Alexander Nasonov @alnsn@mastodon.social
NetBSD dev.
481D B9B8 C259 8D18 04DE FB31 6607 0EA5 8C29 22DF
By combining ASLR, NOEXEC, CFI, SafeStack, and the other hardening techniques, #HardenedBSD provides a pretty hostile environment for exploit authors. That's not to say exploitation is impossible; rather, it becomes much more difficult and time consuming.
3/3
From Jasper and Theo:
"""> Thanks to Ben Gras of VUSec for sharing an early version the research paper
> with us. More details will be made public soon as 'tlbleed'.
Thanks for saying that Jasper. And thanks to Ben for getting the paper to us.
As demonstrated in the commit message, we hesitate to pass on more information. That remains Ben's thunder in Vegas.
"""
Blackhat, Aug 4-9.
https://www.blackhat.com/us-18/briefings/schedule/#tlbleed-when-protecting-your-cpu-caches-is-not-enough-10149
"Our TLBleed exploit successfully leaks a 256-bit EdDSA key from libgcrypt (used in e.g. GPG) with a
98% success rate after just a single observation of signing operation on a co-resident hyperthread and just 17 seconds of analysis time."
https://www.blackhat.com/us-18/briefings.html#tlbleed-when-protecting-your-cpu-caches-is-not-enough
‼️
On June 20, an EU committee will vote on an internet-destroying copyright proposal that'll censor everything from Tinder profiles to Wikipedia: https://boingboing.net/2018/06/07/thanks-axel-voss.html
Folks in the EU: European Parliament Members need to hear from you! https://changecopyright.org
Todd Mortimer just landed his #RETGUARD mitigation work (aka #clang -fret-protector) into #OpenBSD -current, and enabled by default.
1 relays in Liberia are contributing 176.9 MiB/s bandwidth to the #Tor network. https://metrics.torproject.org/rs.html#search/country:lr
"#Meltdown, aka "Dear Intel, you suck", #OpenBSD developer statements from Philip Guenther & Theo de Raadt: https://marc.info/?l=openbsd-tech&m=151521435721902&w=2
https://marc.info/?l=openbsd-tech&m=151521473321941&w=2
For the record, etsh-5.0.0 - https://etsh.io/src/ - is now available .. See also https://github.com/JNeitzel/v6shell/releases/tag/v5.0.0 .. #opensource #ancient #UNIX #cli #v6shell #etsh
Yes, it runs on your favourite #BSD too (or it should). I've only tested it on #OpenBSD and #NetBSD myself.
Proposed patch to fix the Meltdown in NetBSD: https://mail-index.netbsd.org/tech-kern/2018/01/06/msg022883.html
Matthew Dillon about spectre/meltdown: Show more
Theo on the Intel Core 2 bugs ~10 years ago. #OpenBSD https://marc.info/?l=openbsd-misc&m=118296441702631&w=2
As #OpenBSD's de-facto wifi maintainer, I first learned about this WPA problem in June. A simple patch was provided which I could commit with slight modifications.
The original embargo was already 2 months long, and then extended again for 2 months.
The generall public (you) were left in the dark about this for at least 4 months.
This is a very sad state of affairs. It takes the industry much too long to apply a simple patch.
My tor relay is down because OneProvider doesn't bother to check why my server is faulty. I suspect bad RAM.
On measuring TSC frequency from userland: http://marc.info/?l=openbsd-misc&m=150143746525689&w=2
So, at Defcon there was a demo of a safecracking 'bot - neat little gizmo.
But that has spawned a few dismissive takes; amongst 'em, https://twitter.com/ncweaver/status/892144532082442240
Mr. Weaver's kind of missing the point a bit with how this sort of thing works - yes, these consumer 'safes' are absolutely trivial to crack open with a crowbar or a hammer and cold chisel. But that's not the point here.
http://blog.netbsd.org/tnf/entry/pkgsrccon_2017_report
"for nearly a year, Google was hiding ProtonMail from search results for queries such as ‘secure email’ and ‘encrypted email’." https://protonmail.com/blog/search-risk-google/ #Linux #Google
