"It is a good practice to make your code as fragile as possible, letting it break when necessary."
There is a new Spectre variant in town: #4 called Speculative Store Bypass.
P0 ticket by Jann Horn:
Intel’s info which makes it sound there will be one of these each quarter... Q2 2018 Speculative Execution Side Channel Update:
RedHat even made a video titled “Speculative Store Buffer Bypass in 3 minutes”:
Yay ! My first #OpenBSD port was committed today ! Thanks jca@ :) Enjoy keyringer.pw !
La cyber sécurité rend-elle “maboule”
TIL: "No route to host" on Linux does not necessarily mean "no route to host".
If a firewall rejects a packet, it usually sends an ICMP port unreachable, which is correctly interpreted. The proper behaviour defined in RFC 1812 would be ICMP Admin Prohibited (Type 3 Code 13), but the Linux kernel converts that to EHOSTUNREACH, which is interpreted by libc as "No route to host".
Therefore - check the actual traffic using tcpdump/Wireshark. No route to host, well... doesn't mean no route to host.
»[M*A*S*H] taught me a lot of useful things; for example, if one's skills are sufficiently in demand, one can wear a bathrobe to work, and generally have one's eccentricities tolerated.«
pkg_add -v ccache
How many microservices does it take to turn on a lightbulb
Looking at the SSH bruteforcers (password guesssing) by country data so far this month it looks like RU has overtaken CN for the first time in a while. Is this a trend? Anybody else looking at this angle, I would like to hear from you!
"In this paper we advocate a crash-only design for Internet systems, showing that it can lead to more reliable, predictable code and faster, more effective recovery."
"This paper describes the challenges in collecting actionable data for Gmail, a service with more than 1 billion active accounts."