RE: https://infosec.exchange/@lorenzofb/115746958061196593

Interesting overview of Apple security work spanning hardening against exploits using changes to the OS and its components, using compiler features, some interesting new formal proof tools, and hardware changes.

RE: https://cyberplace.social/@GossiTheDog/115745701289876342

While you’re looking at this new HPE OneView CVE, a semi-occasional posting of the unfixed (and reportedly unfixable) iLO management processor CVE:

CVE-2013-4786

“HPSBHF02981 rev.4 - HPE Integrated Lights-Out 2, 3, 4, 5 (iLO 2, iLO 3, iLO 4, and iLO 5) and HPE Superdome Flex RMC - IPMI 2.0 RCMP+ Authentication Remote Password Hash Vulnerability (RAKP)”

TL;DR: ask nicely for a weakly-hashed IPMI password, then crack it offline.

On at least some of these boxes, the iLO command that blocks this access:

MP:CM> sa -lanipmi d

https://support.hpe.com/hpesc/public/docDisplay?docId=emr_na-c04197764

Segment and restrict access to iLO on these boxes, disable IPMI access, etc.

Wandered into the group conference room in the DEC Maynard Mill — formerly an ancient brick and timber-frame woolen mill — and noticed the high ceiling was sagging unusually.

Yes, it was an old mill, everything leaned.

Some of it occasionally dripped lanolin-flavored centipedes.

But this sagging was unusual.

Turned out the upstairs neighbors parked an immense PDP-11/70* without regard to the location of the structural supporting beams.

That got fixed right quick — better placement and steel spreader plates and all — before that PDP took a quick trip to the basement.

*It might have been an -11/74, upstairs was into that sort of thing.