PaX [comrade/them, they/them]

Very tired nerd who doesn’t know how to speak correctly

Ask me about floppa, Plan 9, or computer architecture or anything computers really (if you want)

:cat-vibing:

If I don’t reply to you it’s probably cuz I’m too tired, sorry :(

  • 2 Posts
  • 22 Comments
Joined 2 years ago
cake
Cake day: July 15th, 2022

help-circle
  • He rented all types of servers around the country in the cloud and designed a denial of service (DoS) attack

    doug-clap What a uniquely skilled individual!

    His feat did not go unnoticed. Over the next year he had meetings with officials from the United States Cyber Command, the branch of the armed forces dedicated to this field. He also met with officers from the Marines, the Space Operations Command and intelligence (NSA). Cáceres shared with them the keys to his successful operation and told them that, in his opinion, similar operations could be carried out with small commandos of two to four hackers. That would give them agility, autonomy and the ability to react.

    Me, a cyber-commando, dressing up in full tactical gear, ready for anything, for the trip from my gaming chair to my refrigerator to get beer while I watch my rented Azure servers send spam to a small country’s routers

    He tried, but failed. “To do anything you need authorization, which takes six months to get. And when you get it, what you wanted to do no longer works. That is the reality here in the U.S.: we have very, very good people working on our cyber defense, but they are hogtied. They can’t do anything, even though I know we have the resources to do a lot.”

    Smh our bureaucratic government won’t approve my request to start a war with the DPRK from my couch

    If he did this to any other small nation, especially a US-aligned one, he would be charged with a serious crime. The US can’t openly do electronic warfare but they can stand by and watch this clown do what basically amounts to cyber-terrorism, a least for a little while

    Anyway, now that he doxxed himself I hope the DPRK actually gives him something to fear lol

    Also

    And ever since he took down the internet in North Korea, he has also been approached by the National Security Agency (NSA). Everyone wanted to know how he did it.

    Lmao

    This is peak journalism, they obviously took him at his word






  • The vast majority of drivers are included with the Linux kernel now (in tree) so the difference usually comes down to kernel version (newer kernels have more drivers, of course) or kernel configuration set at compile-time (this can be anything from including or not including drivers, to turning driver features on and off, or more fundamental changes beyond drivers)

    You can get kernel version info from uname -a and a lot of the time, probably most of the time (this is also down to configuration), you can get kernel configuration info from /proc/config.gz (use gzip -d to decompress) or something like /boot/config

    Then you can run diff on configurations of 2 different distro kernels you’re interested in to see how the 2 distribution’s kernels were set up differently

    This could also be caused by different setups of userspace tools or UI that interact with these drivers in different, sometimes worse ways but this is usually much less likely in my experience (most Linux distros do things like this the same way these days tbh)

    Oh, also, there are a lot of drivers that require vendor-supplied firmware or binary blobs to function and most of the time distros don’t bake these into the kernel (although it is possible) and different distros might have more or less of these blobs available or installed by default or they might be packaged differently. The kernel should print an error message if it can’t find blobs it needs though

    I guess there’s kinda a lot to consider lol. Sorry if all of this is obvious

    What hardware are you talking about specifically?






  • What motherboard do you have? Also what happens exactly when the lock-ups happen? Have you ever been playing audio when the lock-ups happen and does it loop or stop or keep playing?

    I recently had to “fix” (workaround) a similar issue in the OpenBSD kernel with a specific hardware peripheral on my PC (running a 2nd-gen Ryzen), the High Definition Audio controller. For whatever reason (and only when I was running OpenBSD) interrupts from the HDA controller (to let the CPU know to refill audio buffers) would just randomly stop making it to the CPU and audio would loop for a few seconds and then shut off. I spent a long time trying to figure out what causes it and reading Linux driver code but I couldn’t find a cause or why only OpenBSD would trigger it. I ended up having to write kind of a hacky polling mode into the HDA driver. My only guess is some of these AMD-chipset-having motherboards have faulty interrupt controllers.

    Maybe there is a similar issue with your system and timer interrupts aren’t making it to your CPU or something. But I’m not really an expert on PC architecture and idek if it even works like that on PCs lol

    Sorry for so many questions but do you also have any kernel logs available from when this happens?











  • Another thing to keep in mind is that imperialism also has the effect of driving down wages in the imperial core since the capitalist can pay their workers less if the price of basic, essential commodities can be decreased by super-exploitation in the imperial periphery. This is a major reason why real wages in the US have been stagnant for a while, for example. So this would have a counterbalancing effect on how much a first-world worker would need to pay proportionally to their income for a case of soda if the process of imperialism were ended.


  • Well Linux is using rdrand in place of the fTPM one so … from firmware to hardware.

    That depends on your distribution’s setting of the CONFIG_RANDOM_TRUST_CPU compile-time configuration option and the random.trust_cpu sysctl setting. I’m not sure what the major distributions are doing with that at the moment.

    Then again even if you generate random numbers using pure software, is your CPU or firmware FOSS and without bugs (cough … Debian OpenSSL maintainers, cough …)? If not, and you assume you can’t trust the firmware and hardware - all your random numbers are belong to us.

    Like you said, it is impossible to be completely safe. But using proprietary cryptographic hardware/firmware, the inner workings of which are known only to Intel, introduces a lot of risk. Especially when we know the NSA spends hundreds of millions of dollars on bribing companies to introduce backdoors into their products. At least when it’s an open source cryptographic library they have to go to great lengths to create subtle bugs or broken algorithms that no one notices.

    Our CPUs are certainly backdoored too, beyond RDRAND. But it’s way more complicated to compromise any arbitrary cryptographic algorithm running on the CPU with a backdoor than making a flawed hardware RNG. Any individual operation making up a cryptographic algorithm can be verified to have executed properly according to the specification of the instruction set. It would be very obvious, for example, if XORing two 0s produced a 1, that something is very wrong. So a backdoor like this would have to only activate in very specific circumstances and it would be very obvious, limiting its use to specific targets. But a black box that produces random numbers is very, very difficult to verify.

    Ultimately, the real solution is the dissolution of the American security state and the computer monopolies.

    If I’m fucked, they’re fucked.

    Not if they’re the only ones who know about the backdoors.

    Edit: I started writing that before your edit about the “Ken Thompson hack”. An element of any good backdoor would include obfuscation of its existence, of course. The issue is it is impossible to predict every possible permutation of operations that would result in discovery of the backdoor and account for them. Maybe if you had a sentient AI dynamically rewriting its own code… anyway, backdoors in tooling like compilers is very concerning. But I’m not too concerned about a Ken Thompson type attack there just because of how widely they’re used, how many different environments they run in, and how scrutinized the outputted code is.