_xhr_

_xhr_, 10 days ago to random

Migrated one of my #OpenBSD VMs to @OpenBSDAms . Super fast setup process, well documented and works like a charm. 100% in line with OpenBSD's sane defaults.

Kudos to @mischa and team!

_xhr_, 20 days ago to linux

TIL that you can redirect clear(1)'s standard output to a file and the use cat on the file to clear the screen.

$ clear > foo
$ cat foo

#unix #bsd #linux #openbsd

_xhr_, 5 months ago to infosec

Another vulnerability with a name and a logo: TerraPin. This time on #SSH.

While this sounds scary, the "Terrapin attack requires an active Man-in-the-Middle attacker, that means some way for an attacker to intercept and modify the data sent from the client or server to the remote peer."

#OpenSSH on #OpenBSD already received a syspatch.

https://terrapin-attack.com/ #infosec

_xhr_, 5 months ago to random

In December, I usually share an #OpenBSD screenshot showing #xsnow

This year, I am showing a screenshot (made with grim) of #Wayland on OpenBSD. It shows #sway, foot as terminal, mpv and Firefox (although no idea if native of with XWayland). Setup on -current was simple and runs stable so far. Kudos to @matthieu and all other devs involved!

I'll stick with X for now since the WL tools miss the usual security mitigations like pledge and unveil.

_xhr_, 5 months ago to infosec

This pull request clearly shows what's currently wrong in the #infosec community.

Another misaligned CVE with a CVSS score of 9.8 for code in a contrib/ dir that is not even build by default shows up in commercial vulnerability scanners and suddenly random people press the maintainer to release an updated version.

https://github.com/madler/zlib/pull/843

_xhr_, 5 months ago to privacy

Awesome. Just detected the following #privacy preserving gems in #Firefox's 120 release notes. Use Firefox, use an ad blocker, stay safe online.

fitheach, 6 months ago to movies

We all know that the US is stuck using US customary units. Except, in the movies, major criminals always use "kilos" or "Ks" when discussing large quantities of cocaine or heroin. It's good to know that the drug dealers are helping to bring the US towards using the metric system.

#movies #metric

_xhr_, 6 months ago to random

I couldn't resist

_xhr_, 6 months ago to random

Sad to say this, but no #37c3 for me this year.

jcs, 7 months ago to random

The water wheel is now turning. [2]

thomas, 7 months ago to random

Time for a Bavarian dinner!

• Middle/in the bowl: Wurstsalat ("Sausage salad")
• Left: Bread with Obatzda (https://en.m.wikipedia.org/wiki/Obatzda)
• Center/Background: Bread and Leberkas (https://en.m.wikipedia.org/wiki/Leberk%C3%A4se)
• Background: Glass of Weißbier

It's not healthy or climate friendly but sooo tasty 😍

globalc, 7 months ago to retrocomputing

I did a tour through 3 hard off stores today, turns out they also have 8086 systems from NEC around!
Also DOS-games on disks: Ultima underworld, Syndicate. But these are quite expensive. Empty 3.5" floppy are no longer around.

I got an ATAPI cd/dvd reader/writer home with me for 330円, will try to use it in the Sun Ultra 5 to install Solaris.

Will make a wiki page to store which hardoff features old hardware (they have a bit of that on their site, but not much).
#retrocomputing

_xhr_, 9 months ago to random

PSA: if you haven't fetched your pre-ordered #cccamp23 merch yet, please come to the merch tent. There is a dedicated counter on the left side of the tent. No need to wait in line! Please boost

_xhr_, 9 months ago to random

PSA: official #cccamp23 merch sale starts today at 15:00. Pre-sale only! Bring your QR code! Please boost

Semi, 9 months ago to random German

Das #cccamp23 wird ja mein erstes Camp. Was sagen denn die Campveteranen, was man unbedingt gemacht haben muss? Engeln, klar. Bahnfahren, offensichtlich. Was noch?

_xhr_, 9 months ago to Amd

#ZenBleed a use-after-free vulnerability in #AMD Zen2 processors discovered by Tavis Ormandy.

Seems AMD also got their speculative execution share

https://lock.cmpxchg8b.com/zenbleed.html

#infosec

djm, 10 months ago to random

We've just made an OpenSSH release to fix a remotely exploitable RCE vulnerability in ssh-agent's PKCS#11 support (CVE-2023-38408). Details at https://openssh.com/releasenotes.html#9.3p2

Thanks to the Qualys Security Advisory Team for finding and reporting this bug.

fitheach, 1 year ago to random

Been away for the weekend. Had a wonderful time. Came home to find the house had been burgled. Not yet sure what is missing. Place is in a mess.

The feeling of elation has quickly taken a downturn.