Periodic reminder - I do not monitor this account except sporadically.
Should you be interested in following me please follow:
Polite notice: I’ve moved, I’m on @cynicalsecurity now.
I just noticed some people are still answering here and I have not seen your messages, sorry :(
And yes, I did set the forward…
I have moved my main account to @cynicalsecurity should you wish to follow me there.
I have already followed, at least I hope, all those I was previously following.
I'm moving my main account to @phessler, so update your follow settings if you desire.
For those desiring to take a trip down Folly Lane here's the (marketing) PDF for DIDO (DIrect Data iO, I think):
Now I am even more terrified of Intel processors than I already was.
It is obviously a performance trick taking DMA over PCI to the next level (most likely for Intel NICs which are already integrated on SOCs) but… my God that takes courage to deploy in any secure network design.
Does anyone have experience with the PINE64 SBCs?
They seem to offer Gigabit Ethernet compared to the Raspberry Pi3 or is this purely theoretical? I also note FreeBSD support in 12.0-CURRENT.
The patch applied fine in #HardenedBSD 12-CURRENT. I'm compiling world + kernel with the patch to test it out on my laptop.
Fun article about the author discovering a speculative execution bug on the Xbox360.
Speaking of trying out all the emulators, I'm a bit of a fan of those which run in the browser. Full-screen the browser and you get the feeling of just having the machine to yourself. There's a hundred or so catalogued here, from the usual 8bit suspects, to early Unix capable machines, even earlier machines, 16 bit machines - you name it!
The problem will just have been moved elsewhere to the next subsystem which was ignored in the original threat model and in the new amended threat model which is just “old threat model” + “side-channels in OoO execution”.
Because of the marketing-driven rush there will be no comprehensive review of the new threat model which includes a network, multi-tenant VMs, etc. Net result: we are playing whack a’mole with security issues in hardware as we are in software.
MOVED to @bsd.network
IT Security, cynically aged. […] Keeper of Ancient Computing Lore. Ⓐ
Follow friends and discover new ones. Publish anything you want: links, pictures, text, video. This server is run by the main developers of the Mastodon project. Everyone is welcome as long as you follow our code of conduct!