Re: Fw: Re: https://undeadly.org

2017-02-28 Thread minek van
fyi, undeadly.org has problems. Sent: Saturday, February 25, 2017 at 5:49 PM From: "Kenneth Westerback" <kwesterb...@gmail.com> To: "minek van" <minek...@mail.com>, fundrais...@openbsdfoundation.org Subject: Re: Fw: Re: https://undeadly.org The Foundation has

Re: Is OpenBSD using SHA1 anywhere?

2017-02-25 Thread minek van
In the blog: https://blog.filippo.io/so-i-lost-my-openbsd-fde-password/ I seen that "sha1" is still used, but afaik 6.1 will have a different FDE. > Sent: Thursday, February 23, 2017 at 5:27 PM > From: "Christian Weisgerber" > To: misc@openbsd.org > Subject: Re: Is OpenBSD

Is OpenBSD using SHA1 anywhere?

2017-02-23 Thread minek van
fyi, https://security.googleblog.com/2017/02/announcing-first-sha1-collision.html https://shattered.it/

The AnC attack against ASLR

2017-02-22 Thread minek van
Hello, just FYI https://www.vusec.net/projects/anc/ The AnC attack The memory management unit (MMU) of modern processors uses the cache hierarchy of the processor in order to improve the performance of page table walks. This is fundamental to efficient code execution in modern processors.

RAP - Reuse Attack Protector

2017-02-06 Thread minek van
Just read it today, hopefully it could be useful for the OpenBSD team too: http://www.prweb.com/releases/2017/02/prweb14044396.htm https://grsecurity.net/rap_announce_ret.php https://grsecurity.net/download.php#test

Is randomizing UID/GUID would make sense?

2017-01-19 Thread minek van
Hello! I can see that the default users and when creating new ones have their UID/GUID incremented by 1. Could it bring more security if the UIDs/GUIDs would be random? Or it wouldn't bring any additional security? Or something would be broken with random UIDs/GUIDs, ex.: NFS? Would it

Re: A couple of password pointers to avoid failed login(1) via cu(1)

2017-01-18 Thread minek van
hi afaik (pls fix if not) from OpenBSD 5.1 arandom replaces urandom, no? why use arandom? # uname -mrs OpenBSD 6.0 amd64 # ls -lah /dev/*random crw-r--r-- 1 root wheel 45, 3 Jan 15 12:28 /dev/arandom crw-r--r-- 1 root wheel 45, 0 Jan 18 11:20 /dev/random crw-r--r-- 1 root wheel

Project Wycheproof

2016-12-19 Thread minek van
Hello and a very Happy Christmas! https://security.googleblog.com/2016/12/project-wycheproof.html https://github.com/google/wycheproof https://news.ycombinator.com/item?id=13212937 Project Wycheproof, a set of security tests that check cryptographic software libraries for known weaknesses. We’ve

Re: ASLR bypass on OpenBSD

2016-12-08 Thread minek van
any news? > Sent: Wednesday, November 30, 2016 at 7:48 PM > From: "minek van" <minek...@mail.com> > To: misc@openbsd.org > Subject: ASLR bypass on OpenBSD > > Hello, > > older story: > > https://marc.info/?t=14212471776=1=1 > > w

Announcing OSS-Fuzz: Continuous Fuzzing for Open Source Software

2016-12-01 Thread minek van
Hello, https://testing.googleblog.com/2016/12/announcing-oss-fuzz-continuous-fuzzing.html OSS-Fuzz is launching in Beta right now, and will be accepting suggestions for candidate open source projects. Apply here: https://github.com/google/oss-fuzz#accepting-new-projects imho a great

ASLR bypass on OpenBSD

2016-11-30 Thread minek van
Hello, older story: https://marc.info/?t=14212471776=1=1 what happened since than? Was the randomization increased? Thank you OpenBSD!

Why not use malloc S by default?

2016-11-22 Thread minek van
I gaved it a try, all sets installed, xdm starts X. after first boot pkg_add firefox libreoffice gimp ln -s S /etc/malloc.conf reboot all done in virtualbox. With or without "S" the 360p testvideo lags.. but virtualbox. So tried Firefox, GIMP, LibreOffice All looks working great. So why

Re: OpenBGPD status for RPKI

2016-11-07 Thread minek van
ler" <phess...@openbsd.org> > To: "minek van" <minek...@mail.com> > Cc: misc@openbsd.org > Subject: Re: OpenBGPD status for RPKI > > There is currently no RPKI in OpenBGPD. > > > On 2016 Nov 07 (Mon) at 21:19:20 +0100 (+0100), minek van wrote: > :Hello,

Re: What is the difference between the security of HardenedBSD, security of FreeBSD, security of NetBSD, security of OpenBSD and security of DragonflyBSD?

2016-11-07 Thread minek van
The rank would be probably (if only counting the OS itself, no ports, no custom things, responsible admin): 1. OpenBSD 2. HardenedBSD the remaining are not security oriented. From what are you trying to defend? > Sent: Monday, November 07, 2016 at 1:32 PM > From: "SOUL_OF_ROOT 55"

OpenBGPD status for RPKI

2016-11-07 Thread minek van
Hello, is RPKI production ready with OpenBGPD? Does anyone uses it? Many thanks!

Re: Why isn't "sort -R" random?

2016-11-05 Thread minek van
intent for sort, as others point out this behaviour is documented. > > > > On 4 November 2016 at 11:47, Christian Gruhl <cgr...@uni-kassel.de> wrote: > > > >> Hi minek, > >> > >> On 11/04/2016 04:41 PM, minek van wrote: > >>>

Why isn't "sort -R" random?

2016-11-04 Thread minek van
Hello, # strings /dev/arandom | grep -o '[[:print:]]' | head -100 > a.txt # sort -R a.txt K ] U O B B ~ o o I I P s s Q f f p , 1 5 # X X c c W W \ \ h w v v ? ` L L L L A A A E J J Y $ | ! x 2 2 2 2 ( a q q q q 3 3 7 d + z z z S S S S F 6 = i i G G . . . : [ [ T { - } } } j j & 9 9 9 #