David Cross @david@mastodon.crossfamilyweb.com

Are all BSDs created equally? A survey of BSD kernel vulnerabilies https://media.defcon.org/DEF%20CON%2025/DEF%20CON%2025%20presentations/DEFCON-25-Ilja-van-Sprundel-BSD-Kern-Vulns.pdf | https://lobste.rs/s/qbhfpy #freebsd #netbsd #openbsd #pdf #security

#FreeBSD 11.1-RELEASE Announcement https://www.freebsd.org/releases/11.1R/announce.html #bsd #unix

#FreeBSD 11.1 released! https://lists.freebsd.org/pipermail/freebsd-announce/2017-July/001798.html

"Tag releng/11.1@r321309 as 11.1-RELEASE." <- #FreeBSD

https://svnweb.freebsd.org/changeset/base/321354

@Strog @lattera I've been using multiple layers of ROT13 for a while, but I've had interoperability issues with odd-numbered ROT13, and I'm worried about attacks when the number of layers is a power of 2.

Should I use 6 layers of ROT13?

Also, what's the recommended way to deal with binary data?
Currently, I base64 it, then 6 × ROT13, then de-base64 it.

Registration for the @eurobsdcon 2017 is opened at https://registration.eurobsdcon.org/ 😈

It's a crime

#OpenJDK 8 on #HardenedBSD will now be compiled as a Position-Independent Executable (PIE).

I'd like to thank #FreeBSD for supporting the #RPI3. Having such a physically portable system has been a tremendous help with some of my projects. I wouldn't have been able to do those projects without the selfless dedication of the FreeBSD community.

Has anyone tried to get A #CVE for #SystemD? I mean, not for a vulnerability in SystemD, but for SystemD itself.

Working on porting #SafeStack to arm64 on #HardenedBSD. I'm getting closer and closer.

https://mastodon.social/media/7QMKqDp2C6_OxWgkbUk

#FreeBSD #infosec

"systemd and Where We Want to Take the Basic Linux Userspace in 2016"

"Places we're NOT taking it include "Interoperability City," "Lake Reliability," and "The People's Republic of Sanity"."

@Gargron @KitRedgrave
Yes, systemd has democratized a whole bunch of good practices that some/many (?) people were previously ignoring.

OTOH, it has terrible design, with a sprawling mass of new deamons that are functionally-worse rewrites of existing stuff (networking, DNS resolution, NTP, ...) and tightly coupled to the init+service-manger.

Even the latter has pretty crucial features missing: https://vulpine.club/@kellerfuchs/892595

#FreeBSD 11.1-BETA3 Now Available https://lists.freebsd.org/pipermail/freebsd-stable/2017-June/087303.html #bsd #unix

Tomorrow, I'll be MFC'ing all the #StackClash fixes from #HardenedBSD 12-CURRENT to 11-STABLE. I'll also write up a blog post about how we've decided to mitigate it.