I have tentatively done the work needed to get #Tailscale Taildrive sharing working on #illumos / #solaris.

It works for me. @papertigers please take a look!

https://github.com/nshalman/tailscale/releases/tag/v1.78.1-taildrive-sunos

The world's richest man has joined a growing chorus of right-wing voices attacking Wikipedia as part of an intensifying campaign against free and open access information. Why do they hate it so much?

https://www.citationneeded.news/elon-musk-and-the-rights-war-on-wikipedia/

#Wikipedia #ElonMusk #USpolitics #USpol

heres a work related question for you, if you are in a position where you can hire consulting companies to help with security work (red/blue/eng/etc):

would it be handy to be able to buy a single day of effort, 7hrs of effort, 1hr reporting, and get a report worth sharing with either partners, customers, or leadership?

I'm thinking of building out a new offering. A one-day triage/best-effort assessment. internal, external, whatevs - dealers choice.

So this PoC for CVE-2024-49113 is indeed a thing.
https://www.safebreach.com/blog/ldapnightmare-safebreach-labs-publishes-first-proof-of-concept-exploit-for-cve-2024-49113/

Their writeup is confusingly worded in that it uses both the phrases "victim DC" and "any unpatched Windows Server (not just DCs)", in the same sentence nonetheless.

While the vul can be triggered by any lookup to a malicious LDAP server by any version of Windows, this particular PoC:
- Makes a MS-NRPC Netlogon Remote Protocol to talk to Windows Server, specifically DsrGetDcNameEx2, which gets info about the specified domain.
- Windows Server checks via DNS what LDAP server to talk to to get this info.
- Windows Server talks to the (malicious) LDAP server to service the request.
- The malicious LDAP server sends an unexpected LDAP referral value, causing LSASS.EXE, and subsequently Windows, to fall over.

It's perhaps important to note that CVE-2024-49113 is "just" a DoS, and CVE-2024-49112 is the more juicy RCE one. SafeBreach has indicated that they're still investigating what a full RCE chain might look like.

The fact that SafeBreach called their CVE-2024-49113 exploit "LDAPNightmare" is a bit deceptive, IMO, as CVE-2024-49112 is the thing of nightmares (CVSS 9.8). But hey, whatever gets clicks, amirite?

Does someone happen to have a copy of the tangara-hw git repo and could push it to Github? The official repo is 502ing right now

https://git.sr.ht/~jacqueline/tangara-hw

Diving into ADB protocol internals:

part 01: https://www.synacktiv.com/publications/diving-into-adb-protocol-internals-12

part 02: https://www.synacktiv.com/en/publications/diving-into-adb-protocol-internals-22

#adb #mobile #protocol #informationsecurity #cybersecurity #reverseengineering

Project: python/cpython https://github.com/python/cpython
File: Lib/ntpath.py:343 https://github.com/python/cpython/blob/2bd5a7ab0f4a1f65ab8043001bd6e8416c5079bd/Lib/ntpath.py#L343

def expanduser(path):

SVG:
dark https://tmr232.github.io/function-graph-overview/render/?github=https%3A%2F%2Fgithub.com%2Fpython%2Fcpython%2Fblob%2F2bd5a7ab0f4a1f65ab8043001bd6e8416c5079bd%2FLib%2Fntpath.py%23L343&colors=dark
light https://tmr232.github.io/function-graph-overview/render/?github=https%3A%2F%2Fgithub.com%2Fpython%2Fcpython%2Fblob%2F2bd5a7ab0f4a1f65ab8043001bd6e8416c5079bd%2FLib%2Fntpath.py%23L343&colors=light

Progress security advisory: WhatsUp Gold Security Bulletin December 2024
@cR0w Progress allegedly published this advisory 12 December 2024, but the page wasn't available from Google search results (thank Gemini AI ✨ for being useless) and Progress doesn't maintain a dedicated security advisories section on their website. Anyway, this page hasn't been updated with new information since 12 December so it's also useless. Here are the three vulnerabilities:

• CVE-2024-12105 (6.5 medium) authenticated information disclosure via specially crafted HTTP request
• CVE-2024-12106 (9.4 critical) unauthenticated attacker can configure LDAP settings
• CVE-2024-12108 (9.6 critical) an attacker can gain access to the WhatsUp Gold server via the public API

No mention of exploitation. Patched in WhatsUp Gold version 24.0.2

#infosec #progress #whatsupgold #cve #vulnerability #cybersecurity

“This button vaporises the finger of anybody who presses it!”

“Why do you always focus on the negative? You critics should talk about the benefits of the Vaporiser2000™. Every press mints $100K USD. That’s an amazing societal benefit.”

“It mints it in the offices of those who make the button! The presser doesn’t get any. They’re using bribes and pressure to force the finger vaporisation onto others!”

“There you go again, focusing on the negative. This is why nobody takes critics seriously”

I think everyone who has an opinion, positive or negative, about LLMs, should read how @simon summed up what’s happened in the space this year. He’s the most credible, most independent, most honest, and most technically fluent person watching the space. https://simonwillison.net/2024/Dec/31/llms-in-2024/

Cost of false positives | Kellan Elliott-McCrea: Blog
https://alecmuffett.com/article/110781
#OnlineHarms #OnlineSafetyAct #classifiers #ofcom

Uhhh, I have a strange request. If you own a bread knife with a flat-sided handle in your kitchen, and calipers or something else that will measure to the nearest millimetre or so, and want something to do for 30 seconds, could you tell me how thick the handle is?

Yes, I'd like to collect some random samples of bread knife handle widths. Doesn't matter what brand, what it looks like, how long the blade is or where in the world you are.

I will explain later. Boosts appreciated.

#AskFedi

I wanted to correct something, because I know the archive's actions/function can encourage tea-leaf reading, but:

There is no throttling on the upload speed/bandwidth. There's no actual "well, only give this person X amount of speed, ha ha, tally ho" in effect.

What IS in effect, post-hack, are re-factoring of the security and networking aspects of the Archive's internals, with a focus on security before speed, and getting speed back to full is taking some time.

So there you go.