Mastodawn

koyeung Dec 2, 2024

nixCraft 🐧Dec 1, 2024

Damn. A Brazilian certificate authority trusted only by Microsoft has issued a presumably-unauthorized certificate for google.com: https://follow.agwa.name/notice/AoZSMI38xcA3TrN1sm

All security practices in the world are useless if one of the most visited sites such as Google gets a unauthorized TLS certificate issued. How this still exists in 2024 is beyond me.

Andrew Ayer (@[email protected])

A Brazilian certificate authority trusted only by Microsoft has issued a presumably-unauthorized certificate for google.com: https://bugzilla.mozilla.org/show_bug.cgi?id=1934361 This can used to i...

koyeung Sep 25, 2024

OpenWrt One public sale

https://forum.openwrt.org/t/want-to-buy-a-openwrt-one/205064/38

#openwrt

Want to buy a OpenWRT One

OpenWrt One public sale: SinoVoip Aliexpress shop BPI Aliexpress online shop Taobao online shop

OpenWrt Forum

koyeung Sep 11, 2024

http://lists.infradead.org/pipermail/openwrt-devel/2024-September/043144.html

#openwrt

OpenWrt One / status update

koyeung Aug 24, 2024

Rust Weekly 🦀Aug 23, 2024

I sped up serde_json strings by 20%

https://purplesyringa.moe/blog/i-sped-up-serde-json-strings-by-20-percent/

Discussions: https://discu.eu/q/https://purplesyringa.moe/blog/i-sped-up-serde-json-strings-by-20-percent/

#programming #rustlang

I sped up serde_json strings by 20%

I have recently done some performance work and realized that reading about my experience could be entertaining. Teaching to think is just as important as teaching to code, but this is seldom done; I think something I’ve done last month is a great opportunity to draw the curtain a bit. serde is the Rust framework for serialization and deserialization. Everyone uses it, and it’s the default among the ecosystem. serde_json is the official serde “mixin” for JSON, so when people need to parse stuff, that’s what they use instinctively. There are other libraries for JSON parsing, like simd-json, but serde_json is overwhelmingly used: it has 26916 dependents at the time of this post, compared to only 66 for simd-json. This makes serde_json a good target (not in a Jia Tan way) for optimization. Chances are, many of those 26916 users would profit from switching to simd-json, but as long as they aren’t doing that, smaller optimizations are better than nothing, and such improvements are reapt across the ecosystem.

purplesyringa's blog

koyeung Jul 28, 2024

Ars Technica Jul 25, 2024

Secure Boot is completely broken on 200+ models from 5 big device makers

Keys were labeled "DO NOT TRUST." Nearly 500 device models use them anyway.

https://arstechnica.com/security/2024/07/secure-boot-is-completely-compromised-on-200-models-from-5-big-device-makers/?utm_brand=arstechnica&utm_social-type=owned&utm_source=mastodon&utm_medium=social

Secure Boot is completely broken on 200+ models from 5 big device makers

Keys were labeled "DO NOT TRUST." Nearly 500 device models use them anyway.

Ars Technica

koyeung Jul 26, 2024

"Many things which seems to be faster from a common sense perspective might in practice end up being slower and vice versa."

https://nrk.neocities.org/articles/cpu-vs-common-sense

#programming #cprogramming

strlcpy and how CPUs can defy common sense

koyeung Jul 21, 2024

Show thread

Michael Gemar Jul 20, 2024

@Migueldeicaza @davew More details specifically on Crowdstrike moving its macOS implementation off of kernel and into user space (in 2020):

https://www.crowdstrike.com/blog/crowdstrike-supports-new-macos-big-sur/

CrowdStrike Supports New macOS Big Sur

The CrowdStrike Falcon® platform offers full support for Big Sur with full-feature parity and protection.

crowdstrike.com

koyeung Jul 20, 2024

Show thread

Stryder Notavi Jul 20, 2024

@mjg59 @james Probably relates to this Redhat issue - https://access.redhat.com/solutions/7068083

Apparently their latest releases still ship with 5.14, which they apparently maintain as their own branch (mainline considered it EOL back in November 2021).

Do wonder WTF there rationale is for that one.

Kernel panic observed after booting 5.14.0-427.13.1.el9_4.x86_64 by falcon-sensor process. - Red Hat Customer Portal

eBPF program causes kernel panic on kernels 5.14.0-410+ . Below is an example of a kernel panic on the falcon-sensor process, observed after booting on kernel version 5.14.0-427.13.1.el9_4.x86_64. [ 462.396258] BUG: unable to handle page fault for address: ffff9a4bdb0f2d88 [ 462.396291] #PF: supervisor write access in kernel mode [ 462.396309] #PF: error_code(0x0002) - not-present page [ 462.396327] PGD 14e203067 P4D 14e203067 PUD 0 [ 462.396345] Oops: 0002 [#1] PREEMPT SMP NOPTI [ 462.397204] CPU: 1 PID: 6496 Comm: falcon-sensor-b Kdump: loaded Not tainted 5.14.0-427.13.1.el9_4.x86_64 #1 [ 462.397838] Hardware name: VMware, Inc. VMware7,1/440BX Desktop Reference Platform, BIOS VMW71.00V.21100432.B64.2301110304 01/11/2023 [ 462.398482] RIP: 0010:backtrack_insn+0x408/0x800 [ 462.399131] Code: 30 00 0f 85 64 fd ff ff 41 ba 01 00 00 00 b9 01 00 00 00 45 8d 48 ff 44 89 d0 d3 e0 85 c2 74 0f 89 c6 f7 d6 21 d6 89 74 bb 0c 09 44 8b 0c 83 c1 01 83 f9 06 0f 84 71 01 00 00 44 89 d0 8b 54 [ 462.400531] RSP: 0018:ffffbdf980977a80 EFLAGS: 00010246 [ 462.401231] RAX: 0000000000000002 RBX: ffff9a47db0f2d80 RCX: 0000000000000001 [ 462.401937] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000 [ 462.402631] RBP: ffff9a47db0f0000 R08: 0000000000000000 R09: 00000000ffffffff [ 462.403325] R10: 0000000000000001 R11: 0000000000000001 R12: 0000000000000058 [ 462.404026] R13: ffff9a47db0f0a90 R14: ffff9a47ea2f6000 R15: ffffbdf982a5f300 [ 462.404722] FS: 00007f8228020740(0000) GS:ffff9a48b5e40000(0000) knlGS:0000000000000000 [ 462.405432] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 462.406152] CR2: ffff9a4bdb0f2d88 CR3: 000000012b41a000 CR4: 00000000003506e0 [ 462.406901] Call Trace: [ 462.407611] [ 462.408306] ? srso_return_thunk+0x5/0x5f [ 462.408999] ? show_trace_log_lvl+0x26e/0x2df [ 462.409686] ? show_trace_log_lvl+0x26e/0x2df [ 462.410372] ? __mark_chain_precision+0x166/0x630 [ 462.411058] ? __die_body.cold+0x8/0xd [ 462.411742] ? page_fault_oops+0x134/0x170 [ 462.412429] ? srso_return_thunk+0x5/0x5f [ 462.413135] ? kernelmode_fixup_or_oops+0x84/0x110 [ 462.413823] ? exc_page_fault+0xa8/0x150 [ 462.414512] ? asm_exc_page_fault+0x22/0x30 [ 462.415210] ? backtrack_insn+0x408/0x800 [ 462.415909] ? copy_array+0x4d/0xb0 [ 462.416621] ? __pfx_verbose+0x10/0x10 [ 462.417321] ? __pfx_disasm_kfunc_name+0x10/0x10 [ 462.418023] __mark_chain_precision+0x166/0x630 [ 462.418725] check_cond_jmp_op+0x738/0xbd0 [ 462.419432] ? is_state_visited+0x450/0x740 [ 462.420157] do_check+0x85b/0xac0 [ 462.420854] do_check_common+0x2a9/0x340 [ 462.421566] bpf_check+0xf7c/0x10a0 [ 462.422250] ? srso_return_thunk+0x5/0x5f [ 462.422929] ? __kmem_cache_alloc_node+0x1c7/0x2d0 [ 462.423578] ? __x86_indirect_jump_thunk_r15+0x20/0x5e [ 462.424234] bpf_prog_load+0x636/0x970

Red Hat Customer Portal

koyeung Jun 25, 2024

Mondoweiss 🇵🇸Jun 24, 2024

Israeli doctors share prisoners’ medical information with interrogators to “greenlight” torture, teach interrogators how to inflict pain without leaving physical marks, and even actively engage in acts of torture themselves.

https://mondoweiss.net/2024/05/how-israeli-prison-doctors-assist-in-the-torture-of-palestinian-detainees/

#Palestine #Israel #Gaza
@palestine @israel

How Israeli prison doctors assist in the torture of Palestinian detainees

Mondoweiss

Does it fit in a toot?

#! /bin/bash

set -u

# find path to liblzma used by sshd
path="$(ldd $(which sshd) | grep liblzma | grep -o '/[^ ]*')"

# does it even exist?
if [ "$path" == "" ]
then
echo probably not vulnerable
exit
fi

# check for function signature
if hexdump -ve '1/1 "%.2x"' "$path" | grep -q f30f1efa554889f54c89ce5389fb81e7000000804883ec28488954241848894c2410
then
echo probably vulnerable
else
echo probably not vulnerable
fi