supersandro2000 has quit [Disconnected by services]
<gchristensen>
AAAAHHH
supersandro2000 has joined #nixos-security
<red[evilred]>
haha
<red[evilred]>
there's worse
<red[evilred]>
ready?
<red[evilred]>
oh - I've lost it
<red[evilred]>
but the password to upload to their package repo in akamai cdn was 'solarwinds123'
<red[evilred]>
so that's probably how their customers got popped
rajivr has joined #nixos-security
<pie_>
iirc some of the higher security modes in freebsd are kind of like that <red[evilred]> So, in higher security systems - the OS / Application doesn't have any ability to modify itself
<pie_>
red[evilred]: you have experience with such more secure systems?
jdnixx-M1 has quit [Ping timeout: 268 seconds]
aanderse has quit [Ping timeout: 268 seconds]
aanderse has joined #nixos-security
jdnixx-M1 has joined #nixos-security
andi- has quit [Ping timeout: 258 seconds]
justanotheruser has joined #nixos-security
andi- has joined #nixos-security
anselmolsm_ has quit [Remote host closed the connection]
red[evilred] has quit [Quit: Idle timeout reached: 10800s]
kalbasit has quit [Ping timeout: 240 seconds]
anselmolsm has joined #nixos-security
anselmolsm_ has quit [Ping timeout: 256 seconds]
anselmolsm has quit [Remote host closed the connection]
anselmolsm has joined #nixos-security
anselmolsm_ has joined #nixos-security
anselmolsm has quit [Ping timeout: 240 seconds]
cole-h has quit [Ping timeout: 260 seconds]
FRidh has joined #nixos-security
FRidh has quit [Ping timeout: 240 seconds]
FRidh has joined #nixos-security
anselmolsm_ has quit [Remote host closed the connection]
anselmolsm_ has joined #nixos-security
star_cloud has quit [Remote host closed the connection]
star_cloud has joined #nixos-security
star_cloud has quit [Excess Flood]
star_cloud has joined #nixos-security
faffolter has joined #nixos-security
faffolter has quit [Ping timeout: 256 seconds]
faffolter has joined #nixos-security
WilliButz has quit [Quit: bye]
WilliButz has joined #nixos-security
faffolter has quit [Ping timeout: 264 seconds]
faffolter has joined #nixos-security
FRidh has quit [Ping timeout: 240 seconds]
FRidh has joined #nixos-security
<IdleBot_4fae1f80>
I almost have the experience with UI-side of managing such a system (I ran an LFS build which was unmanageable from inside a unionfs chroot and unusably bare outside that unionfs chroot).
<IdleBot_4fae1f80>
But proper security guarantees almost surely require physical separation…
red[evilred] has joined #nixos-security
<red[evilred]>
pie_ (IRC): Such systems and their designs in the modern world are almost certainly classified
<red[evilred]>
but if you go back a little in time, you can find things like embedded network gear
<red[evilred]>
ie - waaaay before they were built atop of linux/bsd/qnx etc
<red[evilred]>
a friend of mine who worked on such systems but can't talk about it in any detail I'm guessing sent me this:
<red[evilred]>
let me rephrase that - I suspect may have worked on
<red[evilred]>
I don't actually know for a fact
<red[evilred]>
even a brief read of section 2 (less than half a page) illustrates the futility of it all
<red[evilred]>
so have a drink handy :-)
FRidh has quit [Ping timeout: 240 seconds]
FRidh has joined #nixos-security
<pie_>
oh boy.
<pie_>
red[evilred]: you ever see posts from nickpsecurity
<pie_>
red[evilred]: maybe i shouldnt read this right now :P my stomach isnt feeling so great, let alone do i have a drink handy
<pie_>
red[evilred]: ok the title already has me interested. by the way if you have any other reading recommendations im not game, i beg of you to send them :P (general topic, not required to be specific to this)
<pie_>
im kind of a collector of peoples bibliographies
<pie_>
though almost noone seems to keep them :(
<red[evilred]>
Sure - if I find interesting stuff I'll pass it along - happy to
<red[evilred]>
my other main area of interest other than security is performant actor-based systems
<red[evilred]>
and functional programming (but not the haskell level - yet)
<pie_>
you can also ask said friend for his public list ;P
<red[evilred]>
I don't know if they have one per se, they're my mentor and don't do social media at all.
<red[evilred]>
so doesn't have much if anything published outside of academia (and they stopped that ~30 years ago)
<pie_>
i was thinking of forwarding it but damn good for you for finding a good mentor....im super jelly ;_;
<pie_>
i kind of have too much random shit about me on the net due to not knowing better when i was younger. and bad compartmentalization and public irc logs xP
<red[evilred]>
You're more than welcome to forward any of the stuff that I send you - np.
<red[evilred]>
yeah - they've been my primary mentor for 20+ years.
<red[evilred]>
what's funny is, it pretty much doesn't matter what the subject is - I'll ask "Hey, do you know anything about <x>?" - they'll be like "Sure, I worked on <system x> in <some timeframe> which implemented that....", or "I did research at <place> on that for <system z>"
<red[evilred]>
believe me - I've tried to get a list of topic before after finding stuff that was mind-blowing for me, finding out they'd done stuff on it and I'm like: "Why didn't you tell me about this 10 years ago!?!"
<pie_>
no i meant you should f9rward their rec list to me :p
<pie_>
allso im not feeling very good today so wont be able to focus too much
<hexa->
would you mind migrating to -chat?
<pie_>
ok
<red[evilred]>
sure
<hexa->
thx
star_cloud has quit [Ping timeout: 268 seconds]
FRidh has quit [Ping timeout: 260 seconds]
FRidh has joined #nixos-security
<zgrep>
/join #nixos-chat
<zgrep>
Oops, sorry.
pie_ has quit [Quit: No Ping reply in 180 seconds.]
pie_ has joined #nixos-security
kalbasit has joined #nixos-security
anselmolsm has joined #nixos-security
anselmolsm_ has quit [Ping timeout: 260 seconds]
star_cloud has joined #nixos-security
kalbasit has quit [Ping timeout: 268 seconds]
rajivr has quit [Quit: Connection closed for inactivity]
kalbasit has joined #nixos-security
justanotheruser has quit [Ping timeout: 240 seconds]
kalbasit has quit [Remote host closed the connection]
cole-h has joined #nixos-security
justanotheruser has joined #nixos-security
star_cloud has quit [Ping timeout: 268 seconds]
lejonet has quit [Ping timeout: 256 seconds]
star_cloud has joined #nixos-security
justanotheruser has quit [Read error: Connection reset by peer]
justanotheruser has joined #nixos-security
justanotheruser has quit [Ping timeout: 256 seconds]
lejonet has joined #nixos-security
justanotheruser has joined #nixos-security
FRidh has quit [Quit: Konversation terminated!]
red[evilred] has quit [Quit: Idle timeout reached: 10800s]
justanotheruser has quit [Read error: Connection reset by peer]
justanotheruser has joined #nixos-security
<andi->
Version v0.0.0-20201216223049-8b5274cf687f of golang.org/x/crypto fixes a
<andi->
vulnerability in the golang.org/x/crypto/ssh package which allowed clients
<andi->
to cause a panic in SSH servers.
<andi->
that version string...
<andi->
> CVE-2020-29652
<{^_^}>
undefined variable 'CVE-2020-29652' at (string):452:1