New episodes every weekday Monday through Friday. This page was generated by The HPR Robot at
Welcome to HPR, the Community Podcast
We started producing shows as Today with a Techie on 2005-09-19, 18 years, 8 months, 4 days ago. Our shows are produced by listeners like you and can be on any topics that "are of interest to hackers". If you listen to HPR then please consider contributing one show a year. If you record your show now it could be released in 12 days.
Passkeys are still a fledgling technology, as of this writing, and we
are trying to keep pace with the rapid adoption across various websites,
in addition to specification refinements. The following is a short list
of critical improvements to our passkeys support:
Update an existing passkey or add one to an existing entry
Support more specification standards
Various UI improvements to dialogs and context menus
**Show a warning prior to exporting a passkey**
In addition to bug fixes, we always strive to deliver something
useful in each of our updates. For 2.7.8, we have brought forward
several awesome features including:
A database setting to allow a delay prior to auto-save
Improvements to Bitwarden and 1Password importers
Improvements to monospace font display
Improve display of dialog buttons on Linux
**SSH Agent: don’t auto-load keys that are in the recycle bin**
Add hotkey for showing search help.
Add hotkey for group switching (Ctrl+Shift+PgUp/PgDown).
Add per-database auto-save delay setting.
Add configurable password strength check on database password.
Add setting to hide menubar.
Improve Bitwarden 1PUX import and support organization collections.
Show advanced settings checkbox only for settings that have them.
Remove obsolete setting for requiring repeated password entry.
Passkeys: Allow registering Passkeys to existing entries.
Passkeys: Show warning about data being unencrypted before Passkey export.
Passkeys: Support NFC and USB transports.
Passkeys: Pass extension JSON data to browser.
SSH Agent: Do not use entries from recycle bin.
Linux: Change hotkey sequence used for {CLEARFIELD} Auto-Type.
Windows: Improve DACL memory access protection.
Fixes.
Fix crash when deleting history items.
Fix crash on screen lock or computer sleep.
Fix search field not being focused after unlock.
Fix loss of window focus when Auto-Type needs to unlock a database.
Fix inconsistent TOTP visibility on unlock.
Fix CSV import skipping over single-name groups.
Fix key file folder being remembered even if disabled in settings.
Fix issues with entry editing and database locking.
Fix key file text when provided on command line.
Fix issues with hardware key auto detection.
Do not override monospace font size.
Perform group sort only when group view is in focus.
Do not show decimals for attachment sizes in Bytes.
Prevent merging of global custom data when merging databases.
Fix minor translation issues.
Passkeys: Fix StrongBox incompatibility.
Passkeys: Set RP ID to effective domain if unset instead of returning an error.
Passkeys: Various UI fixes and improvements.
AppImage: Fix URL opening.
Flatpak: Fix application autostart.
Linux/macOS: Fix button sizes on modal alert popups.
Linux: Fix clipboard clear on Wayland.
Windows: Preserve file-hidden attribute.
The Apple menu, which is always the first item on the leading side of
the menu bar, includes system-defined menu items that are always
available. You can’t modify or remove the Apple menu. When present in
the menu bar, the following menus appear after the Apple menu in the
order listed below.
AppName (you supply a short version of your app’s name for this menu’s title)
File
Edit
Format
View
App-specific menus, if any
Window
Help
Ken Talks to Marc Balmer and Kristoff Bonne about spectrum24, The
Conference for Creative Use of the Radio Spectrum in Open Systems.
Following the success of the Software-Defined Radio and Amateur Radio
devroom at FOSDEM, spectrum24 plans to bring users of the radio spectrum
together.
For over a century, technology has made it possible to transfer more
data, faster, further. Today, wireless technology is everywhere and
commonplace. However, it remains a playground and a ground for
innovation for many communities.
This conference is an opportunity to publicize your projects and
allow the different communities that use the spectrum to meet over a
weekend.
spectrum24 will take place September 14./15. at SmartCity Campus (1
rue de Clairefontaine, 78120 Rambouillet.) at an old radio factory in
Rambouillet near Paris, a short 15 minute walk from the train
station.
All right. Well, good evening, hackers. My name is Clinton. And this
is a very off the cuff episode for me just to announce that I've got a
new microphone. So I just wanted to run through a couple of details of
that. Make a show, say a little about the microphone while I got it.
What I hope to do with it. So this is a roadie wireless go to setup. It
comes with three little boxes. Roughly, roughly, you can fit each one of
the little boxes inside a matchbox. So there are three of these that
come with the set that I bought. Two of them are microphones that you
clip onto your lapel. The third is a transceiver. So at the moment, I've
got the transceiver on and I've got one of the microphones on. I bought
this because I'm going to be going to a conference soon. And one of the
things that I do try to do at conferences is to interviews with people.
And this is kind of nice in that I can switch these two microphones on.
Give one to myself. Give one to the person I'm interviewing. And I don't
have to use a single microphone and shove it underneath their faces. And
I don't have to swap the microphone between the two of us. The other
feature, like the particular reason I've got this model is that each of
the two microphone units actually has built in RAM. So it will actually
record, like if you've got it set up in the mode, which I do, you can
get each microphone to do a backup recording of your presentation. The
regular mode for this set of microphones is to actually treat the
transceiver as a source and plug it into computer or plug it into your
camera as a external microphone. But it has this lovely mode, which I'm
recording this particular episode to. We can just turn it on. It's not
the transceiver is not plugged into a computer. It's not plugged into
anything. And it'll record something like 40 hours of voice. And later
on, I can hook it up to my computer as a standard mass storage device
and just download the waveform I believe. So it does have some Windows
firmware or Mac firmware. I didn't have too much fun getting that to
work under Linux. I tried under a couple of different VM products and
wasn't having any luck. So try it under wine. I tried under open box.
Eventually I did end up installing like a full Windows 10 install onto a
qemu image. And that had enough stuff working such that I could install
the Rode firmware on it. That let me do an upgrade of the firmware on
the two microphones and the transceiver because the first thing you do
when you buy something these days is out of the box you have to upgrade
the firmware because why would they do that at the factory before they
send it out when they can just make the users do that. And there is a
phone app but it does not let you update the firmware on these
particular hardware models. If I remember the error message correctly it
does look like the Android app lets you update the firmware on other
Rode microphone devices but not this particular model. So I had to go
down the track of setting up a qemu. I did find a good blog post on how
to set up a Windows box on qemu. It had a few things that seem outdated
so maybe it's a job for future me to write an updated blog post on how
to do this. If for nothing else instructions on how to do this in future
when I need to rerun the firmware update. The other thing that I really
needed to use the software for though is to switch on the recording
option. So out of the box these things do not record to the memory
that's built into the microphones. So I had to get, I had to update the
firmware and then I had to run the software on both of the microphones
to switch on the recording option. But now that that switched on I can
just hook it up as a USB master device as I've mentioned before and
presumably I can just copy the files and delete the files and I won't
actually have to run that software. So yeah there's a number of options
going forward so I can write that blog post with the updated details.
There were a number of hoops that I found that I did not have to go
through of the blog post I found so things are getting easier over time.
Depending on how in depth I want to go I could potentially one day sit
down and install like a USB listening device and see if I can work out
how to work out if there are any magic packets getting sent to do the
configuration on the device. Do I need to break any crypto stuff or is
it just a straight command like plug in the device and send a command
with a few funky options. So maybe in the very distant future when I've
got no other things on I could try and work out a pure USB non windows
solution for setting some of these configuration options. I'm not sure
I'd go down the track of updating the family I think that's probably a
little bit too risky but you know maybe one day in the future. But yeah
basically this set of microphones assuming that it works out okay
assuming that it sounds good. I'll hopefully be using these for
conferences coming up. Hopefully as well I'll be able to use it for
camping and stuff like that so if I'm out and about I'll just be able to
pull out these two things transceiver, microphone, a couple of clicks
turn them on they talk to each other wirelessly and then start recording
something. So it's much smaller than the current microphone that I'm
using so it's much easier to travel with. There are two of them so that
when I'm interviewing someone it's much easier and it's got recording
memory so I don't actually have to plug them into a computer so all up
it should be much easier to use. I think it might even give better
recording outputs and hopefully like increase the number of talks and
presentations that I give on HBO. So that's been Clinton this has been a
very off the cuff recording I very much am used to sitting down and
writing out a full script for these things so I'm doing this because
it's cool new hardware but also because HPR needs more episodes. So yeah
maybe other people can do an episode on what particular funky wireless
or what particular microphones that they've got that they enjoy using
and what the advantages are and disadvantages are. That's it for now.
Ciao.
We finish our South Carolina visit touring a plantation, and then go
to see a magnificent live oak tree. After that, it is time for us to
head back home.
We'll start with a couple electronica pieces from Arkadii Kaplan:
Corporate Success and Chasing the Shadow. I also featured Kaplan in the
second episode of Cov's Jams, way back in 2016. I'm glad to be back.
Next up are two dubstep selections: Time to Army by Muciojad and
Sweet Nothing by K4MMERER.
Daniel Bautista's Symphony Number 5 will close out the episode.
Daniel Bautista wins at Free, Libre, and Open Source. Not only is he
playing public domain Beethoven, but he recorded and mixed the album (in
May and June of 2008) on a Gentoo
Linux box. Gentoo is how I really learned Linux. He's still
releasing libre licensed albums and his newer releases have video
recordings which he edits in kdenlive.
The first four tracks are under the Creative Commons
Attribution-Share Alike license: Corporate Success and Chasing the
Shadow by Arkadii Kaplan, Time to Army by Muciojad, and Sweet Nothing by
K4MMERER. Daniel Bautista's Symphony Number 5 is licensed Creative
Commons Attribution.
Thank you for listening to this third episode of Cov's Jams. I hope
we can enjoy some new tunes together soon!
Java Android Magisk Burp Objection Root Emulator Easy
(JAMBOREE)
Get a working portable Python/Git/Java environment on Windows in SECONDS
without having local administrator, regardless of your broken Python or
other environment variables. Our open-source script downloads directly
from proper sources without any binaries. While the code may not be
perfect, it includes many useful PowerShell tricks.
Run Android apps and pentest without the adware and malware of
BlueStacks or NOX.
Features / Request
Core Status
RMS:Runtime Mobile Security ✔️
Brida, Burp to Frida bridge ❌
SaftyNet+ Bypass ❌
Burp Suite Pro / CloudFlare UserAgent Workaround-ish ✔️
ZAP Using Burp ✔️
Google Play ✔️
Java ✔️
Android 11 API 30 ✔️
Magisk ✔️
Burp ✔️
Objection ✔️
Root ✔️
Python ✔️
Frida ✔️
Certs ✔️
AUTOMATIC1111 ✔️
AutoGPT ✔️
Bloodhound ✔️
PyCharm ✔️
OracleLinux WSL ✔️
Ubuntu/Olamma WSL ✔️
Postgres No admin ✔️
SillyTavern ✔️
Volatility 3 ✔️
Arduino IDE / Duck2Spark ✔️
Youtube Downloader Yt-dlp ✔️
How it works:
Temporarily resets your windows $PATH environment variable to fix any
issues with existing python/java installation
Build a working Python environment in seconds using a tiny 16 meg
nuget.org Python binary and portable PortableGit. Our solution doesn't
require a package manager like Anaconda. I would like to make it even
easier to use but I don't want to spend more time developing it if
nobody is going to use it! Please let me know if you like it and open
bugs/suggestions/feature request etc! You can contact me at https://rmccurdy.com !
Installation/Requirements ( For Android AVD Emulator) :
Local admin just to install Android AVD Driver:
HAXM Intel driver ( https://github.com/intel/haxm )
I was inspired by Knightwise's
episode
4109 on future-proofing HPR.
I agree with many of your criticisms, but I'm not sure that a marketing
strategy is the best way forward. Many of the most successful and
sustainable businesses and organizations have been built on
word-of-mouth.
For example I heard of Google, Zoom, Gmail, Facebook, Slack, Twitter,
Discord, etc from my IRL friends and coworkers rather than from a
marketing message. And most of the open source communities I'm a part of
(Linux, Python, Firefox, Hugging Face, etc) are successful precisely
because their success is not subject to a BigTech algorithm or
exploitative terms-and-conditions.
Most open source projects are able to build community much by actively
resisting the temptation to create a marketing message or social media
campaign and instead focusing on the authenticity and quality of their
"product" and catering to their contributors' and users niche needs and
sensibilities.
I share Knightwise's love and concern for the HPR community
I agree the intro theme song and voiceover could be accelerated and
improved
I whole-heartedly agree the comments interface could be made easier
to use
I agree that the HPR community feels like a monastery or convent.
Perhaps faith in FOSS is a kind of religious belief or value that
supersedes normal human instincts and drives.
I 100% support hackers that evangelize for HPR on their favorite
bigtech social media platforms.
My FOSS podcatcher Antennapod,
automatically skips the intro. I had to rewind in order to hear the
episode number and host username in order to compose my reply.
And I have trouble engaging with the comments interface on the HPR
site.
I wasn't even aware of comments on my previous episodes and once I did
learn of it I found it easier to reply on Mastodon rather than on the
HPR website.
As a community, I think we take it on faith that there is a place in the
world for people like us that just want to share ideas, unmediated by
shadow-banning, rug-pulling corporations and attention-hacking
algorithms. I want to have a conversation with thoughtful people. I
don't want to be engaged or monetized or exploited
Many of us know that what we do in life cannot be measured in
dollars or like button
clicks, but rather by the quality of our friendships and the
collective ideas that we share.
Zombies on Facebook, Twitter, Discord and Slack must eventually "see
the light" for themselves and come flocking to "the small
web" as they did during Xitter's decline.
HPR has been a significant positive force in my life and I would
hate to sully its openness and authenticity with SEO or other marketing
strategies (I know this is not what you proposed)
I think the enshittified
Discord network is the wrong business to entrust with our community, for
one thing, its app doesn't work on Linux
Marketing and SEO are effective tools for growth-seeking businesses,
but ill-suited for an open source community
Open source communities such as Reddit, Reddis, Terraform, Mongo,
Substack, Medium, and MySQL were destroyed by growth-hackers pulling the
rug out from under open source contributors and authors who eventually
rebelled to fork or reverse-engineer these products and "win the
day."
We geeks at HPR are not alone in our disaffection with
business-mediated social interactions. Look at the mass eexodus from
twitter. And the exit from substack. And from open source communities
like reddit, reddis, terraform, mongo, and mysql. If you want to
contribute your labor to a newly enshittified product they are actively
seeking new contributors (and marketers) as their founding engineers
abandon ship and create their own forks.
People share personal private contact information here that could
endanger their emotional and financial well-being and information
security if it were exposed to a scammer/malware platform like Discord.
Discord sells your phone number to con-artists and scammers. And Xitter
users talk about the blue checkmark validating their social value, but
it's really a mark of shame. Discord hawks a similarly worthless token
of social cred, and paywalls something as fundamental to communication
as emojies. No thanks. They can take their dancing robot and
bursting-heart emojies and shove 'em where the sun don't shine.
Enhance the comments
interface?
Would a bridge server that pulled from our RSS feed and posted to an
HPRbot channel on Mastodon help?
Album art in Funkwhale (after recording I noticed it can also look up album art during import, using the musicbrainz ID. Not 100% sure beets adds it, but I might assume so)