Date: Wed, 27 Dec 2023 07:59:37 -0800 From: bob prohaska <fbsd@www.zefox.net> To: John F Carr <jfc@mit.edu> Cc: Mark Millard <marklmi@yahoo.com>, "ticso@cicely.de" <ticso@cicely.de>, Marcin Cieslak <saper@saper.info>, "freebsd-arm@freebsd.org" <freebsd-arm@freebsd.org> Subject: Re: USB-serial adapter suggestions needed Message-ID: <ZYxJ6YXJeCBYN2ND@www.zefox.net> In-Reply-To: <23100FB9-BB4A-48FF-A715-84EF7F6F59A6@mit.edu> References: <ZYeDi2H754ZKyJG3@www.zefox.net> <16864054-4os0-pq3p-7qp0-7299666908os@fncre.vasb> <ZYhSYNxHcmR2I/YP@www.zefox.net> <ZYhjzPLUBT74EVau@cicely7.cicely.de> <ZYiI7KuPwabExucl@www.zefox.net> <55q37289-ss30-nq9o-7r31-086n999p394s@fncre.vasb> <ZYonM2b2X008mpaw@cicely7.cicely.de> <ZYuHW34T1rxwqdz6@www.zefox.net> <C8C30A69-05D5-45FE-B95D-A31BD13B841F@yahoo.com> <23100FB9-BB4A-48FF-A715-84EF7F6F59A6@mit.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Dec 27, 2023 at 01:48:33PM +0000, John F Carr wrote: > > > > On Dec 27, 2023, at 03:30, Mark Millard <marklmi@yahoo.com> wrote: > > > > 0000: 6C 6F 67 69 6E 3A 20 C3 AF C2 BF C2 BD C3 AF C2 login: ......... > > 0010: BF C2 BD C3 AF C2 BF C2 BD C3 AF C2 BF C2 BD C3 ................ > > 0020: AF C2 BF C2 BD C3 AF C2 BF C2 BD C3 AF C2 BF C2 ................ > > 0030: BD C3 AF C2 BF C2 BD 0A 50 61 73 73 77 6F 72 64 ........Password > > 0040: 3A : > > > > The byte pairs that start with C3 's and C2's look far from > > random to me --also they do not look like glitches. > > Those byte pairs are valid UTF-8. > > C3 AF = 000 1110 1111 = EF > C2 BF = 000 1011 1111 = BF > C2 BD = 000 1011 1101 = BD > > What EF BF BD means, I can't say. As Unicode it is "??????". > Maybe UTF-8 encoded 8 bit line noise. A simple-minded Web search for EF BF BD finds quite a few links, one being https://www.aon.com/cyber-solutions/aon_cyber_labs/when-efbfbd-and-friends-come-knocking-observations-of-byte-array-to-string-conversions/ I don't understand most of it, but it seems to imply EF BF BD are artifacts from some encryption process. What they might be doing on a private wire between two serial ports is a mystery, at least to me. SSH invokes encryption, far as I know tip and cu do not. Maybe something to do with ssh or sshd? Thanks for writing! bob prohaska
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?ZYxJ6YXJeCBYN2ND>