Notices by Shawn Webb (lattera@bsd.network)

I'm thinking of bringing the #HardenedBSD GIGABYTE Cavium #ThunderX2 with me to #BSDCan to see if we can get #FreeBSD (perhaps also #OpenBSD) running on it.

Should I?

The new license plates came in! Yay!

@phessler I'm gonna write a Mastodon command-line client in C, because reasons. Mind if I use this Mastodon instance as a guinea pig?

If there was one API I would like to fully replace, it would be ioctl(2).

#Gentoo #Linux is not having a good day: https://archives.gentoo.org/gentoo-announce/message/dc23d48d2258e1ed91599a8091167002

"All Gentoo code hosted on github should for the moment be considered compromised."

On that note, I should document the steps I took to set #GitLab up in a #HardenedBSD jail.

I guess I'm too old school where we actually tried to solve the underlying issue instead of bringing production services down.

I really hate this "brogrammer" culture.

If it's 9:30pm, and you're blasting your music loud enough that I, six floors up in a hotel, can hear your music, even while wearing headphones, you're an asshat.

The next thing I want to try to do is set up #OwnCloud on #HardenedBSD to test out calendar support. My wife and I make extensive use of shared Google calendars. End goal is to limit dependency on Google as much as possible.

Today, I'm grateful for those brave souls who strive to make the world a better place. It takes courage and diligence to uplift others, especially while facing adversity.

The #Tor Diversity Project (TDP) has released an open letter to companies, projects, and other organizations: https://torbsd.org/open-letter.html

#FreeBSD #OpenBSD #NetBSD #HardenedBSD #BSD

amd64 #libhijack PoC demo code for my "Writing #FreeBSD Malware" #thotcon talk is now fully functional.

Full img: https://photos.app.goo.gl/U6CRiBwBG1iOrNAk1

#infosec

https://bsd.network/media/pGurno0q50y3kTSuGU0

@feld the only bills politicians read these days are dollar bills.

@Wolf480pl
@pixline

I'm not arguing for or against either. I prefer BSD over Linux in general. I like the coherency of the entire ecosystem, that the kernel and userland innovate in lockstep. I like that the entire filesystem hierarchy is organized and intuitive. I like the easy integration of third party tools. I love having a full development toolchain included in the base operating system. I love that going from start of system installation to application development takes 15 minutes

@Cybertrash Linux, Amazon, and Google got a six-month head start on Meltdown and Spectre. The whole rest of the world got no advanced notification. (Well, FreeBSD got 11 days.)

Yet another branded and embargoed vulnerability that leaves tons of people out in the cold without protection.

I wonder who the favorite vendors getting notified this round is. I guess whomever paid the researcher the most?

At this point, I'm going to consider embargoes as yet another form of extortion.

https://skyfallattack.com/

I wonder if someone will write an llvm sanitizer that rewrites code paths to prevent speculative or out-of-order execution.

The #spectre PoC linked to below works on #FreeBSD / #HardenedBSD on bare metal amd64. However, it doesn't work in #bhyve.

https://gist.github.com/lattera/353faebda4e4c2b3b7beaad95e44767e

If anyone needs or wants to get a hold of me, I have a burner phone with #Signal installed. It sits behind my #Tor network. Feel free to contact me at any time over Signal.

+1 443-546-8752