in c++) will ship in Q1/Q2 2016. Development work on the CentOS linux agent will begin in December 2015.
The Control Application enables system administrators to configure each end-point agent, the system itself, and to actively monitor and access reports on files that have been identified by the system as problematic or of interest. At this time the Control Application is able to provide configuration and monitoring services but is not yet ready for customer on-site deployment and is therefore only available in a SaaS model.
The middle-tier of the system, the Portal sever, currently runs in MS .NET and is written in c#. This tier will be upgraded to a full c++ implementation to increase scalability, efficiency, and security, in Q1 2016, and will run as a standard web server extension on a Linux platform (CentOS/Apache).
The data-tier of the system currently is running in MS SQL Server 2008/2012 and uses transact-SQL tables, but does not use any stored procedures or transactions. Although this tier is sufficient for scalability through mid to late 2016, a no-SQL version of the data tier will be developed in 2016.
The Crush server (hashing services) currently runs on MS Server 2008/2012, is written in c#/c++ and is a) being ported to run as a (c++) daemon on a standard Linux (CentOS) server, and b) being re-engineered to function as a massively parallel application (c/c++) running on NVIDIA Tesla GPU accelerated systems. The Crush server communicates with the data-tier directly and the C2 server indirectly. Multiple Crush servers can run simultaneously and are horizontally scalable and fault-tolerant.
The C2 (Command and Control) server, written in c# and being moved to c++, communicates with the data-tier directly and the Crush server and Control Application indirectly to provide scheduling, system health and integrity, and prioritization services, as well redirecting jobs to maintain fault tolerance of the back-end server components. Multiple C2 servers can run simultaneously and are horizontally scalable.
Hardware and Network:
The basic architecture of the system has two different stacks of software. First, a typical 3-tier approach isolates data storage from end-point and Control Application access with a middle-man protocol altering Portal server. In the SaaS model, the end-point and Control Application software reside on-site with the customer, and the remaining stack components reside at the SaaS hosting datacenter. The second stack consists of multiple horizontally-scalable server components that run entirely in the backend as daemons and interact primarily through the data area to provide the services that are being marketed and sold to the customers. The two stacks are kept somewhat separate from each other in order to buffer one against the other in times of extreme load and for enhanced security.
Following is a description of each software module in the system and how it relates to the others:
The system has one component for data collection (the end-point agent software, which resides on the desktop computers and servers within a deployed customer site), one component for system administration (the Control Application, which resides on a desktop computer that the customer has access to or that an analyst can access through the SaaS system), and a collection of software processes/daemons and a data storage area that comprise the back-end.
The end-point agent collects data from the end-point computer, passes it to the Portal server, which in turn stores it in the data area.
The C2 server monitors the in-flow of data from the end-points, and tasks the Crush server(s) to analyze the data and compare it to databases of known good, known bad, and watch list files, in an efficient manner.
The C2 server also provides notification to the customer of any problematic or watch-list files following the completion of the Crush server tasks.
The Crush server monitors the data area, and performs batch or real-time processing of data as instructed to by the C2 server.
Technology
CYBR’s BlindSpot software is a commercially available product that combines a small footprint end-point agent with a centralized monitoring and management system to track files and file changes on the end-point using partial-match digital fingerprints rather than rigid full-match-only file signatures. As files and data buffers are created, edited/altered, and moved either through the network or via removable media devices including USB drives, the product uses its unique and proprietary technologies in combination with industry standard technologies to identify and locate both known malware and unknown [polymorphic] malware on end-points that are continuously monitored by the product. Staff is notified, depending on the urgency or type of digital fingerprint identified, through integrations with 3rd party SIEM solutions, email/SMS transmissions, and reports that are available using the central management system. A false positive rate of partial digital fingerprint matching of ~1 in 10-12 means staff will not be bombarded with unnecessary alerts, maintaining staff efficiency.
Overview: Traditional anti-malware products use static file signatures to locate known malware but have no means of detecting unknown malware, CYBR’s product uses digital file fingerprints that can identify both partial file matches as well as full file signature matches and in doing so can locate and identify both known and unknown malware within the deployed enterprise. A combination of industry standard and publicly available algorithms and CYBR’s own proprietary algorithms, trade secrets, methods, optimizations, and intellectual property for which a patent is currently pending (which is owned solely by CYBR) are combined to form a comprehensive anti-malware platform and continuous end-point monitoring product that is completely unique in the marketplace. Through the use of our proprietary algorithms and optimizations, the product has the ability to scale to the enterprise level and can track desktops/servers as well as mobile/phone/tablet/Internet of Things (IoTs) devices.
Project Implementation: The implementation of this product would include both the commercially available BlindSpot product as well as prototypes of integration packages to connect with the on-site Security Information and Event Management (SIEM) and other systems and prototypes of end-point agents running on operating systems that are not yet available in the currently available version of the product. Both the integration and end-point agent prototypes would be based on existing modular code/functionality and would extend functionality past the currently available modules to ensure the full needs and requirements of the project are met. A full version of BlindSpot would be deployed on servers at/on the enterprise site, and prototypes of both SIEM integrations and new end-point agents would be deployed to augment the full production system. Information flow between all areas of the full system and prototypes would be tested and verified with increasing scale to ensure the level of performance required is available prior to the completion of the project.
End-point Agents: Each end-point is installed with native low-profile proprietary agent software that minimizes both its file system footprint and CPU use. The current product has a native end-point available for Microsoft Windows OSs (both desktops/tablets and servers) in production, and has native end-point agents in development/prototype stage for iOS, Android, MacOS, and RHEL/CentOS, with additional popular Linux derivatives to follow. The main job of the end-point agent is to communicate with the OS and monitor the file system for any changes in files that occur. When changes are detected, a digital file fingerprint of the file is taken and reported to the centralized data store, or cached until a later time if the centralized data store is unreachable (e,g, no cell coverage, laptop not connected to internet). The agent normally runs in “stealth-mode” and uses minimal CPU, RAM, and file system footprint so as not to disrupt the end-user’s workflow or impact system performance. Taking a digital fingerprint of a file and reporting it is very fast and thus the main job of the end-point agent is not system resource intensive. The “heavy lifting” is done on the back-end and does not burden the users or the end-point devices. Configuration of each end-point agent is conducted through the centralized management system, and changes in configuration are transmitted to the end-point agent within a few seconds (provided there is network connectivity).
Central Data Store: A collection of databases on the back end store file watch lists, known good and known bad digital file fingerprints (whitelists and blacklists containing digital file fingerprints of known malware), priority lists and configurations, end-point configurations, last-seen lists, and the full temporal accounting of all digital file fingerprints reported by end-point agents. As new threats are identified they are added to the central data store. As files on end-points change or are edited, their new digital fingerprints are added to the central data store as well. As new threats are identified though polymorphic partial matching, they are added to the known bad list as well.
Identification of Known and Unknown Malware: By comparing the databases of digital file fingerprints of known malware and digital file fingerprints of files on end-points, the product’s Crush server(s) use sophisticated algorithms to compare the partial digital file fingerprints, regardless of content of the files themselves. The product looks at the raw data (bytes) in the files when creating the digital file fingerprints and as such all file types/formats/languages are handled. This means that all file types and data in any and all languages can be compared with similar files. Binary DLLs, MS Word documents and spreadsheets (MS Excel, csv, …), JPEG images, Javascript, HTML, Executable files (.exe) — all of these files are handled by the product and known/unknown malware within them can be located using the digital file fingerprints in the centralized data store and Crush server’s analysis.
Scale, System Throughput, and Priority: A single Crush server can serve a small enterprise (100s or 1,000s of end-points), and a horizontally scalable array of Crush servers can be used to provide identification of malware for large enterprises. Similarly, databases in the central data store can be split and maintained/mirrored on several servers or run in a monolithic configuration. This makes the system highly scalable and able to be adapted to enterprises of varying sizes/scales while maintaining a good price/performance ratio. Priority lists can be designated for Crush servers such that high-priority end-points and/or high-priority malware fingerprints can be compared and identified in real-time, and similarly, low-priority lists (e.g. malware fingerprints that have not been seen in months or years) can be run in the evenings or when the system is running below normal load to ensure both immediate analysis of high-priority threats and comprehensive analysis of low-priority threats.
Integration: Several modular integration points within the product enable the straight-forward integration with 3rd party SIEM software and other reporting/management tools and systems. Distinct “notification channels” within the product are used based on the type of threat detected, the priority level of the specific threat detected, the confidence of the match (low percentage match of digital fingerprint vs high), and the location of the match (specific end-point list). Each notification channel has integration points that can be linked in with 3rd party systems so that staff are notified using software and procedures they are already familiar with and trained on (i.e., through a SIEM solution that is already begin monitored by dedicated, trained staff). Prototypes of each specific integration would need to be developed as a part of this project to match/communicate with the exact SIEM (or other) system that is in use at the deployment site in the mannemethod desired. Such a prototype would be developed for the purpose of evaluating the technical interconnectivity between systems to meet the requirements of the deployment, and following the prototype testing period, would be load-tested and stress-tested to ensure it’s performance meets the demands of a highly scalable environment, leading to a mature integration over a period of 3-6 months following the initial prototype period of 1-3 months.
Technology Section Summary: With end-points being continuously monitored by the product, both known and unknown malware threats delivered by the network and removable media will be detected and reported through SIEM system integration and direct email/SMS messages with minimal impact to the end-point (on all major OSs, including desktop and mobile). Centralized management and temporal monitoring of digital fingerprints enables the system to proactively locate and identify malware threats before zero day as well as enabling the staff to conduct their own investigations of systems either in the present or the past for forensic investigations. This makes CYBR’s BlindSpot a complete product that reaches all of the end-point devices to ensure safety and security from all types of malware threats.
Defense Utility
The blockchain’s cyber security posture will be greatly enhanced by BlindSpot. CYBR’s executive team works with various military and federal organizations and has a deep understanding of the cyber security challenges that face the enterprise today including advanced persistent threat (APT), polymorphic and pleomorphic malware, zero day attacks and the need to locate white and black files in real time. These threats have now permeated to the blockchain and must be secured.
Company and Customers
The proposed team includes CYBR, Inc. executive management and staff. The company is a works closely with its sister company, 21st Century Technologies, Inc. (21CT), which is a HUBZone certified, Small Business entity. 21CT serves as a value added reseller (VAR) for CYBR, Inc. and is currently a teammate on the DOMino classified DHS contract as a subcontractor to Raytheon.
Existing, paying customers include Stratford University, Test Pros and Devitas. The company also has integrator and VAR partner relationships with Anomali (formerly Threatstream), Lockheed Martin (Cyber and Space) and various commercial entities, which the company believes will become paying customers in 2019.
Transition and Commercialization
Our technology is a commercially available product and commercial sales have been made. The company is actively working to scale this solution to hundreds of thousands of users, which the company has deemed do-able and is in the process of horizontally scaling.
Data Rights Assertions
CYBR, Inc. currently holds a provisional patent and incorporates other trade secrets into the solution. No unreasonable restrictions (including ITAR) are placed upon the use of this intellectual property with regards to global sales.
submitted by CYBRToken to u/CYBRToken [link] [comments]

The Complete Linux Course: Beginner to Power User! - YouTube ReactOS 0.4.4 Installation and first look Debian 10 installation on VirtualBox 6.0 with Guest Additions  Debian 10 Buster released How to Fix Problem Detect And Mount CD-ROM Install Kali ... Kali Linux 2.0 Tutorials : How to install Java Manjaro Linux 0.8.11 Install and overview  Enjoy the simplicity #21 SAP ASE 16 Learning-Sybase Control Center Demo How to setup Raspbian CyberArk PAS11.4 - 5. Add WordPress Website Account

Using this option creates a Manifest which will request elevation upon application restart.--uac-uiaccess: Using this option allows an elevated application to work with Remote Desktop. Windows Side-by-side Assembly searching options (advanced)¶--win-private-assemblies Any Shared Assemblies bundled into the application will be changed into Private Assemblies. This means the exact versions of ... SCP Linux – Securely Copy Files Using SCP examples April 20, 2020 by Hayden James, in Blog Linux. This post includes SCP examples. SCP or secure copy allows secure transferring of files between a local host and a remote host or between two remote hosts. It uses the same authentication and security as the Secure Shell (SSH) protocol from which ... Hi, I tried to pre-install openssl 1.1.1 and then installed azure-iot-sdk-c using vcpkg. I found that when install azure-iot-sdk-c via command ./vcpkg install azure-iot-sdk-c[public-preview,use_prov_client]:arm-linux-custom, it will install openssl 1.0.2 in its build system. And when I compile my application with azure-iot-sdk-c by adding the following lines in my application's CMakeLists.txt ... I have written a Java server application that runs on a standard virtual hosted Linux solution. The application runs all the time listening for socket connections and creating new handlers for them. It is a server side implementation to a client-server application. The way I start it is by including it in the start up rc.local script of the server. However once started I do not know how to ... Copy the DPDK application binary to your target, then run the application as follows (assuming the platform has four memory channels per processor socket, and that cores 0-3 are present and are to be used for running the application): ./helloworld -l 0-3 -n 4 Note. The --proc-type and --file-prefix EAL options are used for running multiple DPDK processes. See the “Multi-process Sample ... When an application is installed using this option it is not possible to perform any operation on this application using wsadmin or administrative console that involves accessing the application metadata or EAR file. Such operations include view/edit application information, export, export DDL etc. The only possible operations using wsadmin or admin console are start, stop and uninstall. If ... Hexdump is a very useful Linux command for developers and application debuggers. It has the ability to dump file contents into many formats like hexadecimal, octal, ASCII and decimal. This command takes a file, or any standard input, as input parameter and converts it to the format of your choice. Let's assume you work with binary data and you are unable to understand the format of a file, you ... To print on Linux, the /usr/sbin/lpc utility must be installed. This is a standard Linux utility. On Red Hat 7.1, for example, this utility is in the "LPRng-3.7.4-22 RPM" package. Check your version of glibc using the following command: ls /lib/libc-* Installs the MLNX_OFED_LINUX binary RPMs (if they are available for the current kernel) Identifies the currently installed InfiniBand and Ethernet network adapters and automatically upgrades the firmware. Note: The firmware will not be updated if you run the install script with the ‘--without-fw-update’ option. Note: If you wish to perform a firmware upgrade using customized FW binaries ... Copy the DPDK application binary to your target, then run the application as follows (assuming the platform has four memory channels per processor socket, and that cores 0-3 are present and are to be used for running the application): ./helloworld -c f -n 4 Note. The --proc-type and --file-prefix EAL options are used for running multiple DPDK processes. See the “Multi-process Sample ...

[index] [28354] [15347] [12324] [23613] [5119] [29235] [6386] [27014] [17808] [29775]

The Complete Linux Course: Beginner to Power User! - YouTube

This is an example how to add a website account into your CyberArk vault and connect to it using PSM. Steps: 1. Install Chrome on PSM and Enable Applocker for Chrome 2. Edit Generic Web App ... THIS PROBLEM CAUSED MAKE BOOTABLE USB USING RUFUS PROGRAM THEN DO NOT USE RUFUS AGAIN BUT USE LINUX TIME SUGGESTION https://docs.kali.org/downloading/kali-li... Optional you can download putty and connect to the Pi with the IP address. Get the IP from the DHCP table on the router, look for a device called, "raspbian". Use pi for the user and password is ... Installation method : DVD iso file is downloaded and binaries are installed in Offline. Debian 10 buster new features: 1. UEFI Secure Boot. 2. AppArmor enabled per default. 3. Optional hardening ... Get The Complete Linux Administration Course Bundle! https://josephdelgadillo.com/product/linux-course-bundle/ If you want to get started using Linux, you wi... It installed quickly, with no surprises. Provided with dependencies, OBS installed promptly as well. Will it run though? Nope. Oh well, obs32 is not a valid Win32 application. I don't know what I ... SAP ASE 16 Learning Part 20 Sybase Control Center Introduction. To Learn or Teach Linux visit www.theskillpedia.com, A Marketplace for Learners and Trainers. Session 20 Sybase Control Center Ram N ... In this video i am going to show the installation process of Manjaro Linux 0.8.11 after that i am going to do a overview of the operating system and show some of the applications pre-installed. # Commands : to Install and register binaries : update-alternatives --install /usr/bin/java java /opt/jre1.8.0_60/bin/java 1 update-alternatives --install /usr/bin/javac javac /opt/jdk1.7.0_79/bin ...

https://arab-binary-option.tungwatcuesugard.cf