Uncategorized

On Intel not talking to OpenBSD about recent FPU vuln

Chip vendors controlling the security of OSes should be more transparent in their selection process. They should maintain a list of OSVs that they maintain embargoed fixes. Then uses could determine if they want to trust the OS or not, or try to lobby to try and get the ISA vendor to support their OS. Is the OS on the list, ok then they may have some chance at fixing things. If not on the list I expect to be vulnerable until the embargo ends. There are MANY more OSes than Microsoft Windows, Apple macOS, a limited number of Linux distros, and sometimes FreeBSD.

In some forums, Bryan Cantrill is crafting a fiction. He is saying the FPU problem (and other problems) were received as a leak. He is not being truthful, inventing a storyline, and has not asked me for the facts. This was discovered by guessing Intel made a mistake. We are doing the best for OpenBSD. Our commit is best effort for our user community when Intel didn’t reply to mails asking for us to be included. But we were not included, there was no reply. End of story. That leaves us to figure things out ourselves. Bryan is just upset we guessed right. It is called science.

https://marc.info/?l=openbsd-tech&m=152894815409098&w=2

 

Standard
Uncategorized

Apple macOS 10.13.5 EFI update, CVE-2018-4251

https://support.apple.com/en-us/HT208849

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4251

 

Standard
Uncategorized

DoNotDisturb: Detect Evil Maid Attacks

https://github.com/objective-see/DoNotDisturb

https://objective-see.com/products/dnd.html

Standard
Uncategorized

MountEFI – mac tool to select drive containing an EFI to mount

This Mac-centric bash script has been rewritten as a Mac-centric Python script:

“A more robust edition of my previous MountEFI script. Added my usual collection of disk functions – plus some experimentation with callback functions.

def custom_quit():
     head(“MountEFI”)
     print(“by CorpNewt\n”)
     print(“Thanks for testing it out, for bugs/comments/complaints”)
     print(“send me a message on Reddit, or check out my GitHub:\n”)
     print(“www.reddit.com/u/corpnewt”)
     print(“www.github.com/corpnewt\n”)
     print(“Have a nice day/night!\n\n”)
exit(0)

https://github.com/corpnewt/MountEFI

Standard