TPM-FAIL – security vulnerabilities in Trusted Platform Modules:
http://tpm.fail/tpmfail.pdf (PDF file)
– Affected are Platform Trust Technology (Intel), and ST33 TPM chip (STMicroelectronics). TPMs from Nuvoton/Infineon aren't affected.
– A remote attacker could retrieve certain private keys (e.g., as used by ECDSA).
– Intel provides a firmware update; vulnerable ST33 chips can't be patched.
If you were to watch the recordings of #Suricon2019, my top3 talks of day 1 are:
- Suricata Performance Testing Redux — Brad Woodberg
- Pivot like a Pro: Unified Threat Hunting in Network Security Data — Matthias Vallentin
- Empirical Bootstrapping of EVE-JSON Schema Documentation — Sascha Steinbiss, Konstantin Klinger
Woodberg will publish all the data later this week. 😍
ANSSI talk felt sabotaged by lacking the authz to disclose their findings. 😟
NordVPN breach was worse than I thought.
'TechCrunch took NordVPN to task on the somewhat dismissive tone of its breach disclosure, noting that the company suffered a significant breach that went undetected for more than a year.
Kenneth White, director of the Open Crypto Audit Project, said on Twitter that based on the dumped Pastebin logs detailing the extent of the intrusion, “the attacker had full remote admin on their Finland node containers.” '
Haha, a pam_pyhton 0day by stealh. Including old school greetings. Feels a bit like exploits at end of the 90's 😂
UK ISP group names Mozilla 'Internet Villain' for supporting 'DNS-over-HTTPS' | ZDNet
UK government and local ISPs are putting the pressure on browsers to drop plans to support DoH protocol.
Who comes up with this kind of #API?
> If the destination is on the current filesystem, then os.rename() is used. Otherwise, src is copied (using shutil.copy2()) to dst and then removed.
Except that shutil.copy2 does not copy ownership info on some OSes. So depending on your OS and mountpoints, you may end up with a security hole, because of lost ownership info.
TIL: sh, in shutil, stands for shitty. Same applies to shlex.
> PPP over Q-in-Q encapsulation supports configurable outer tag Ethertype. The configurable Ethertype field values are 0x8100 (default), 0x9100, and 0x9200.
Why not use 0x88A8 like everybody else? Why would you not even consider this standard value as an acceptable config?
F*** U, Cisco.
@x_cli Thank you so much for your kind words!
We have recently posted a piece about wanting to stay small (both
for decentralization and to keep the human way we do things), and rationalizing our services over the next 2 years. The english translation is available here https://framablog.org/2019/09/26/lets-de-frama-tify-the-internet/ ;)
So Cloudflare CTO John Graham-Cumming told me:
"US-based company (Mozilla) is working with US-based company (Cloudflare) on technology to be used by US-based users defending against ISP #DNS BS which ISPs have chosen to defend in Congress."
I read "Europeans should develop their own browser". (cc @Framasoft)
I also read that #Mozilla sold us, non-US citizens.
I also read no argument against my accusation of an unfair competitive advantage for #Cloudflare.
Announcing release of #Suricata 5.0.0
Protocol additions, rule lang cleanup, eBPF/#XDP, (experimental) datasets, JA3S and more:
This is a true coincidence, because today is also the 1st beta release of #Mobilizon https://framablog.org/2019/10/15/mobilizon-lifting-the-veil-on-the-beta-release/
So let's thank MeetUp for giving us even more reasons to free our events from their walled garden !
The ultimate messenger protocol comparison chart
Open hardware, open source 48-ports serial port hub: https://freetserv.github.io/
That project is amazing :)