Tag: pax

PaX legal warning

~ hucktech ~ Leave a comment

Guys, this is your *last warning*. This stops *now* or I’m sending lawyers after you and the companies paying you to plagiarize our work and violate our *registered* copyright (which for the record entitles us to punitive damages which now are very easily provable). It’s time to get serious about attribution — what you are doing is completely unacceptable. I’m already in contact with lawyers to prepare for the next time this happens. If any of this plagiarized and misattributed code actually made it into the Linux kernel, you’d all be in a world of pain.

http://openwall.com/lists/kernel-hardening/2017/06/03/14

http://www.openwall.com/lists/kernel-hardening/2017/06/03/11

RAP

~ hucktech ~ Leave a comment

 

“RAP is here. Public demo in 4.5 test patch and commercially available today! Today’s release of grsecurity® for the Linux 4.5 kernel marks an important milestone in the project’s history. It is the first kernel to contain RAP, a defense mechanism against code reuse attacks. RAP was announced to the world at the H2HC conference in October 2015 and represents the best available solution of its type. RAP is the result of our multi-years research and development in Control Flow Integrity (CFI) technologies by PaX. It ground-breakingly scales to C and C++ code bases of arbitrary sizes and provides best-effort protection against code reuse attacks with minimal performance impact. The public version of RAP available in the grsecurity test kernels from now on demonstrates a subset of the features in the full version, available today for commercial licensing from Open Source Security, Inc. The demo version will evolve over time, but is currently tailored for x64 kernel use only and does not support C++, link-time optimization, compile time static analysis, and probabilistic return address protection. In addition, the demo’s GPLv2 license excludes userland applications due to the GCC library runtime exception for GCC plugins.” […]

https://grsecurity.net/rap_announce.php
https://grsecurity.net/rap_faq.php
https://grsecurity.net/features.php

Click to access PaXTeam-H2HC15-RAP-RIP-ROP.pdf

GRSecurity quits

~ hucktech ~ Leave a comment

https://twitter.com/grsecurity/status/626915991184932865

and:

https://twitter.com/grsecurity/status/636659374551777281

Today’s announcement:

https://grsecurity.net/announce.php

Excerpt:

“This announcement is our public statement that we’ve had enough. Companies in the embedded industry not playing by the same rules as every other company using our software violates users’ rights, misleads users and developers, and harms our ability to continue our work. Though I’ve only gone into depth in this announcement on the latest trademark violation against us, our experience with two GPL violations over the previous year have caused an incredible amount of frustration. These concerns are echoed by the complaints of many others about the treatment of the GPL by embedded Linux industry in particular over many years.”

DejaVu from 2004:

http://developers.slashdot.org/story/04/05/31/1949241/end-of-development-for-grsecurity-announced
“Beginning today, May 31, 2004, development of grsecurity will cease. On June 7, the website, forums, mailing list, and CVS will be shut down. Due to a sponsor unexpectedly dropping sponsorship of grsecurity while continually promising payment, I began the summer in debt and had to borrow money from family to pay for food. If none of the companies that depend on grsecurity, some of them being very large, are able to sponsor the project, grsecurity will cease to exist. I am not looking for paypal donations at this point, unless those that donate do so with the recognition that despite their donation, grsecurity may still never be returning.”

Things are not looking good for embedded Linux security today. I don’t know the backstories. I wonder what happens next?