Mike Belopuhov @mike@x0r.be

"End-to-End-Encryption" with Backdoors
#cryptowars #encryption

It took 30 years to make email clients sort-of secure. So now we replace email with chat systems that have exactly the same bugs.
https://github.com/oskarsve/ms-teams-rce

https://www.theregister.com/2020/10/13/microsoft_patch_tuesday/

What a missed opportunity to title this

“ICMP packets over IPv6 only want one thing and it’s disgusting”

They missed the headline of the week.

wow: #curl is moving to a RustTLS backend – initially opt-in, but the plan is to make it the default eventually. https://www.abetterinternet.org/post/memory-safe-curl/

I did *not* see that coming. I thought we might one day get a #rust alternative to curl, but curl itself embracing Rust is quite the vote of confidence.

(imo, more meaningful that FAANG's recent/continuing rust love)

Today is the 25th anniversary of Hackers and there is a live stream with director and cast commentary starting at 00:00 GMT. #HackThePlanet! https://www.dnalounge.com/calendar/2020/09-15.html

OpenBSD people ... I have a question as I am preparing an article for the next episode about OpenBSD in general and PF...

Just exactly/approx. how good of a firewall You can build out of OpenBSD? Should I simply think of pFsense or it can go way beyond that (more secure, more features, IDS/IPS)?

#openbsd #bsd #firewall #security

The State Office for Geoinformation and Surveying Lower Saxony has advertised some very exciting dev jobs in #Hannover (fairly paid for civil service in Germany). The job advertisement is in German and good German language skills are required, but nationality is not important.
They are looking for devs with skills in #OpenSource tools and modern languages like #python, #rust, #javascript, #golang, with skills in Docker, Jenkins, Kubernetes and databases like PostgreSQL.

https://lgln-karriere.niedersachsen.de/startseite/stellenausschreibungen/rd_lverm_za/stellenausschreibungen-182298.html

Why I love #Rust:

Every day at work, using #CSharp or #JavaScript, I constantly see potential #NullPointer exceptions littered throughout the code.

The lack of nulls and overall defensive mindset that #Rust enforces leaves your mind free to focus on higher-level solutions.

I don't merely "launder" money.

I also use fabric softener.

so Im going to @bsdcan 2020 :) ...
and Ill be giving a tutorial on OpenBSD Networking
and giving a talk about how we use OpenBSD +OpenBGPD in our ISP ... :)

Anybody looking for a remote sysadmin job? #FreeBSD shop, but if you have Linux/Unix experience and are BSD-curious, that should work as well. German is a plus, so is being in or near CET.
If you're interested, DM me.

#runbsd #bsdjobs

Community Story: Building a #Librem5 app with #Rust and #GTK https://puri.sm/posts/librem-5-community-story-read-it-later/ #DailyLibrem #Linux

#Rust Meetup #Munich tonight:

http://meetu.ps/e/HtWRQ/4gKfK/d

iwx(4) has been committed to #OpenBSD -current ​

https://marc.info/?l=openbsd-cvs&m=158175646601273&w=2

Now with a better call for papers link: https://2020.eurobsdcon.org/call-for-papers/ - See you in Vienna!

Today in #infosec is our first buffer overflow exploit class. I really like this class, watching the newcomers actually exploit the machine to do something unintended and watching them light up in excitement

They have 2 flags to get: one by overwriting %rip to point to another function to jump to it on return, and the other by overwriting a variable value on the stack to trigger alternate code flow paths.

Yes all the mitigations are off. But it's their first exploit.

#professor #professorlife

Blockchains are like grappling hooks, in that it's extremely cool when you encounter a problem for which they're the right solution, but it happens way too rarely in real life.
https://xkcd.com/2267/