From owner-freebsd-security@freebsd.org Sun Apr 29 16:50:05 2018 Return-Path: Delivered-To: freebsd-security@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 590AEFB1AE4 for ; Sun, 29 Apr 2018 16:50:05 +0000 (UTC) (envelope-from carpeddiem@gmail.com) Received: from mail-it0-x22f.google.com (mail-it0-x22f.google.com [IPv6:2607:f8b0:4001:c0b::22f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id D956C7B0F8 for ; Sun, 29 Apr 2018 16:50:04 +0000 (UTC) (envelope-from carpeddiem@gmail.com) Received: by mail-it0-x22f.google.com with SMTP id z6-v6so3503358iti.4 for ; Sun, 29 Apr 2018 09:50:04 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc; bh=FWNfm2O/sD5GkM+3aYwy3DmrkV+vyZqS9R8em1JQIFI=; b=SFqPFn5hoiF7Yf5tOSToN9Omv8DHCJqrJUW/ZYX7ilD7BSEWYk5r6Kak4BFQAKhJyw 4hxDTTyc2JKO9oOIgdtRNXoajltyyU52oGXlXW8UU3lN++PbPQXpoTQDhWZCGQvBtjwf uszvUUQFpoD2fDCsEhOj8J/+HW9E+lT2RqQMBmgy46YXR1eJp5uehBbpKNCF8V0yYc8Q tIK1ONLgrnAROkl2zLU9ir/3egb4nvCg2G+CCSf6iM06syVIwNuTggLtO1vb1IrrC/Ax bED00s3FQu6k0bDVqvCr7vJOhOf31Eexx6uivM4anSS0M42MoT8t7Vf/vwhq/ny1gf0i 2UwQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:cc; bh=FWNfm2O/sD5GkM+3aYwy3DmrkV+vyZqS9R8em1JQIFI=; b=b7DIc4wmUuHaYeHAebl4qBXnadyh0rU1bmUDECAl68QJm/BYT5H7VMX32AovOnpFLu m2bOmSzx6cNerXiQJIt5g793ZQJGb/aYnZTBi1zX5D/yOZ7bOLkRULwlma1IqtgNVE9B TRLTqT0I1WpoD0kSliNBsyShEbFYcT8Gcf0GLoOxroSWA4nl2e+4J0rGSYnZ2HNXqsQF VXmnS3V8BDnrQlOIdapQC5F7KpUtGVJL4NPxfdRcA/P5w4uaT7Ovu/dxmklW1yu/hui4 gNnxCTwiqjzE8Zf7XVc8wKI+bDnBTnYEo4CdGBQr64s+a1TFl44oaJONKcPNen80zuQv wXFw== X-Gm-Message-State: ALQs6tBMAmGP6jCicRvxbAilHfFOX1fxPo0GH1+vWoPOOYOE6UyFb1/S anZO1HTZ+O0T7BZ1Ntj07w+c0B+EDvd0mYGVyeg= X-Google-Smtp-Source: AB8JxZqjzu3uB91vmnrT1FNvQGzmW0uwYewn+qC44Ur47n+XdsIiND4T9W6Lj5pBQ5M6Z93dGvUc77YDx/dLMCm6VSw= X-Received: by 2002:a24:3555:: with SMTP id k82-v6mr8915174ita.49.1525020604311; Sun, 29 Apr 2018 09:50:04 -0700 (PDT) MIME-Version: 1.0 Sender: carpeddiem@gmail.com Received: by 10.107.130.167 with HTTP; Sun, 29 Apr 2018 09:49:43 -0700 (PDT) In-Reply-To: References: From: Ed Maste Date: Sun, 29 Apr 2018 12:49:43 -0400 X-Google-Sender-Auth: 4aQXge3_iG9bUDTNXdBYnPuTEHI Message-ID: Subject: Re: Exploit Lecture: Writing FreeBSD Malware To: grarpamp Cc: freebsd-security@freebsd.org Content-Type: text/plain; charset="UTF-8" X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 29 Apr 2018 16:50:05 -0000 On 27 April 2018 at 22:39, grarpamp wrote: > https://www.youtube.com/watch?v=bT_k06Xg-BE > > [Conference talk abstract and bio omitted] By all means do post interesting and relevant discussion on the lists, but please don't cross-post to multiple mailing lists with nothing but cut-and-pasted content from a conference web site, as here. (I'm not going to respond to the misrepresentation in the talk abstract itself, but if you're so inclined, do share what you found interesting about the talk.) From owner-freebsd-security@freebsd.org Sun Apr 29 20:24:52 2018 Return-Path: Delivered-To: freebsd-security@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id B1C57FB79E7 for ; Sun, 29 Apr 2018 20:24:52 +0000 (UTC) (envelope-from grarpamp@gmail.com) Received: from mail-io0-x232.google.com (mail-io0-x232.google.com [IPv6:2607:f8b0:4001:c06::232]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 2B4EB6A5E9 for ; Sun, 29 Apr 2018 20:24:52 +0000 (UTC) (envelope-from grarpamp@gmail.com) Received: by mail-io0-x232.google.com with SMTP id d73-v6so8148965iog.3 for ; Sun, 29 Apr 2018 13:24:52 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to; bh=Q5jEg2oFBtmUJP+zyc5tjtwxVZVA0E1CwSOWkQUqB20=; b=FUPmzg70XJQB77zreKj9equgonxxChJ20VBgtEMnH88gCxAcyzEYk2EgyvFIP5J2o1 PTOjm+S2TZ5NjiISFqQxjg4LQX2Ey5C4MH1bCgbJRi3PiLdDjESNqsdthTYVVFiztPHp hbib2QGkGpJ3h1++hlPRY+i/coVNFAybyY0rj4qdsvCeCcWlb20IgIOYx0vInIARa0gR jkW2Y6kOQfm7NnT49GIR+H6P/qqvMR6qekACrptYoo/STtP+MWXE4EuCVNU3LHvPQysj EewMBQmFbsVgAimEYOaQO5Zvlvnuyvy0kXwegDu1+lQQ0Vsu7YjFEn8CI9n94Vf7lzkV 1Fvg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to; bh=Q5jEg2oFBtmUJP+zyc5tjtwxVZVA0E1CwSOWkQUqB20=; b=DUkP4t1zs5M5ZHtc4heMTYcseMORLjvdstACgnpxIj/NfRcLJjYRXd793pHf2V5LLl jn1tKkqmIGM842xRcRy35w/1kPXTHGXBQW7dq73Oh6KWQ8Q6tbsWsxRQ5pIYwshij8I7 PZ6hbiF4lkIb3MGXBPAwDYth9KCj2YvraX9zbqMJtqfrwBeah7LeOkzm2j1zZu6h0DLE 6sBCqfGnt7n4+CperhNITAcGVIzNPsUHMTA+toJsCfwfrdOx/RsG+c4IXQhCg/qdw1Xr MiheyD51gkShNF/LgxviW0zLYOAcF9Mr2he0RhuEAMfKR7sVezHJ3Mabsmsk7K5zts/S q9vg== X-Gm-Message-State: ALQs6tBNidfCyBr4T6B5kteixE7jP+KqPqE0lU/rCwLrBTRTOY3UB32e D+X8l/DhnNQMS9H2o+kHr7wYvdmh7jMTPN2kb3k= X-Google-Smtp-Source: AB8JxZrB42hJtoT0RqKiS0XzVrsqOe3+1aReSiunaxKSoBUCAvC2ujDP4Axb9/MemHJXEGCMektskFWLGukMi8gAKvE= X-Received: by 2002:a6b:aae0:: with SMTP id g93-v6mr10228776ioj.202.1525033491183; Sun, 29 Apr 2018 13:24:51 -0700 (PDT) MIME-Version: 1.0 Received: by 2002:a02:8d6a:0:0:0:0:0 with HTTP; Sun, 29 Apr 2018 13:24:10 -0700 (PDT) In-Reply-To: References: From: grarpamp Date: Sun, 29 Apr 2018 16:24:10 -0400 Message-ID: Subject: Re: Exploit Lecture: Writing FreeBSD Malware To: freebsd-security@freebsd.org Content-Type: text/plain; charset="UTF-8" X-Mailman-Approved-At: Sun, 29 Apr 2018 23:21:40 +0000 X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 29 Apr 2018 20:24:52 -0000 It's unfortunate that some repliers end up diminishing the benefits of the perfectly legitimate means of distributing information, whereby involving and cultivating concurrent discussion across potentially interested, mutually beneficial, and or otherwise isolated / unaware groups that is "cross posting", through their comments or failure to trim addressees should their future conversation subthreads narrow to within their more usual areas. Nor is it necessarily what any particular OP may or may not find interesting or represented from time to time of their own posts, but what comes from community analysis and any application of whatever the post subject matter may be to the betterment of FreeBSD. There's yet been no discussion in thread of the subject matter itself. Yes people's inclination should be to that, rather than to the latest fashion trends :) From owner-freebsd-security@freebsd.org Mon Apr 30 13:46:51 2018 Return-Path: Delivered-To: freebsd-security@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 6D898FABB41 for ; Mon, 30 Apr 2018 13:46:51 +0000 (UTC) (envelope-from jhs@berklix.com) Received: from land.berklix.org (land.berklix.org [144.76.10.75]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "land.berklix.org", Issuer "land.berklix.org" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id E42B481878 for ; Mon, 30 Apr 2018 13:46:50 +0000 (UTC) (envelope-from jhs@berklix.com) Received: from mart.js.berklix.net (pD9FA290C.dip0.t-ipconnect.de [217.250.41.12]) (authenticated bits=0) by land.berklix.org (8.15.2/8.15.2) with ESMTPSA id w3UCpwZ5029500 (version=TLSv1 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Mon, 30 Apr 2018 12:52:02 GMT (envelope-from jhs@berklix.com) Received: from fire.js.berklix.net (fire.js.berklix.net [192.168.91.41]) by mart.js.berklix.net (8.14.3/8.14.3) with ESMTP id w3UCrZLC051310 for ; Mon, 30 Apr 2018 14:53:35 +0200 (CEST) (envelope-from jhs@berklix.com) Received: from fire.js.berklix.net (localhost [127.0.0.1]) by fire.js.berklix.net (8.14.7/8.14.7) with ESMTP id w3UCrNbY072546 for ; Mon, 30 Apr 2018 14:53:35 +0200 (CEST) (envelope-from jhs@berklix.com) Message-Id: <201804301253.w3UCrNbY072546@fire.js.berklix.net> To: freebsd-security@freebsd.org Subject: Re: Exploit Lecture: Writing FreeBSD Malware From: "Julian H. Stacey" Organization: http://berklix.eu BSD Unix Linux Consultants, Munich Germany User-agent: EXMH on FreeBSD http://berklix.eu/free/ X-From: http://www.berklix.eu/~jhs/ In-reply-to: Your message "Sun, 29 Apr 2018 16:24:10 -0400." Date: Mon, 30 Apr 2018 14:53:23 +0200 X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 30 Apr 2018 13:46:51 -0000 grarpamp wrote: > It's unfortunate that some repliers end up diminishing the benefits of the > perfectly legitimate means of distributing information, whereby involving and > cultivating concurrent discussion across potentially interested, mutually > beneficial, and or otherwise isolated / unaware groups that is "cross posting", > through their comments or failure to trim addressees should their future > conversation subthreads narrow to within their more usual areas. > > Nor is it necessarily what any particular OP may or may not find > interesting or represented from time to time of their own posts, but > what comes from community analysis and any application of whatever > the post subject matter may be to the betterment of FreeBSD. > > There's yet been no discussion in thread of the subject > matter itself. Yes people's inclination should be to that, > rather than to the latest fashion trends :) > _______________________________________________ > freebsd-security@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org" > Original post from grarpamp: > To: freebsd-security@freebsd.org > Cc: freebsd-hackers@freebsd.org, freebsd-questions@freebsd.org did contravene: ] https://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/eresources-mail.html ] C.2.3. List Charters ] "No posting should be made to more than 2 mailing lists" But unfortunate if Peter G's attack distracts technical response. Cheers, Julian -- Julian Stacey, Computer Consultant, Systems Engineer, BSD Linux Unix, Munich Brexit Referendum stole 3,700,000 votes, inc. 700,000 from British in EU. UK Govt. lied it's "democratic" in Article 50 letter to EU paragraph 3. Petition for votes: http://berklix.eu/queen/ From owner-freebsd-security@freebsd.org Fri May 4 09:52:11 2018 Return-Path: Delivered-To: freebsd-security@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id A2645FA786A for ; Fri, 4 May 2018 09:52:11 +0000 (UTC) (envelope-from SRS0=xxIP=HX=quip.cz=000.fbsd@elsa.codelab.cz) Received: from elsa.codelab.cz (elsa.codelab.cz [94.124.105.4]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 43B856C144 for ; Fri, 4 May 2018 09:52:10 +0000 (UTC) (envelope-from SRS0=xxIP=HX=quip.cz=000.fbsd@elsa.codelab.cz) Received: from elsa.codelab.cz (localhost [127.0.0.1]) by elsa.codelab.cz (Postfix) with ESMTP id ED13428430 for ; Fri, 4 May 2018 11:52:08 +0200 (CEST) Received: from illbsd.quip.test (ip-86-49-16-209.net.upcbroadband.cz [86.49.16.209]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by elsa.codelab.cz (Postfix) with ESMTPSA id 8434228435 for ; Fri, 4 May 2018 11:51:55 +0200 (CEST) To: freebsd-security@freebsd.org From: Miroslav Lachman <000.fbsd@quip.cz> Subject: Spectre-NG - Multiple new Intel CPU flaws Message-ID: <6e279745-bfe5-fad1-a1aa-3b4d0356d55d@quip.cz> Date: Fri, 4 May 2018 11:51:55 +0200 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:52.0) Gecko/20100101 Firefox/52.0 SeaMonkey/2.49.1 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 04 May 2018 09:52:11 -0000 Spectre and Meltdown was patched in FreeBSD 2 months ago and new vulnerabilities in CPU are about to come. https://www.heise.de/ct/artikel/Exclusive-Spectre-NG-Multiple-new-Intel-CPU-flaws-revealed-several-serious-4040648.html Miroslav Lachman From owner-freebsd-security@freebsd.org Fri May 4 19:34:46 2018 Return-Path: Delivered-To: freebsd-security@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 98788FB60DC for ; Fri, 4 May 2018 19:34:46 +0000 (UTC) (envelope-from rfg@tristatelogic.com) Received: from outgoing.tristatelogic.com (segfault.tristatelogic.com [69.62.255.118]) by mx1.freebsd.org (Postfix) with ESMTP id 2B4087F75A for ; Fri, 4 May 2018 19:34:45 +0000 (UTC) (envelope-from rfg@tristatelogic.com) Received: from segfault-nmh-helo.tristatelogic.com (localhost [127.0.0.1]) by segfault.tristatelogic.com (Postfix) with ESMTP id 5FE7B3AFDC for ; Fri, 4 May 2018 12:27:28 -0700 (PDT) From: "Ronald F. Guilmette" To: freebsd-security@freebsd.org Subject: Re: Spectre-NG - Multiple new Intel CPU flaws In-Reply-To: <6e279745-bfe5-fad1-a1aa-3b4d0356d55d@quip.cz> Date: Fri, 04 May 2018 12:27:28 -0700 Message-ID: <65084.1525462048@segfault.tristatelogic.com> X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 04 May 2018 19:34:46 -0000 In message <6e279745-bfe5-fad1-a1aa-3b4d0356d55d@quip.cz>, Miroslav Lachman <000.fbsd@quip.cz>u wrote: >Spectre and Meltdown was patched in FreeBSD 2 months ago and new >vulnerabilities in CPU are about to come. > >https://www.heise.de/ct/artikel/Exclusive-Spectre-NG-Multiple-new-Intel-CPU-flaws-revealed-several-serious-4040648.html I suspect that I speak for almost everyone here when I say that I really hope like hell that the story at the above link is just some sort of a colossal gag or prank. But it sure doesn't look like one. If it isn't, then diety help us all! Regards, rfg From owner-freebsd-security@freebsd.org Fri May 4 20:55:08 2018 Return-Path: Delivered-To: freebsd-security@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 94D1DFB7BE5 for ; Fri, 4 May 2018 20:55:08 +0000 (UTC) (envelope-from news@mips.inka.de) Received: from mail.inka.de (quechua.inka.de [IPv6:2a04:c9c7:0:1073:217:a4ff:fe3b:e77c]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 2F76D8494E for ; Fri, 4 May 2018 20:55:08 +0000 (UTC) (envelope-from news@mips.inka.de) Received: from localhost by mail.inka.de with local-rmail id 1fEhjN-0001mq-Ru; Fri, 04 May 2018 22:55:05 +0200 Received: from lorvorc.mips.inka.de (localhost [127.0.0.1]) by lorvorc.mips.inka.de (8.15.2/8.15.2) with ESMTP id w44KoDHE027085 for ; Fri, 4 May 2018 22:50:13 +0200 (CEST) (envelope-from news@lorvorc.mips.inka.de) Received: (from news@localhost) by lorvorc.mips.inka.de (8.15.2/8.15.2/Submit) id w44KoDNT027084 for freebsd-security@freebsd.org; Fri, 4 May 2018 22:50:13 +0200 (CEST) (envelope-from news) To: freebsd-security@freebsd.org From: Christian Weisgerber Newsgroups: list.freebsd.security Subject: Re: Spectre-NG - Multiple new Intel CPU flaws Date: Fri, 4 May 2018 20:50:13 -0000 (UTC) Message-ID: References: <6e279745-bfe5-fad1-a1aa-3b4d0356d55d@quip.cz> <65084.1525462048@segfault.tristatelogic.com> User-Agent: slrn/1.0.3 (FreeBSD) X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 04 May 2018 20:55:08 -0000 On 2018-05-04, "Ronald F. Guilmette" wrote: >>https://www.heise.de/ct/artikel/Exclusive-Spectre-NG-Multiple-new-Intel-CPU-flaws-revealed-several-serious-4040648.html > > I suspect that I speak for almost everyone here when I say that > I really hope like hell that the story at the above link is > just some sort of a colossal gag or prank. c't magazine is one of the most reputable sources in the IT press. I have no doubt that there are eight processor vulnerabilities under embargo. What there actual impact may be remains to be seen. -- Christian "naddy" Weisgerber naddy@mips.inka.de