Daniel Micay

@[email protected]
2.6K Followers
183 Following
664 Posts
Security researcher/engineer working on mobile privacy/security. Founder of @GrapheneOS.
Websitehttps://daniel.micay.dev
Twitterhttps://twitter.com/DanielMicay
GitHubhttps://github.com/thestinger
Matrixhttps://matrix.to/#/@strcat:grapheneos.org
Daniel MicayMar 30, 2024
Jonathan CorbetMar 29, 2024
Random, unordered, probably useless thoughts on today's apocalypxze...

Part of the success in getting this into Debian may be the result of there being no xz maintainer there. It is "maintained" by people whose attention is normally elsewhere doing occasional non-maintainer updates.

This code will have been running on the machines of a lot of distribution maintainers. If it has already been exploited, it could be that its real purpose has already been achieved and the real problem is now elsewhere. I sure hope somebody can figure out a way to determine if this backdoor has been used.

The multi-front nature of the attack, including multiple efforts to get the malicious code installed more widely more quickly, suggests we're not just dealing with a lone sociopath. I fear we'll never know who was really behind this, but I would sure like to.

There is surely more where this cam from.
Daniel MicayMar 30, 2024
Show threadAndresFreundTecMar 29, 2024

I was doing some micro-benchmarking at the time, needed to quiesce the system to reduce noise. Saw sshd processes were using a surprising amount of CPU, despite immediately failing because of wrong usernames etc. Profiled sshd, showing lots of cpu time in liblzma, with perf unable to attribute it to a symbol. Got suspicious. Recalled that I had seen an odd valgrind complaint in automated testing of postgres, a few weeks earlier, after package updates.

Really required a lot of coincidences.

Daniel MicayMar 30, 2024
AndresFreundTecMar 29, 2024

I accidentally found a security issue while benchmarking postgres changes.

If you run debian testing, unstable or some other more "bleeding edge" distribution, I strongly recommend upgrading ASAP.

https://www.openwall.com/lists/oss-security/2024/03/29/4

oss-security - backdoor in upstream xz/liblzma leading to ssh server compromise

Daniel MicayJul 20, 2023
Just Your Luck, You'll SurviveJul 20, 2023

Is *anybody* surprised??

"Breaking
Teen Suicide Plummeted During Covid-19 School Closures, New Study Finds"

"Rates of suicide and suicide attempts among teenagers were at their lowest when schools were closed for the Covid-19 pandemic, a new study published Wednesday shows, pointing to an overall pattern that shows mental health in children and teenagers is at its worst while school is in session."

https://www.forbes.com/sites/maryroeloffs/2023/07/19/teen-suicide-plummeted-during-covid-19-school-closures-new-study-finds/?sh=2342af47dd9b

Teen Suicide Plummeted During Covid-19 School Closures, New Study Finds

A new study has tied suicide rates among children and teenagers directly to the school calendar, suggesting that academic and social stressors can be blamed for an annual increase in fall and spring suicide attempts.

Forbes
Daniel MicayMay 25, 2023
GrapheneOSMay 25, 2023

Vanadium version 114.0.5735.53.0 released: https://github.com/GrapheneOS/Vanadium/releases/tag/114.0.5735.53.0.

See the linked release notes for a summary of the improvements over the previous release and a link to the full changelog.

Forum discussion thread:

https://discuss.grapheneos.org/d/5198-vanadium-version-11405735530-released

#GrapheneOS #privacy #security #browser

Release 114.0.5735.53.0 · GrapheneOS/Vanadium

Changes in version 114.0.5735.53.0: update to Chromium 114.0.5735.53 A full list of changes from the previous release (version 113.0.5672.163.0) is available through the Git commit log between th...

GitHub
Daniel MicayMay 24, 2023
GrapheneOSMay 24, 2023

GmsCompatConfig (sandboxed Google Play compatibility layer configuration) version 55 released: https://github.com/GrapheneOS/platform_packages_apps_GmsCompat/releases/tag/config-55.

See the linked release notes for a summary of the improvements over the previous release and a link to the full changelog.

Forum discussion thread:

https://discuss.grapheneos.org/d/5195-gmscompatconfig-version-55-released

#GrapheneOS #privacy #security #gmscompat

Release config-55 · GrapheneOS/platform_packages_apps_GmsCompat

Changes in version 55: update max supported version of Play Store to 35.9.xx A full list of changes from the previous release (version 54) is available through the Git commit log between the rele...

GitHub
Daniel MicayMay 23, 2023
GrapheneOSMay 23, 2023

GmsCompatConfig (sandboxed Google Play compatibility layer configuration) version 54 released: https://github.com/GrapheneOS/platform_packages_apps_GmsCompat/releases/tag/config-54.

See the linked release notes for a summary of the improvements over the previous release and a link to the full changelog.

Forum discussion thread:

https://discuss.grapheneos.org/d/5169-gmscompatconfig-version-54-released

#GrapheneOS #privacy #security #gmscompat

Release config-54 · GrapheneOS/platform_packages_apps_GmsCompat

Changes in version 54: add stub for BluetoothDevice.getIdentityAddress to avoid throwing uncaught exception A full list of changes from the previous release (version 52) is available through the ...

GitHub
Daniel MicayMay 23, 2023
GrapheneOSMay 23, 2023

Vanadium version 113.0.5672.163.0 released: https://github.com/GrapheneOS/Vanadium/releases/tag/113.0.5672.163.0.

See the linked release notes for a summary of the improvements over the previous release and a link to the full changelog.

Forum discussion thread:

https://discuss.grapheneos.org/d/5168-vanadium-version-113056721630-released

#GrapheneOS #privacy #security #browser

Release 113.0.5672.163.0 · GrapheneOS/Vanadium

Changes in version 113.0.5672.163.0: update to Chromium 113.0.5672.163 A full list of changes from the previous release (version 113.0.5672.132.0) is available through the Git commit log between ...

GitHub
Daniel MicayMay 22, 2023
GrapheneOSMay 22, 2023

Our main chat rooms are on Matrix, but we've added an IRC channel on libera.chat bridged to each Matrix room:

#grapheneos
#grapheneos-offtopic
#grapheneos-testing
#grapheneos-dev
#grapheneos-infra
#grapheneos-media

Previously, we only had the initial 3 IRC channels.

#grapheneos #privacy #security #matrix #irc #bridge

Daniel MicayMay 20, 2023
GrapheneOSMay 20, 2023

GmsCompatConfig (sandboxed Google Play compatibility layer configuration) version 53 released: https://github.com/GrapheneOS/platform_packages_apps_GmsCompat/releases/tag/config-53.

See the linked release notes for a summary of the improvements over the previous release and a link to the full changelog.

Forum discussion thread:

https://discuss.grapheneos.org/d/5089-gmscompatconfig-version-53-released

#GrapheneOS #privacy #security #gmscompat

Release config-53 · GrapheneOS/platform_packages_apps_GmsCompat

Changes in version 53: update max supported version of Play Store to 35.8.xx A full list of changes from the previous release (version 52) is available through the Git commit log between the rele...

GitHub