Thanks to gcc 14's stricter errors, today I learned that the getpwent_r/getspent_r/etc. interfaces on Linux & Solaris have basically opposite return values - on Solaris they return a non-NULL pointer on success, a NULL pointer on failure - while on Linux they return ints - 0 for success, -1 for failure - so checking for == 0 is inverted between the two. Hopefully not a lot of code uses these APIs, but I still wonder how much is broken. For instance, accountsservice gets this wrong on Solaris.

Rust on illumos

https://www.osnews.com/story/140727/rust-on-illumos/

#IllumOS #Rust

US Government 'Took Control' of a Botnet Run by Chinese Government Hackers, Says FBI Director https://news.slashdot.org/story/24/09/18/1728234/us-government-took-control-of-a-botnet-run-by-chinese-government-hackers-says-fbi-director?utm_source=rss1.0mainlinkanon

Lately my days of exploiting have been:

36 hours spent troubleshooting how broadcast/multicast traffic works on various operating systems

4 hours spent writing the actual exploit and pwning the thing

The unreasonable effectiveness of simple HTML
https://shkspr.mobi/blog/2021/01/the-unreasonable-effectiveness-of-simple-html/

I've told this story at conferences - but due to the general situation I thought I'd retell it here.

A few years ago I was doing policy research in a housing benefits office in London. They are singularly unlovely places. The walls are brightened up with posters offering helpful services for people fleeing domestic violence. The security guards on the door are cautiously indifferent to anyone walking in. The air is filled with tense conversations between partners - drowned out by the noise of screaming kids.

In the middle, a young woman sits on a hard plastic chair. She is surrounded by canvas-bags containing her worldly possessions. She doesn't look like she is in a great emotional place right now. Clutched in her hands is a games console - a PlayStation Portable. She stares at it intensely; blocking out the world with Candy Crush.

Or, at least, that's what I thought.

Walking behind her, I glance at her console and recognise the screen she's on. She's connected to the complementary WiFi and is browsing the GOV.UK pages on Housing Benefit. She's not slicing fruit; she's arming herself with knowledge.

The PSP's web browser is - charitably - pathetic. It is slow, frequently runs out of memory, and can only open 3 tabs at a time.

But the GOV.UK pages are written in simple HTML. They are designed to be lightweight and will work even on rubbish browsers. They have to. This is for everyone.

Not everyone has a big monitor, or a multi-core CPU burning through the teraflops, or a broadband connection.

The photographer Chase Jarvis coined the phrase "the best camera is the one that’s with you". He meant that having a crappy instamatic with you at an important moment is better than having the best camera in the world locked up in your car.

The same is true of web browsers. If you have a smart TV, it probably has a crappy browser.

My old car had a built-in crappy web browser.

Both are painful to use - but they work!

If your laptop and phone both got stolen - how easily could you conduct online life through the worst browser you have? If you have to file an insurance claim online - will you get sent a simple HTML form to fill in, or a DOCX which won't render?

What vital information or services are forbidden to you due to being trapped in PDFs or horrendously complicated web sites?

Are you developing public services? Or a system that people might access when they're in desperate need of help? Plain HTML works. A small bit of simple CSS will make look decent. JavaScript is probably unnecessary - but can be used to progressively enhance stuff. Add alt text to images so people paying per MB can understand what the images are for (and, you know, accessibility).

Go sit in an uncomfortable chair, in an uncomfortable location, and stare at an uncomfortably small screen with an uncomfortably outdated web browser. How easy is it to use the websites you've created?

I chatted briefly to the young woman afterwards. She'd been kicked out by her parents and her friends had given her the bus fare to the housing benefits office. She had nothing but praise for how helpful the staff had been. I asked about the PSP - a hand-me-down from an older brother - and the web browser. Her reply was "It's shit. But it worked."

I think that's all we can strive for.

Here are some stats on games consoles visiting GOV.UK

Matt Hobbs (@TheRealNooshu@hachyderm.io)

@TheRealNooshu

Replying to @TheRealNooshuInterestingly we have 3,574 users visiting GOV.UK on games consoles:
• Xbox - 2,062
• Playstation 4 - 1,457
• Playstation Vita - 25
• Nintendo WiiU - 14
• Nintendo 3DS - 16

20/22

---

❤️ 29💬 1♻️ 010:45 - Mon 01 February 2021

https://shkspr.mobi/blog/2021/01/the-unreasonable-effectiveness-of-simple-html/

#HTML5 #web #WeekNotes #work

Europol: Global Coalition Takes Down New Criminal Communication Platform
Europol and international law enforcement dismantled an encrypted communication platform that was established to facilitate serious and organised crime perpetrated by dangerous criminal networks operating on a global scale. The platform, known as Ghost, was used as a tool to carry out a wide range of criminal activities, including large-scale drug trafficking, money laundering, instances of extreme violence and other forms of serious and organised crime.

#ghost #cybercrime #europol #news #pressrelease

I gave a keynote at the FUZZING24 workshop. The video is here: https://t.co/Q0tyqEiqv6

https://www.youtube.com/watch?v=Jd1hItbf52k&feature=youtu.be

The slides are here:
https://docs.google.com/presentation/d/1vw9lywrMnNojiOIu-xU5KXZz7WzE0MYNQF6V7n6vyY8/edit?usp=sharing

IPE (Integrity Policy Enforcement) is now merged to Linus’ tree for the v6.12 kernel, after many years of upstreaming efforts.

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a430d95c5efa2b545d26a094eb5f624e36732af0

See also: https://microsoft.github.io/ipe/

It has long been known that timing analyses are a *theoretical* attack on Tor. By distributing the circuits across different jurisdictions, the goal was to make these attacks impractical to implement:

Only a "global adversary" should be able to break the anonymity by correlating the traffic from entry and exit nodes. Correlation becomes even easier if delays or content can be actively introduced into the traffic pattern.

Just as we could (theoretically) become a "global adversary" by renting enough servers, law enforcement agencies can (practically) achieve this through close cooperation, especially since Tor nodes are not evenly distributed across jurisdictions but tend to cluster in certain regions.

Western law enforcement agencies seem to have reached the "global adversary" level through collaboration (in isolated cases and certainly with significant effort). What is problematic for Tor is that other "law enforcement agencies," whose focus is on dissidents, whistleblowers, and journalists, could do the same.

So, it is finally time for cover traffic and random delays: nodes in the Tor network would introduce a random traffic background noise as well as random delays to make targeted correlations more difficult. This would make Tor even slower. This is probably why it has been avoided until now.

In conclusion, we would like to emphasize that there is no reason for regular users of the Tor browser to worry about their anonymity. These are highly targeted attacks on individual accounts of the messenger "Ricochet" over extended periods of time. Because the messenger, unlike a browser, is also reachable, it naturally has an increased attack surface for timing analyses.

https://www.tagesschau.de/investigativ/panorama/tor-netzwerk-100.html

GitLab security advisory: GitLab Critical Patch Release: 17.3.3, 17.2.7, 17.1.8, 17.0.8, 16.11.10
CVE-2024-45409 (perfect 10.0 critical 🥳 cc: @cR0w) SAML authentication bypass

GitLab doing me a heccin' concern because they're already talking about detecting unsuccessful and successful exploitation attempts. I can't definitively say if exploitation in the wild occurred based on the verbiage in this advisory.

cc: @campuscodi @goatyell @da_667

#CVE_2024_45409 #GitLab #vulnerability #CVE