Date: Sun, 28 Nov 2021 18:00:48 +0300 From: Mehmet Erol Sanliturk <m.e.sanliturk@gmail.com> To: araujo@freebsd.org Cc: Stefan Esser <se@freebsd.org>, freebsd-hackers <freebsd-hackers@freebsd.org> Subject: Re: Does not appear to be (too) malicious ... Message-ID: <CAOgwaMt462EFhumvd_469bVU3fQRAy5_rr_Mp58FUV60yuheWQ@mail.gmail.com> In-Reply-To: <CAOfEmZh5tqb-e2vS6HNtiAWjZU3aYaJyJoQnrOQKHprdmLRMBQ@mail.gmail.com> References: <cd41bda5-6a14-c4e2-3d74-b0c5d52480ec@zohomail.com> <05580cd8-1bbf-8783-b190-40d9cdacade6@m5p.com> <CA%2ByoEx881o6frd-zy-rV55xR3vg%2BjugN0ZigdH8nAYGsB6_NfA@mail.gmail.com> <b66c39a4-1836-eab8-db9f-e839d14b13be@freebsd.org> <CAOgwaMspORHAcAKoXbgDEQ1ZFOjSHAJbpPYL67J1dVbYcPHgVA@mail.gmail.com> <CAOfEmZh5tqb-e2vS6HNtiAWjZU3aYaJyJoQnrOQKHprdmLRMBQ@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--00000000000028040705d1da99c8
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
On Sun, Nov 28, 2021 at 3:12 PM Marcelo Araujo <araujobsdport@gmail.com>
wrote:
> you all have a lot of free time.
>
>
Actually "no" .
I am retired now and I am not working for anyone , because
(1) health conditions ,
(2) to know too much , no one is liking to see me around her/him with
fear "He may become boss instead of me" or
"I may be regarded weak when he work in here" ( <--- These are
experimental results , not assumptions )
<----- This is absolute nonsense
because I never wanted to be a "boss" or "degrader of the people" ,
but a "scientist" for solving computing problems encountered by the
people since 1970 having a root since 1965 .
I am still studying very hard up to mostly morning 2.00 to 3.00 .
My most important ( let's say it ) "hobby" is to help to the people to solv=
e
their problems such ( to prepare software to solve research problems such
data analysis of PhD theses or more advanced researches , to develop
"knowledge system design and management" software , to try to develop a
"research analysis" software
, ...
Now I will start to develop a new operating system with a permissive
license such as
BSD , etc. , to be able to handle ( not "Very" , but ) "Large scale
software stacks"
because at present there is no such an operating system .
My multimedia ( data , information , knowledge ) system ( its PhD thesis
name is : A multi-media Information management system ) has hit an internal
limit(s) of both FreeBSD and Linux
and it is not possible to continue to develop it any further because I
could not find why the program is wiped away from the screen without
leaving even a simple message .
Logging is not usable because the last part is completely missing .
Debugging is impossible because a few minute run is using approximately
entry-exit pairs reaching at least 500 hundred millions excluding mouse
interrupts , run is based on recursive entries of
a body running correctly with a very large number of re-entries .
To be able to continue , it is necessary to to have a NEW operating system
able to
manage such large systems :
Because :
(1) Used compilation . linking , and execution models are not suitable for
such large systems ,
(2) There is a need to distribute computations over systems . Existing
systems are no more than
, approximately , NFS .
(3) The present models are not able to find error sources when they occur .
used debugging models can only be used on small systems . They are not able
to detect errors in a large distributed system ,
(4) Present time hardware is designed for a single user , connected with a
network facility .
They are not secure , and it is not possible to generate a very secure
system .
The need is to design a new hardware computing system being able to support
software
running over it .
.
.
.
.
.
And many more completely "CRAZY" ideas about " ... software development "
...
.
.
.
.
.
It is possible to see that there is NO FREE and WASTABLE TIME ...
Trying to help people is important for me because I gained my knowledge
solely based on work and help from my predecessors . Now it is the time to
pay back their contributions to newcomers when I am able to do it and have
sufficient ability for it .
The state is this .
With my best wishes for all .
Mehmet Erol Sanliturk
> On Sun, Nov 28, 2021, 18:14 Mehmet Erol Sanliturk <m.e.sanliturk@gmail.co=
m>
> wrote:
>
>> On Sun, Nov 28, 2021 at 12:17 PM Stefan Esser <se@freebsd.org> wrote:
>>
>> > Am 28.11.21 um 02:06 schrieb Mario Lobo:
>> > > On Sat, Nov 27, 2021, 20:27 George Mitchell <george+freebsd@m5p.com>
>> > wrote:
>> > >
>> > >> On 11/27/21 17:40, Obsto Clades via freebsd-hackers wrote:
>> > >>> I hacked on the FreeBSD source code to produce a version of the OS
>> that
>> > >>> cannot be remotely hacked. Before you tell me that is impossible,=
I
>> > >>> have an answer to that response on my FAQ page.
>> > >>>
>> > >>> If you are interested in checking out my OS, you can find
>> instructions
>> > >>> on my site's home page: https://obstoclades.tech/
>> > >>>
>> > >>> I invite you to check it out.
>> > >>>
>> > >>
>> > >> Hmm, my mother told me never to click on links in strange emails ..=
.
>> > >> -- George
>> > >>
>> > >
>> > > curl http://obstoclades.tech
>> > [...]
>> > > <p class=3D"red">Connection denied by Geolocation Setting.</p=
>
>> > > <p><b> Reason: </b> Blocked country: <font color=3D"red">
>> </font>
>> > </p>
>> > > <p>The connection was denied because this country is blocked =
in
>> > the
>> > > Geolocation settings.</p>
>> > > <p>Please contact your administrator for assistance.</p>
>> > > </div>
>> > > <div class=3D"band">WatchGuard Technologies, Inc.</div>
>> > > </div>
>> > > </body>
>> > > </html>
>> >
>> > $ fetch --no-verify-peer -v -o /tmp/obstoclades.html
>> > https://obstoclades.tech
>> > resolving server address: obstoclades.tech:443
>> > SSL options: 82004854
>> > Verify hostname
>> > TLSv1.3 connection established using TLS_AES_256_GCM_SHA384
>> > Certificate subject: /CN=3Dobstoclades.tech
>> > Certificate issuer: /C=3DUS/O=3DLet's Encrypt/CN=3DR3
>> > requesting https://obstoclades.tech/
>> > fetch: https://obstoclades.tech: size of remote file is not known
>> > local size / mtime: 34916 / 1638088913
>> > /tmp/obstoclades.html 34 kB 181 kBps 0=
0s
>> >
>> > There is actual contents in this file, and it does not seem to contain
>> any
>> > malicious parts. It starts with:
>> >
>> > <!DOCTYPE html>
>> > <!--
>> > File: ObstoClades.html
>> > Copyright (c) 2021 Obsto Clades, LLC
>> > -->
>> > <html lang=3D"en">
>> > <head>
>> > <meta charset=3D"UTF-8">
>> > <title>Security is a Joke</title>
>> > <meta name=3D"description"
>> > content=3D"This demonstrates a modified BSD Operating System
>> > designed
>> > to prevent remote hacking of single-purpose computer systems.">
>> > <link rel=3D"stylesheet" type=3D"text/css" href=3D"/css/obstoclade=
s.css"/>
>> > <link rel=3D"icon" type=3D"image/x-icon" href=3D"/favicon.ico"/>
>> > <script
>> > src=3D"https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.j=
s
>> > "></script>
>> > <script src=3D"js/obstoclades.js" defer=3D"defer"></script>
>> > </head>
>> >
>> > And besides the jquery.min.js dowloaded from ajax.googleapis.com only
>> the
>> > following short and apparently benign script is downloaded as
>> > obstoclades.js:
>> >
>> > /*
>> > * File: obstoclades.js
>> > * Copyright (c) 2017 Obsto Clades, LLC
>> > */
>> >
>> > $(document).ready(function()
>> > {
>> > var $content =3D $(".content").hide();
>> > $(".img").on("click", function (e)
>> > {
>> > $(this).parent().parent().toggleClass("expanded");
>> > var ttt =3D $(this).parent().children(".tooltiptext");
>> > if ($(this).parent().parent().hasClass("expanded"))
>> > {
>> > ttt.replaceWith("<span class=3D\"tooltiptext\">Click t=
o
>> > close</span>");
>> > }
>> > else
>> > {
>> > ttt.replaceWith("<span class=3D\"tooltiptext\">Click t=
o
>> > open</span>");
>> > }
>> > $(this).parent().parent().next().slideToggle();
>> > });
>> > var textHeight =3D $("#left-side-header-text").height();
>> > $("#old_english_sheepdog").height(textHeight).width(textHeight);
>> > $("#button").click(function()
>> > {
>> > $("#contactus-form").submit();
>> > })
>> > });
>> >
>> > He invites to attack his server using a SSH login with provided
>> > credentials,
>> > and offers US$1000 for any successful modification of the test server.
>> See
>> > the following video, which shows that root on the consonle and root vi=
a
>> su
>> > in the SSH session get quite different environments:
>> >
>> > https://obstoclades.tech/video/demo-video.mp4
>> >
>> > This looks like a setup with lots of restrictions applied, probably
>> noexec
>> > mounts of temporary file systems and the like, possibly jails and/or M=
AC
>> > restrictions.
>> >
>> > He thinks that an embedded system configured that way could not be
>> > attacked,
>> > but explains that his concept is limited to e.g. IoT use cases (what h=
e
>> > calls "single-purpose computer system").
>> >
>> > Anyway, I could not find any malicious content on the web server.
>> Accessing
>> > with a SSH session (obviously configured to not allow backwards
>> tunneling)
>> > should also not be too dangerous from a dumb terminal (but beware of
>> escape
>> > sequence attacks possible with ANSI terminals, e.g. reprogramming of
>> > function
>> > keys with "ESC[code;string;...p").
>> >
>> > It looks to me like kind of a honeypot setup gathering attack attempts
>> to
>> > see whether a throw-away system can withstand them. All attack attempt=
s
>> are
>> > logged, either to learn how to perform them, or to actually improve th=
e
>> > security of his protection concept in case of a successful break-in.
>> >
>> > Regards, STefan
>> >
>>
>>
>> The message above is really a very good one because of its information
>> content .
>>
>> As a response to my message in the following link
>>
>>
>> https://lists.freebsd.org/archives/freebsd-hackers/2021-November/000515.=
html
>>
>> Obsto Clades asked me with a private message , approximately ,
>>
>> " I am connecting to the web site ... without any such message .
>>
>> Do you have more information ? " .
>>
>> I replied , "No ."
>>
>>
>> When the following link ( please notice that it is http , not https )
>>
>>
>> http://obstoclades.tech/
>>
>>
>> the response of Firefox ( 57.0.1) is the following :
>>
>> --------------------------------------------------------
>>
>> Connection denied by Geolocation Setting.
>>
>> * Reason: * Blocked country:
>>
>> The connection was denied because this country is blocked in the
>> Geolocation settings.
>>
>> Please contact your administrator for assistance.
>> WatchGuard Technologies, Inc.
>>
>>
>> --------------------------------------------------------
>>
>>
>>
>> When the following link ( please notice that it is https , not http )
>>
>>
>> https://obstoclades.tech/video/demo-video.mp4
>>
>>
>> the response of Firefox ( 57.0.1) is the following :
>>
>> --------------------------------------------------------
>>
>>
>> Your connection is not secure
>>
>> The owner of obstoclades.tech has configured their website improperly. T=
o
>> protect your information from being stolen, Firefox has not connected to
>> this website.
>>
>> Learn more=E2=80=A6
>>
>> Report errors like this to help Mozilla identify and block malicious sit=
es
>>
>>
>>
>> --------------------------------------------------------
>>
>>
>> In "Learn more ..."
>>
>> the linked page is
>>
>>
>> https://support.mozilla.org/en-US/kb/error-codes-secure-websites?as=3Du&=
utm_source=3Dinproduct
>> How to troubleshoot security error codes on secure websites
>>
>>
>> There are 2 knobs not copyable :
>>
>> (1) Go back
>>
>> (2) Advanced
>>
>>
>> When "Advanced" is clicked ( there is no linked page ) ,
>>
>> the following message is displayed :
>>
>>
>>
>>
>> --------------------------------------------------------
>>
>>
>> obstoclades.tech uses an invalid security certificate.
>>
>> The certificate is not trusted because it is self-signed.
>> The certificate is not valid for the name obstoclades.tech.
>>
>> Error code: SEC_ERROR_UNKNOWN_ISSUER
>>
>>
>> --------------------------------------------------------
>>
>>
>>
>> With a knob ( without any linked page ) as follows :
>>
>>
>> "Add Exception ..."
>>
>>
>> with an dialog pane display to add an exception for that page
>>
>> ( which I did not added because website owner may correct her/his
>> certificate
>>
>> or configuration of the website ) .
>>
>>
>> With my best wishes for all ,
>>
>>
>> Mehmet Erol Sanliturk
>>
>
--00000000000028040705d1da99c8--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAOgwaMt462EFhumvd_469bVU3fQRAy5_rr_Mp58FUV60yuheWQ>