Periodic reminder: My account has long been moved to @cynicalsecurity … this account is not used nor monitored.

Periodic reminder - I do not monitor this account except sporadically.

Should you be interested in following me please follow:

@cynicalsecurity

Please note that I have moved to: @cynicalsecurity - this account is seldom read and followers *do not* migrate over, i.e. you have to follow the other account if you are so inclined.

Please note that I have moved to: @cynicalsecurity - this account is seldom read and followers *do not* migrate over, i.e. you have to follow the other account if you are so inclined.

Polite notice: I’ve moved, I’m on @cynicalsecurity now.

I just noticed some people are still answering here and I have not seen your messages, sorry :(

And yes, I did set the forward…

I have moved my main account to @cynicalsecurity should you wish to follow me there.

I have already followed, at least I hope, all those I was previously following.

Hi all

I'm moving my main account to @phessler, so update your follow settings if you desire.

Achtung Bitte: I am going to try to move my account from @cynicalsecurity to @cynicalsecurity

I don't know if it will work correctly because I am using the web interface and I am one of these "give me my ADM-3A back" people. Bear with me.

Are the standard documents for #WPA3 available? #OpenBSD has an interest in creating a not-shite implementation for our #wifi.

@phessler @lattera USB disk, I assume, as I don't see a SATA connector (like the Raspberry).

@phessler @lattera Oh, OK, so I should not assume this is as trivial as burning an image on to a microSD card… I am trying to decide what to do in the sense that the Pi 3 with Raspbian is a nice toy but for my servers I would prefer *BSD.

My plan is to use the WD external disk for Raspberry Pi 3 (or the PINE64 eMMC) for server stuff but if it is a nightmare then perhaps not.

@phessler @lattera not sure what that means about u-boot but I'd be happy to learn :) Where can I document myself?

I am not sure if I should thank @Kensan and @qrs for introducing me to Intel's DIDO where the NIC speaks directly to the processor's L3 cache.

Now I am even more terrified of Intel processors than I already was.

It is obviously a performance trick taking DMA over PCI to the next level (most likely for Intel NICs which are already integrated on SOCs) but… my God that takes courage to deploy in any secure network design.

@phessler does it mean it does OpenBSD? :) I notice on the forum they say HardenedBSD is available for the PINE64-LTS (Is it true @lattera ? I thought HardenedBSD was amd64-only).

I am working hard on removing my machines from hosting because $$ and setting up an el-cheapo hosting at home on ARM-based machines.

My biggest load is e-mail to my private domains and the PoC||GTFO mirror..

@phessler yes, since we all know what they are fixing this is an ideal "known plaintext" attack :)

Does anyone have experience with the PINE64 SBCs?

pine64.org/?page_id=46823

They seem to offer Gigabit Ethernet compared to the Raspberry Pi3 or is this purely theoretical? I also note FreeBSD support in 12.0-CURRENT.

@phessler the microcode updates are "interesting" - working on breaking them to find out what exactly they are doing.
Flipping internal switches is the first impression, no new µops.

Looking to do a firmware update to install the #Meltdown microcode, but don't have Windows?

On #OpenBSD: pkg_add geteltorito; geteltorito -o bios.img firmware-update.iso; then dd bios.img onto a usb stick.

Show more
Mastodon

Server run by the main developers of the project 🐘 It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!