How my application ran away and called home from Redmond:
How did we turn 5G into 5k€ during the 5G hackathon? My hackathon report is up!
deraadt@ changed lib/libc/sys: Document msyscall(2): ld.so can use this (once only) to tell the kernel where libc.so's text segment is, thereby allowing invocation of system calls from that region. An upcoming change will kill the process if a system call is invoked from addresses not explicitly permitted.
ok guenther kettenis mortimer
Most mitigations are intended to make launching remote code execution attacks really hard. So that's what they should be measured against.
@_xhr_ The thing is there will always be bugs. There's no guarantee that OpenBSD can't be hacked, especially via the firmware/kernel level. Firmware can attack via DMA, and the drivers have race conditions even in the single-threaded kernel model. The basic claim is that having layers and layers of mitigations will make attacking it harder overall. Choice of hardware platform also matters. OpenBSD on ARM64 is virtually free of ROP-gadgets, others "only" have a reduced amount of gadgets.
Mikrotik RouterOS: Chain to Root. DNS Request to a Root Busybox Shell. https://medium.com/tenable-techblog/routeros-chain-to-root-f4e0b07c0b21 #Mikrotik #security #Tenable
Mikrotik DNS cache poisoning vulnerability https://blog.mikrotik.com/security/dns-cache-poisoning-vulnerability.html #Mikrotik #security
Mikrotik Package validation and upgrade vulnerability https://blog.mikrotik.com/security/package-validation-and-upgrade-vulnerability.html #Mikrotik #security
Tom Scott - This Video Is Sponsored By ███ VPN
Sometimes the normal day at the office turns into furious investigation and to something worth writing blog post about: "How my application ran away and called home from Redmond" https://medium.com/sensorfu/how-my-application-ran-away-and-called-home-from-redmond-de7af081100d
The source code for several Infocom interactive fiction games was published on Github, e.g. The Hitchhiker's Guide to the Galaxy, by Steve Meretzky and Douglas Adams
Firefox admits they will eventually be sending all of your DNS to Cloudflare. Cloudflare will monetize your internet browsing, no matter how much their PR people say they are.
If you want to disable that, go to "about:config", and set "network.trr.mode" to 5.
The values are: 0 - default off, 1 - race, 2 TRR first, 3 TRR only, 4 shadow, 5 off by choice
Co-founder and R of R&D @ SensorFu | Hacker | Network protocols | Rust language
Server run by the main developers of the project It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!