Slashdot Mirror

PBKDF2 uses SHA-variants in it iteration.
Despite "Shattered", it's not "broken" yet.

There are just better more modern KDFs (like the Bcrypt used by Github, like the Scrypt designed for use in tarsnap, or like Argon2 which is the latest competition winner) that don't have PBKDF's short comings (e.g.: collision of long input pass phrases and their SHA-1).

Regarding : "Shattered" you have to understand its context.
SHA-1 has known to be not as secure as it could be (a 128bit SHA-1 has not 128bits of security) for quite some time.
(The main reason why SHA-2 was developed and is now widely used in cryptography, and a partial reason why SHA-3 got recently developed-though-competition (the other reasons being that SHA-3 / Keccak also introduce some novel interesting concepts) ).

Because of this it was widely speculated that collision could be found.
A team of security research spent massive resource (lots of computation time) to search for collision (not brute forcing the whole 128bits space of sha-1 - which would be hard in any reasonable time -, but cleverly exploiting the above known limitation and vulnerability of sha-1).
After spending a considerable amount of time they managed to create two different blocs of (complete non-sense random) data that happen to hash to the exact same value.
It's not that they can generate collision at a whim, they can generate collision at a tremendous computational cost (but still an achievable cost - unlike the whole 128bits search space), and thus far managed to generate exactly 1 such collision.

Also due to the block-iterative way SHA (And most other pre-SHA-3 hashes) operate, it means you can stick this block in a file in a specific way, and get the same hash as if you stuck the collision in the other wise same file.

That limits severly the possible uses of this collision. You need a situation where you can store arbitrary noisy binary data, and have a program that can react to the presence of one or the other piece of data.

Currently, the only successful demo of Shattered is in a PDF file, because PDF can store arbitrary blobs (e.g.: used to storing bitmap data for illustrations, fonts, etc.) and the PostScript language used in PDF is Turing-Complete (some people are even writing ray-tracers written in post-script).
So you can craft a special PDF that hashes to the same SHA-1 sum, but whose PostScript will generated two different document, depending on which of the two collision block is stored in the blobs.

It's pretty limited in practical use.

In PBKDF, it means that you can have two long passphrases, that will generate the same SHA-1 on the first round of PBKFD2 (so you have a tripple collision : both long passphrase containing the 2 blocks of Shattered, and their SHA-1 sum)

But the exploitability of such a solution is quite limited (complex scenarios like an oracle giving passwords, and Eve secretely colluding with the oracle, so the oracles gives two provably different password to Alice and Eve (e.g.: if they compare the SHA256 or SHA3 of the passwords, they are different), but Eve can use her password to unlock Alice's stuff. And vice versa).

So :
TL;DR: Shattered isn't affecting PBKDF2 directly that much, but people have moved to more modern KDFs anyway, because they are better.

beowulf cluster. Seriously Slashdot, you're slipping.

So basically distcc, icecc, ore any of a number of other tools?

beowulf cluster. Seriously Slashdot, you're slipping.

So basically distcc, icecc, ore any of a number of other tools?

There's an updated version of consolekit, it's called consolekit2. But hey, don't let it ruin your narrative.

FizzBuzzEnterpriseEdition

Read the commit history for more enterprise quality.

You DO realize this isn't a binary choice, right?

* Indent with tabs; align with spaces * Elastic Tabstops * Smart Tabs

= Smart Tabs =

Emacs: * https://github.com/jcsalomon/s...

Vim: * https://www.vim.org/scripts/sc... * http://vim.wikia.com/wiki/Inde...

So, you're telling me that, insead of simply using spaces and getting it all correct, I should use tabs, and where tabs break down *then* use spaces?

You DO realize this isn't a binary choice, right?

* Indent with tabs; align with spaces * Elastic Tabstops * Smart Tabs

= Smart Tabs =

Emacs: * https://github.com/jcsalomon/s...

Vim: * https://www.vim.org/scripts/sc... * http://vim.wikia.com/wiki/Inde...

So, you're telling me that, insead of simply using spaces and getting it all correct, I should use tabs, and where tabs break down *then* use spaces?

You DO realize this isn't a binary choice, right?

* Indent with tabs; align with spaces
* Elastic Tabstops
* Smart Tabs

= Smart Tabs =

Emacs:
* https://github.com/jcsalomon/s...

Vim:
* https://www.vim.org/scripts/sc...
* http://vim.wikia.com/wiki/Inde...

You DO realize this isn't a binary choice, right?

* Indent with tabs; align with spaces
* Elastic Tabstops
* Smart Tabs

= Smart Tabs =

Emacs:
* https://github.com/jcsalomon/s...

Vim:
* https://www.vim.org/scripts/sc...
* http://vim.wikia.com/wiki/Inde...

You seem to be willing to ignore not only my sources but also my arguments. But I'll try linking more sources anyway.

https://www.propublica.org/art...

https://github.com/propublica/...

Again, the ProPublica analysis and the vendor's study basically agree on the numbers but define "bias" in different ways. The vendor's PDF says there was no racial bias for a statistician's definition of "bias" which in practical terms, is extremely utilitarian. Again, it basically says that it's fine to discriminate against people based on race as long as the discrimination results in outcomes consistent with the overall numbers for that race. It says that if black people are statistically more likely to reoffend, it's fine to apply higher risk numbers to any and all black people in response to this to produce a statistically unbiased outcome. This is unfair to any individual, who will suffer or benefit from the averages for their race. Propublica calls that biased, rather than using the statistician's definition.

I would ask you to read the article linked in this comment and my response to it to improve your understanding on the difference, and why I disagree with using the statistician's definition to argue that racist algorithms are "unbiased" and therefore acceptable:

https://slashdot.org/comments....

RCS is a communication protocol. We can encrypt the data just like with SMS using the client of our choice. https://github.com/SilenceIM/S... Using an open, distributed protocol is much better than a closed ecosystem. For example, the keys for iMessage and most other encrypted messaging platforms are controlled by the central servers managed by the company. They issue new keys every time a new device is added to the account. It is usually not possible to see what keys have been issued or to otherwise control them from the client side. Therefore, they can read "end-to-end" encrypted messages simply by issuing a key to a device they control and recording all messages in the conversation from that point forward. Using a client to encrypt RCS eliminates this problem. Regarding metadata, whatever server processes the messages has metadata, like who is speaking with whome, how often, and when. For all of these closed systems, it is not possible to run one's own server. In the case of SMS and RCS, the cellular provider has this information. The nice part to this is that not one organization has access to the metadata for all the conversations across the platform, because almost every market has multiple viable carriers (although, large governments could collect this information from all carriers and consolidate it into a central database). In this regard, it is an improvement over iMessage, or Hangouts, or Allo, or WhatsApp, or Signal, or Telegram. But is isn't as good as running an XMPP server yourself with OMEMO encryption. Regardless, Google should be praised for supporting an open standard instead of a closed system. And RCS might finally solve the problems with concatenated SMS. https://www.smallbusinesstech....

Look at CONTRIBUTING.md. They have the Code of Conduct. Looks like they are open for contribution. https://github.com/apple/found...

They didn't have to screw the kernel, their waagent is a hideous piece of crap with can do that in userspace. When I glanced through it a while back it was doing VERY stupid things like creating a swap file with perm mode 666. Yes. I think this was one of the commits https://github.com/Azure/WALin... - if not look through the history. How stuff like that gets out the door I have no idea. What worries me is that within MS they have project ideas, but not the Unix Sysadmin skills to know what they're doing is wrong, then blaming the community for not submitting PRs to fix their issues. Yes, open source works though that for GPL ideas, but at the same time I feel MS are abusing it somewhat as free labour.

"Microsoft-secured Linux kernel."

I don't have the space to list all the things wrong with that phrase.

Can you name any security vulnerabilities in the sourcecode?

So Microsoft released a custom kernel because the kernel maintainers wouldn't accept a second rate, poorly written patch set?

Here is the code, care to explain what makes it 'second rate' or 'poorly written' and submit a PR to address it? That is how open source works, just getting upset because a company you don't like released some source code is just childish nonsense.

For all the faults of Microsoft over the many many years it has been around they are actually addressing the issue of Linux-based IoT devices getting security updates, something the Linux community in general has failed at for a long time. We'll have to wait and see if their approach succeeds but certainly the code is all out there if you want to critique it and submit a PR.

Short Answer: No.

Long answer: Maybe??? It depends.....

This is bypassing a software write-lock on the SPI flash chip. It has nothing to do with the ME, other than the fact that the SPI flash stores the ME's firmware.

The only reason you'd need this exploit to get rid of the ME firmware is if you have one of those UEFI firmwares that block unsigned firmware update "capsules".*

*Of course you could just use an SPI flash programmer in that case, but that would require desoldering the SPI chip from the motherboard in most instances.

Change log:
2018/01/01 - Added 14 Useful Links. Disable Intel ME 11 via undocumented NSA "High Assurance Platform" mode with me_cleaner, Blackhat Dec 2017 Intel ME presentation, Intel ME CVEs (CVSS Scored 7.2-10.0)

Intel CPU Backdoor Report
The goal of this report is to make the existence of Intel CPU backdoors a common knowledge and provide information on backdoor removal.

What we know about Intel CPU backdoors so far:

TL;DR version

Your Intel CPU and Chipset is running a backdoor as we speak.

The backdoor hardware is inside the CPU/Bridge and the backdoor firmware (Intel Management Engine) is in the chipset flash memory.

30C3 Intel ME live hack:
[Video] 30C3: Persistent, Stealthy, Remote-controlled Dedicated Hardware Malware
@21:43, keystrokes leaked from Intel ME above the OS, wireshark failed to detect packets.

[Quotes] Vortrag:
"the ME provides a perfect environment for undetectable sensitive data leakage on behalf of the attacker".

"We can permanently monitor the keyboard buffer on both operating system targets."

Decoding Intel backdoors:
The situation is out of control and the Libreboot/Coreboot community is looking for BIOS/Firmware experts to help with the Intel ME decoding effort.

If you are skilled in these areas, download Intel ME firmwares from this collection and have a go at them, beware Intel is using a lot of counter measures to prevent their backdoors from being decoded (explained below).

Backdoor removal:
The backdoor firmware can be removed by following this guide using the me_cleaner script.
Removal requires a Raspberry Pi (with GPIO pins) and a SOIC clip.

2017 Dec Update:
Intel ME on recent CPUs may be disabled by enabling the undocumented NSA HAP mode, use me_cleaner with -S option to set the HAP bit, see me_cleaner: HAP AltMeDisable bit.

Useful links (Added 2018 Jan 1):
Disabling Intel ME 11 via undocumented HAP mode (NSA High Assurance Platform mode)
me_cleaner: Set HAP AltMeDisable bit with -S option
Blackhat 2017: How To Hack A Turned Off Computer Or Running Unsigned Code In Intel Management Engine
EFF: Intel's Management Engine is a security hazard, and users need a way to disable it
Sakaki's EFI Install Guide/Disabling the Intel Management Engine
Intel ME bug storm: Hardware vendors race to identify and provide updates for dangerous Intel flaws.
CVE-2017-5689: An unprivileged network attacker could ga

Change log:
2018/01/01 - Added 14 Useful Links. Disable Intel ME 11 via undocumented NSA "High Assurance Platform" mode with me_cleaner, Blackhat Dec 2017 Intel ME presentation, Intel ME CVEs (CVSS Scored 7.2-10.0)

Intel CPU Backdoor Report
The goal of this report is to make the existence of Intel CPU backdoors a common knowledge and provide information on backdoor removal.

What we know about Intel CPU backdoors so far:

TL;DR version

Your Intel CPU and Chipset is running a backdoor as we speak.

The backdoor hardware is inside the CPU/Bridge and the backdoor firmware (Intel Management Engine) is in the chipset flash memory.

30C3 Intel ME live hack:
[Video] 30C3: Persistent, Stealthy, Remote-controlled Dedicated Hardware Malware
@21:43, keystrokes leaked from Intel ME above the OS, wireshark failed to detect packets.

[Quotes] Vortrag:
"the ME provides a perfect environment for undetectable sensitive data leakage on behalf of the attacker".

"We can permanently monitor the keyboard buffer on both operating system targets."

Decoding Intel backdoors:
The situation is out of control and the Libreboot/Coreboot community is looking for BIOS/Firmware experts to help with the Intel ME decoding effort.

If you are skilled in these areas, download Intel ME firmwares from this collection and have a go at them, beware Intel is using a lot of counter measures to prevent their backdoors from being decoded (explained below).

Backdoor removal:
The backdoor firmware can be removed by following this guide using the me_cleaner script.
Removal requires a Raspberry Pi (with GPIO pins) and a SOIC clip.

2017 Dec Update:
Intel ME on recent CPUs may be disabled by enabling the undocumented NSA HAP mode, use me_cleaner with -S option to set the HAP bit, see me_cleaner: HAP AltMeDisable bit.

Useful links (Added 2018 Jan 1):
Disabling Intel ME 11 via undocumented HAP mode (NSA High Assurance Platform mode)
me_cleaner: Set HAP AltMeDisable bit with -S option
Blackhat 2017: How To Hack A Turned Off Computer Or Running Unsigned Code In Intel Management Engine
EFF: Intel's Management Engine is a security hazard, and users need a way to disable it
Sakaki's EFI Install Guide/Disabling the Intel Management Engine
Intel ME bug storm: Hardware vendors race to identify and provide updates for dangerous Intel flaws.
CVE-2017-5689: An unprivileged network attacker could ga

Change log:
2018/01/01 - Added 14 Useful Links. Disable Intel ME 11 via undocumented NSA "High Assurance Platform" mode with me_cleaner, Blackhat Dec 2017 Intel ME presentation, Intel ME CVEs (CVSS Scored 7.2-10.0)

Intel CPU Backdoor Report
The goal of this report is to make the existence of Intel CPU backdoors a common knowledge and provide information on backdoor removal.

What we know about Intel CPU backdoors so far:

TL;DR version

Your Intel CPU and Chipset is running a backdoor as we speak.

The backdoor hardware is inside the CPU/Bridge and the backdoor firmware (Intel Management Engine) is in the chipset flash memory.

30C3 Intel ME live hack:
[Video] 30C3: Persistent, Stealthy, Remote-controlled Dedicated Hardware Malware
@21:43, keystrokes leaked from Intel ME above the OS, wireshark failed to detect packets.

[Quotes] Vortrag:
"the ME provides a perfect environment for undetectable sensitive data leakage on behalf of the attacker".

"We can permanently monitor the keyboard buffer on both operating system targets."

Decoding Intel backdoors:
The situation is out of control and the Libreboot/Coreboot community is looking for BIOS/Firmware experts to help with the Intel ME decoding effort.

If you are skilled in these areas, download Intel ME firmwares from this collection and have a go at them, beware Intel is using a lot of counter measures to prevent their backdoors from being decoded (explained below).

Backdoor removal:
The backdoor firmware can be removed by following this guide using the me_cleaner script.
Removal requires a Raspberry Pi (with GPIO pins) and a SOIC clip.

2017 Dec Update:
Intel ME on recent CPUs may be disabled by enabling the undocumented NSA HAP mode, use me_cleaner with -S option to set the HAP bit, see me_cleaner: HAP AltMeDisable bit.

Useful links (Added 2018 Jan 1):
Disabling Intel ME 11 via undocumented HAP mode (NSA High Assurance Platform mode)
me_cleaner: Set HAP AltMeDisable bit with -S option
Blackhat 2017: How To Hack A Turned Off Computer Or Running Unsigned Code In Intel Management Engine
EFF: Intel's Management Engine is a security hazard, and users need a way to disable it
Sakaki's EFI Install Guide/Disabling the Intel Management Engine
Intel ME bug storm: Hardware vendors race to identify and provide updates for dangerous Intel flaws.
CVE-2017-5689: An unprivileged network attacker could ga

Change log:
2018/01/01 - Added 14 Useful Links. Disable Intel ME 11 via undocumented NSA "High Assurance Platform" mode with me_cleaner, Blackhat Dec 2017 Intel ME presentation, Intel ME CVEs (CVSS Scored 7.2-10.0)

Intel CPU Backdoor Report
The goal of this report is to make the existence of Intel CPU backdoors a common knowledge and provide information on backdoor removal.

What we know about Intel CPU backdoors so far:

TL;DR version

Your Intel CPU and Chipset is running a backdoor as we speak.

The backdoor hardware is inside the CPU/Bridge and the backdoor firmware (Intel Management Engine) is in the chipset flash memory.

30C3 Intel ME live hack:
[Video] 30C3: Persistent, Stealthy, Remote-controlled Dedicated Hardware Malware
@21:43, keystrokes leaked from Intel ME above the OS, wireshark failed to detect packets.

[Quotes] Vortrag:
"the ME provides a perfect environment for undetectable sensitive data leakage on behalf of the attacker".

"We can permanently monitor the keyboard buffer on both operating system targets."

Decoding Intel backdoors:
The situation is out of control and the Libreboot/Coreboot community is looking for BIOS/Firmware experts to help with the Intel ME decoding effort.

If you are skilled in these areas, download Intel ME firmwares from this collection and have a go at them, beware Intel is using a lot of counter measures to prevent their backdoors from being decoded (explained below).

Backdoor removal:
The backdoor firmware can be removed by following this guide using the me_cleaner script.
Removal requires a Raspberry Pi (with GPIO pins) and a SOIC clip.

2017 Dec Update:
Intel ME on recent CPUs may be disabled by enabling the undocumented NSA HAP mode, use me_cleaner with -S option to set the HAP bit, see me_cleaner: HAP AltMeDisable bit.

Useful links (Added 2018 Jan 1):
Disabling Intel ME 11 via undocumented HAP mode (NSA High Assurance Platform mode)
me_cleaner: Set HAP AltMeDisable bit with -S option
Blackhat 2017: How To Hack A Turned Off Computer Or Running Unsigned Code In Intel Management Engine
EFF: Intel's Management Engine is a security hazard, and users need a way to disable it
Sakaki's EFI Install Guide/Disabling the Intel Management Engine
Intel ME bug storm: Hardware vendors race to identify and provide updates for dangerous Intel flaws.
CVE-2017-5689: An unprivileged network attacker could ga

MacOS is not used to run Linux on a Mac.

It can be. macOS includes Apple's Hypervisor.framework, atop which tools (such as xhyve) can be used to run Linux inside macOS.

This is how Docker for Mac works; it runs the Linux kernel inside Apple's Hypervisor.framework, allowing you to run Linux containers. If you have XQuartz installed, with a bit of fiddling you can run Linux GUI apps inside Docker containers on the macOS desktop.

Yaz

I wonder if I can run Linux inside Windows using parallels?

MacOS is not used to run Linux on a Mac.

It can be. macOS includes Apple's Hypervisor.framework, atop which tools (such as xhyve) can be used to run Linux inside macOS.

This is how Docker for Mac works; it runs the Linux kernel inside Apple's Hypervisor.framework, allowing you to run Linux containers. If you have XQuartz installed, with a bit of fiddling you can run Linux GUI apps inside Docker containers on the macOS desktop.

Yaz

For prototyping a language quickly, using a Packrat parser generator is far quicker, but generally requires building your own AST.

Pegmatite is designed for rapid prototyping and for teaching (where students are expected to add new language features in a couple of hours. It uses PEGs in an embedded DSL in C++. It doesn't do Packrat optimisation, because that makes it harder to debug (and by the time you need that kind of performance it's probably worth replacing it with a hand-written recursive-descent parser (which also makes helpful error messages easier to write). You can define AST node classes and declaratively associate grammar rules with AST nodes.

There are a couple of example languages in the same GitHub organisation that are about 1,000 lines of code each for a complete language with an LLVM-based JIT.

Start by recruiting your own students in a group or club, and then post a project to GitHub or Openhub.

https://www.openhub.net/

https://github.com/open-source

Change log:
2018/01/01 - Added 14 Useful Links. Disable Intel ME 11 via undocumented NSA "High Assurance Platform" mode with me_cleaner, Blackhat Dec 2017 Intel ME presentation, Intel ME CVEs (CVSS Scored 7.2-10.0)

Intel CPU Backdoor Report
The goal of this report is to make the existence of Intel CPU backdoors a common knowledge and provide information on backdoor removal.

What we know about Intel CPU backdoors so far:

TL;DR version

Your Intel CPU and Chipset is running a backdoor as we speak.

The backdoor hardware is inside the CPU/Bridge and the backdoor firmware (Intel Management Engine) is in the chipset flash memory.

30C3 Intel ME live hack:
[Video] 30C3: Persistent, Stealthy, Remote-controlled Dedicated Hardware Malware
@21:43, keystrokes leaked from Intel ME above the OS, wireshark failed to detect packets.

[Quotes] Vortrag:
"the ME provides a perfect environment for undetectable sensitive data leakage on behalf of the attacker".

"We can permanently monitor the keyboard buffer on both operating system targets."

Decoding Intel backdoors:
The situation is out of control and the Libreboot/Coreboot community is looking for BIOS/Firmware experts to help with the Intel ME decoding effort.

If you are skilled in these areas, download Intel ME firmwares from this collection and have a go at them, beware Intel is using a lot of counter measures to prevent their backdoors from being decoded (explained below).

Backdoor removal:
The backdoor firmware can be removed by following this guide using the me_cleaner script.
Removal requires a Raspberry Pi (with GPIO pins) and a SOIC clip.

2017 Dec Update:
Intel ME on recent CPUs may be disabled by enabling the undocumented NSA HAP mode, use me_cleaner with -S option to set the HAP bit, see me_cleaner: HAP AltMeDisable bit.

Useful links (Added 2018 Jan 1):
Disabling Intel ME 11 via undocumented HAP mode (NSA High Assurance Platform mode)
me_cleaner: Set HAP AltMeDisable bit with -S option
Blackhat 2017: How To Hack A Turned Off Computer Or Running Unsigned Code In Intel Management Engine
EFF: Intel's Management Engine is a security hazard, and users need a way to disable it
Sakaki's EFI Install Guide/Disabling the Intel Management Engine
Intel ME bug storm: Hardware vendors race to identify and provide updates for dangerous Intel flaws.
CVE-2017-5689: An unprivileged network attacker could ga

Change log:
2018/01/01 - Added 14 Useful Links. Disable Intel ME 11 via undocumented NSA "High Assurance Platform" mode with me_cleaner, Blackhat Dec 2017 Intel ME presentation, Intel ME CVEs (CVSS Scored 7.2-10.0)

Intel CPU Backdoor Report
The goal of this report is to make the existence of Intel CPU backdoors a common knowledge and provide information on backdoor removal.

What we know about Intel CPU backdoors so far:

TL;DR version

Your Intel CPU and Chipset is running a backdoor as we speak.

The backdoor hardware is inside the CPU/Bridge and the backdoor firmware (Intel Management Engine) is in the chipset flash memory.

30C3 Intel ME live hack:
[Video] 30C3: Persistent, Stealthy, Remote-controlled Dedicated Hardware Malware
@21:43, keystrokes leaked from Intel ME above the OS, wireshark failed to detect packets.

[Quotes] Vortrag:
"the ME provides a perfect environment for undetectable sensitive data leakage on behalf of the attacker".

"We can permanently monitor the keyboard buffer on both operating system targets."

Decoding Intel backdoors:
The situation is out of control and the Libreboot/Coreboot community is looking for BIOS/Firmware experts to help with the Intel ME decoding effort.

If you are skilled in these areas, download Intel ME firmwares from this collection and have a go at them, beware Intel is using a lot of counter measures to prevent their backdoors from being decoded (explained below).

Backdoor removal:
The backdoor firmware can be removed by following this guide using the me_cleaner script.
Removal requires a Raspberry Pi (with GPIO pins) and a SOIC clip.

2017 Dec Update:
Intel ME on recent CPUs may be disabled by enabling the undocumented NSA HAP mode, use me_cleaner with -S option to set the HAP bit, see me_cleaner: HAP AltMeDisable bit.

Useful links (Added 2018 Jan 1):
Disabling Intel ME 11 via undocumented HAP mode (NSA High Assurance Platform mode)
me_cleaner: Set HAP AltMeDisable bit with -S option
Blackhat 2017: How To Hack A Turned Off Computer Or Running Unsigned Code In Intel Management Engine
EFF: Intel's Management Engine is a security hazard, and users need a way to disable it
Sakaki's EFI Install Guide/Disabling the Intel Management Engine
Intel ME bug storm: Hardware vendors race to identify and provide updates for dangerous Intel flaws.
CVE-2017-5689: An unprivileged network attacker could ga

Change log:
2018/01/01 - Added 14 Useful Links. Disable Intel ME 11 via undocumented NSA "High Assurance Platform" mode with me_cleaner, Blackhat Dec 2017 Intel ME presentation, Intel ME CVEs (CVSS Scored 7.2-10.0)

Intel CPU Backdoor Report
The goal of this report is to make the existence of Intel CPU backdoors a common knowledge and provide information on backdoor removal.

What we know about Intel CPU backdoors so far:

TL;DR version

Your Intel CPU and Chipset is running a backdoor as we speak.

The backdoor hardware is inside the CPU/Bridge and the backdoor firmware (Intel Management Engine) is in the chipset flash memory.

30C3 Intel ME live hack:
[Video] 30C3: Persistent, Stealthy, Remote-controlled Dedicated Hardware Malware
@21:43, keystrokes leaked from Intel ME above the OS, wireshark failed to detect packets.

[Quotes] Vortrag:
"the ME provides a perfect environment for undetectable sensitive data leakage on behalf of the attacker".

"We can permanently monitor the keyboard buffer on both operating system targets."

Decoding Intel backdoors:
The situation is out of control and the Libreboot/Coreboot community is looking for BIOS/Firmware experts to help with the Intel ME decoding effort.

If you are skilled in these areas, download Intel ME firmwares from this collection and have a go at them, beware Intel is using a lot of counter measures to prevent their backdoors from being decoded (explained below).

Backdoor removal:
The backdoor firmware can be removed by following this guide using the me_cleaner script.
Removal requires a Raspberry Pi (with GPIO pins) and a SOIC clip.

2017 Dec Update:
Intel ME on recent CPUs may be disabled by enabling the undocumented NSA HAP mode, use me_cleaner with -S option to set the HAP bit, see me_cleaner: HAP AltMeDisable bit.

Useful links (Added 2018 Jan 1):
Disabling Intel ME 11 via undocumented HAP mode (NSA High Assurance Platform mode)
me_cleaner: Set HAP AltMeDisable bit with -S option
Blackhat 2017: How To Hack A Turned Off Computer Or Running Unsigned Code In Intel Management Engine
EFF: Intel's Management Engine is a security hazard, and users need a way to disable it
Sakaki's EFI Install Guide/Disabling the Intel Management Engine
Intel ME bug storm: Hardware vendors race to identify and provide updates for dangerous Intel flaws.
CVE-2017-5689: An unprivileged network attacker could ga

Change log:
2018/01/01 - Added 14 Useful Links. Disable Intel ME 11 via undocumented NSA "High Assurance Platform" mode with me_cleaner, Blackhat Dec 2017 Intel ME presentation, Intel ME CVEs (CVSS Scored 7.2-10.0)

Intel CPU Backdoor Report
The goal of this report is to make the existence of Intel CPU backdoors a common knowledge and provide information on backdoor removal.

What we know about Intel CPU backdoors so far:

TL;DR version

Your Intel CPU and Chipset is running a backdoor as we speak.

The backdoor hardware is inside the CPU/Bridge and the backdoor firmware (Intel Management Engine) is in the chipset flash memory.

30C3 Intel ME live hack:
[Video] 30C3: Persistent, Stealthy, Remote-controlled Dedicated Hardware Malware
@21:43, keystrokes leaked from Intel ME above the OS, wireshark failed to detect packets.

[Quotes] Vortrag:
"the ME provides a perfect environment for undetectable sensitive data leakage on behalf of the attacker".

"We can permanently monitor the keyboard buffer on both operating system targets."

Decoding Intel backdoors:
The situation is out of control and the Libreboot/Coreboot community is looking for BIOS/Firmware experts to help with the Intel ME decoding effort.

If you are skilled in these areas, download Intel ME firmwares from this collection and have a go at them, beware Intel is using a lot of counter measures to prevent their backdoors from being decoded (explained below).

Backdoor removal:
The backdoor firmware can be removed by following this guide using the me_cleaner script.
Removal requires a Raspberry Pi (with GPIO pins) and a SOIC clip.

2017 Dec Update:
Intel ME on recent CPUs may be disabled by enabling the undocumented NSA HAP mode, use me_cleaner with -S option to set the HAP bit, see me_cleaner: HAP AltMeDisable bit.

Useful links (Added 2018 Jan 1):
Disabling Intel ME 11 via undocumented HAP mode (NSA High Assurance Platform mode)
me_cleaner: Set HAP AltMeDisable bit with -S option
Blackhat 2017: How To Hack A Turned Off Computer Or Running Unsigned Code In Intel Management Engine
EFF: Intel's Management Engine is a security hazard, and users need a way to disable it
Sakaki's EFI Install Guide/Disabling the Intel Management Engine
Intel ME bug storm: Hardware vendors race to identify and provide updates for dangerous Intel flaws.
CVE-2017-5689: An unprivileged network attacker could ga

Nice, I can finally upgrade my lava lamp entropy source to a quantum source that uses laser light on a crystal. Why? Because /dev/urandom is for peasants.

And quickrdrand is for kings and queens.

Every year a good percentage of computer science and computer engineering undergrads write a small kernel for their coursework. It's not hard to write a kernel that solves a narrow set of requirements. When you have an every expanding scope, like in the Linux world, it gets hard. Linux has to run kiosks, mobile phones, desktops and supercomputers. And it's probably not the best possible kernel for any one of those problems, and certainly more complex than a kernel designed for a single specific purpose.

Why do we need Google Fuchsia? We don't really. But a whole lot of people leverage Little Kernel for their projects (my own company is using LK in 3 totally different ways). I blame LK for projects like Fuschia as it has turned into sort of a DIY Operating System kit.

If Linux and the BSDs are too complicated or you're just looking for some kernel you can hack up to meet your own special needs:
* NewOS
* Xv6 - a teaching OS. but people have patches for virtual memory and other goodies
* LK (little kernel) and for an example of a fork TLK (Trusted Little Kernel). LK is quite a good starting place for an aspiring osdev'r
* basekernel - rough starting place for making your own kernel
* FUZIX - a UNIX-like kernel geared toward 8-bit CPUs. but can be ported to bigger CPUs (there is a 68K port for example)
* TinyOS
* Femto OS - a kernel suitable for multitasking on small microcontrollers
* PonyOS - a graphical OS for people who love ponies (OMG Ponies). If you're looking for a more serious version see Toaruos.

There are hundreds of these hobby and learning OSes and several more complete and better established ones (like FreeRTOS).

Every year a good percentage of computer science and computer engineering undergrads write a small kernel for their coursework. It's not hard to write a kernel that solves a narrow set of requirements. When you have an every expanding scope, like in the Linux world, it gets hard. Linux has to run kiosks, mobile phones, desktops and supercomputers. And it's probably not the best possible kernel for any one of those problems, and certainly more complex than a kernel designed for a single specific purpose.

Why do we need Google Fuchsia? We don't really. But a whole lot of people leverage Little Kernel for their projects (my own company is using LK in 3 totally different ways). I blame LK for projects like Fuschia as it has turned into sort of a DIY Operating System kit.

If Linux and the BSDs are too complicated or you're just looking for some kernel you can hack up to meet your own special needs:
* NewOS
* Xv6 - a teaching OS. but people have patches for virtual memory and other goodies
* LK (little kernel) and for an example of a fork TLK (Trusted Little Kernel). LK is quite a good starting place for an aspiring osdev'r
* basekernel - rough starting place for making your own kernel
* FUZIX - a UNIX-like kernel geared toward 8-bit CPUs. but can be ported to bigger CPUs (there is a 68K port for example)
* TinyOS
* Femto OS - a kernel suitable for multitasking on small microcontrollers
* PonyOS - a graphical OS for people who love ponies (OMG Ponies). If you're looking for a more serious version see Toaruos.

There are hundreds of these hobby and learning OSes and several more complete and better established ones (like FreeRTOS).

Every year a good percentage of computer science and computer engineering undergrads write a small kernel for their coursework. It's not hard to write a kernel that solves a narrow set of requirements. When you have an every expanding scope, like in the Linux world, it gets hard. Linux has to run kiosks, mobile phones, desktops and supercomputers. And it's probably not the best possible kernel for any one of those problems, and certainly more complex than a kernel designed for a single specific purpose.

Why do we need Google Fuchsia? We don't really. But a whole lot of people leverage Little Kernel for their projects (my own company is using LK in 3 totally different ways). I blame LK for projects like Fuschia as it has turned into sort of a DIY Operating System kit.

If Linux and the BSDs are too complicated or you're just looking for some kernel you can hack up to meet your own special needs:
* NewOS
* Xv6 - a teaching OS. but people have patches for virtual memory and other goodies
* LK (little kernel) and for an example of a fork TLK (Trusted Little Kernel). LK is quite a good starting place for an aspiring osdev'r
* basekernel - rough starting place for making your own kernel
* FUZIX - a UNIX-like kernel geared toward 8-bit CPUs. but can be ported to bigger CPUs (there is a 68K port for example)
* TinyOS
* Femto OS - a kernel suitable for multitasking on small microcontrollers
* PonyOS - a graphical OS for people who love ponies (OMG Ponies). If you're looking for a more serious version see Toaruos.

There are hundreds of these hobby and learning OSes and several more complete and better established ones (like FreeRTOS).

Every year a good percentage of computer science and computer engineering undergrads write a small kernel for their coursework. It's not hard to write a kernel that solves a narrow set of requirements. When you have an every expanding scope, like in the Linux world, it gets hard. Linux has to run kiosks, mobile phones, desktops and supercomputers. And it's probably not the best possible kernel for any one of those problems, and certainly more complex than a kernel designed for a single specific purpose.

Why do we need Google Fuchsia? We don't really. But a whole lot of people leverage Little Kernel for their projects (my own company is using LK in 3 totally different ways). I blame LK for projects like Fuschia as it has turned into sort of a DIY Operating System kit.

If Linux and the BSDs are too complicated or you're just looking for some kernel you can hack up to meet your own special needs:
* NewOS
* Xv6 - a teaching OS. but people have patches for virtual memory and other goodies
* LK (little kernel) and for an example of a fork TLK (Trusted Little Kernel). LK is quite a good starting place for an aspiring osdev'r
* basekernel - rough starting place for making your own kernel
* FUZIX - a UNIX-like kernel geared toward 8-bit CPUs. but can be ported to bigger CPUs (there is a 68K port for example)
* TinyOS
* Femto OS - a kernel suitable for multitasking on small microcontrollers
* PonyOS - a graphical OS for people who love ponies (OMG Ponies). If you're looking for a more serious version see Toaruos.

There are hundreds of these hobby and learning OSes and several more complete and better established ones (like FreeRTOS).

Wow, your post is an example of what makes Slashdot worth reading. I never coded for QNX myself, and appreciate your perspective, it has the ring of truth.

I just took a look at some of the internal apis for Magenta and it is clear that a kernel built around clunky glue like that can't be anything other than a dog. Will there somehow be a flash of genius to make it magically fast? Don't count on it.

https://github.com/fuchsia-mir...

It's an MIT based open source license

Works perfectly on Pine64, for Pinebook I use anarsoul's tree; mainlining of that is waiting for dp work that was sluggish but recently gained pace. You also need patched u-boot, but patched ATF is in Debian (and lookie who's packaging that part :) ).

I'm not a security whiz, but maybe with heads?

The difference is that in Windows they were in the kernel, whereas in Linux they were in X11, which ran with root privilege and could open /dev/kmem and directly modify kernel memory.

Maybe a couple of decades ago.

Since then:
- in some distant past, font rendering on Unix was offloaded to a separate X Font Server that communicate over a socket, and didn't need it self to be root to write to the framebuffer.
- in a more recent past , font rendering was moved out of the X server, and into the client.

No it doesn't. All *NIX operating systems provide standard UNIX file permissions on device nodes and accessing /dev/dsp or the device for the internal speaker to a group is trivial.

In this case, that's the console/VT or event device (basically beep is good old "\a" bell, but on steroids, i.e.: with ioctl/writes to precisely tune the beep).
It doesn't use any audio device (no /dev/dsp).

That's indeed stupid as there are methods to give access of those to the currently loged-in user (If I'm not mistaken, basically the same work that has been done to run X11 on any non-dinosaur distros)

That's exactly what is abused by some exploits (source) :
have a symlink point to an event device (the king that is controlled by writing instead of ioctl) start a "beep" command (which will open the symlink for writing as root on each played sound), then at the perfect time reroute the symlink send a kill signal - the signal handle will try to mute the speaker (by again opening the symlink for writing), but is now writing the parameters in the target file instead of the event device.

"Linux can be rooted by a command that makes your computer beep? That's fucking idiotic, man..."

And the patch that supposedly fixes the bug contains this gem :

--- /dev/null 2018-13-37 13:37:37.000000000 +0100
+++ b/beep.c 2018-13-37 13:38:38.000000000 +0100
1337a
1,112d
!id>~/pwn.lol;beep # 13-21 12:53:21.000000000 +0100
.

Which is supposed to be an exploit of patch:
according to that source, patch supports diff written in ed scripts (you, know the one editor that is supposed to be the punch line of every "VI vs EMACS" flamewar)
and ed in turn has "! command" to execute commands.

So yes, even the patch fixing the "beep" exploit can be exploited in turn and root the system too (... of any admin careless enough to run the build of the patched package on the bare system instead of inside some container and as a non-root user).

---

Back to beep itself :
- https://sigint.sh/#/holeybeep - a good source which analyzes how beep is exploitable (basically signal handler called at the exact wrong time, while performing a switcharoo on symlink target, between the console that gets opened on each beep, and the target file that gets opened when the signal kills the audio)
- https://github.com/johnath/bee... upstream audio.

A more interesting code dump: EZ-Flash 3 kernel and Window Manager. Explorer has totally eclipsed the old file manager. At least the EZ-Flash 3 stuff heavily backs the EZ-Flash 4 which is still one of the best GBA flash carts.

Been using the unofficial fork of Nylas Mail, which might suit people who want something a little more modern than Thunderbird. It's nice and unlike the original or the official fork (Mailspring) it doesn't require registration.

Throwing it out there, because I tried Thunderbird recently and was surprised how clunky it felt. That's despite my tastes usually being conservative in terms of UI design. Once of the nice features of Windows Mail is that it has a clean, modern, easy to use UI.

https://github.com/RoliSoft/WS...

Just two days ago I set up CentOS on a Windows laptop provided by my employer using WSL-Distribution-Switcher. It'll download and run any distro published as a docker image on Docker Hub.

Related: What terminal emulator are people using on Windows? I'm using wsl-terminal currently, but I'm curious if there are compelling alternatives.

https://github.com/goreliu/wsl...

https://github.com/RoliSoft/WS...

Just two days ago I set up CentOS on a Windows laptop provided by my employer using WSL-Distribution-Switcher. It'll download and run any distro published as a docker image on Docker Hub.

Related: What terminal emulator are people using on Windows? I'm using wsl-terminal currently, but I'm curious if there are compelling alternatives.

https://github.com/goreliu/wsl...

The good news is that encrypted DNS already exists and there are plenty of servers to choose from even. https://en.wikipedia.org/wiki/... https://github.com/jedisct1/dn...

Personally, I follow people on Twitter using TwitRSS.me (I run it locally with my RSS reader, but the primary dev also hosts it). That doesn't let you post, of course, but it works fine for reading.

Maybe they used a version with a license similar to this one.

Echoing the AC that replied earlier. Can you provide the specs for the machine you have? I'm happy with my MBP, but if yours is faster, it wouldn't hurt to spec one out.

I am not sure what the parent is using, but I'm using a Dell XPS 15 9550 running High Sierra (Guide)

Geekbench scores put it at roughly 4200 for Single-Core, and 13800 for Multi-Core, which are competitive with recent Macbook Pros. I use it mostly for programming and development (including iOS/Android), and it's been absolutely perfect for that. The extra ports are especially nice for attaching/charging devices.

AFAIK, these microcode updates need to be incorporated into a bios update.

Incorrect. Most operating systems have the ability to upload a microcode update very early in their boot process.

This link explains the Linux driver: microcode.txt

If I remember correctly, Windows has a similar method(but I do not know Windows well enough to confirm this).

> rebuilt the architecture utilizing nodejs

Are you on drugs? At least PHP is type optional and has some pretty good static analysis tools. Of course, there's no one good one which hurts, but I think we use 14 different ones. I can't share that list, but there's a list of about fifty of them:

https://github.com/exakat/php-static-analysis-tools

Plus Facebook uses HHVM which is a just in time compiler for PHP which prevents you from doing a lot of stupid things.

Heres the RHEL 8 alpha branch for anaconda
https://github.com/rhinstaller...
As well as the commit activity...
https://github.com/rhinstaller...

What are the chances of a Redhat Enterprise Linux 8 release this year?