congrats guys, some fine job by the look of it! extra lulz at marcan being butthurt about it, his copyright 'knowledge' has apparently not improved much since we crossed paths.
1
5
20y ago: seclists.org/bugtraq/2000/Oc… . didn't expect it to last this long, much less its influence. we'll see what the next 20y bring :).
2
28
4
76
i mentioned a terrible idea the other day. what do you know, a few days later kernel devs doubled down on it and managed to not fix the actual problem at all.... /o\
1
4
if memory serves, the "PaX Team' was born about 20y ago. in other news, we've just said goodbye to kmalloc and friends. AUTOSLABs FTW, all 130k of them :).
7
15
3
69
today's food for thought: A New Doctrine for Hardware Security (arxiv.org/abs/2007.09537)
1
2
12
PaX Team retweeted
I did some RDSEED benchmarks on my CPU, according to
software.intel.com/security-… supposed to be unaffected by SRBDS...
.
.
.
In short, I hate all these performance killing mitigations -- especially
when the software stack messes up and makes it worse for unaffected
users, too! 🤬
1
10
1
19
PaX Team retweeted
Had some time to update the research page this morning: grsecurity.net/research Currently at 560 citations that I've found. Probably a lot still missing. Moved some of the more interesting ones (like the recent SpecFuzz paper) closer to the top. Enjoy!
1
2
22
PaX Team retweeted
Our team is growing! Very happy to welcome @_minipli as our newest full-time kernel developer, accelerating our development of the next generation of @grsecurity features
3
16
today's quiz: what's wrong with the seemingly trivial (and even reviewed) commit 492c88720d36eb662f9f10c1633f7726fbb07fc4? (it was just backported to stable kernels, hence the belated notice)
1
4
a myth from the same academic jokers^Wresearchers who graced us with their ASLR 'research' in the past: in res.mdpi.com/d_attachment/ap… table 2 shows RAP vulnerable to ret2user (it isn't, after all we invented KERNEXEC/i386 in 2003 and UDEREF in 2006 :) but everybody else not...
2
14
23
PaX Team retweeted
I always like bugs that prove you're the first to ever use something. We seem to be the first ones to try to use the event registration system for GCC plugins since it was introduced almost a decade ago: gcc.gnu.org/bugzilla/show_bu…
1
4
32
PaX Team retweeted
Teardown of a Failed Linux LTS Spectre Fix (alternatively: Sweeping Study of a Spectacular Stable Spectre Screwup) grsecurity.net/teardown_of_a… wherein we demonstrate the value of Respectre and an independent and funded security backport/review process for the Linux kernel
1
25
2
42
today's quiz: find the infoleak bug introduced by upstream commit 85164fd8b05320 that was caught by a recent rewrite of our structleak GCC plugin.
1
4
13
looks like FreeBSD (in)security is in very (in)capable hands: youtube.com/watch?v=7kShjboN…
5
5
1
23
github.com/llvm-mirror/llvm/… academic research not at its best. it took too long considering how since the beginning the only realistic threat model was 'arbitrary read-write' (slide 5 in pax.grsecurity.net/docs/PaXT…). i hope that people won't waste another 2 decades on such 'defenses'.
3
12
