For we wrestle not against flesh and blood, but against principalities, against powers, against the rulers of the darkness of this world, against spiritual wickedness in high places. — Ephesians 6:12
Original art design - The Fellowship of Libre firmware: Hunting the Shadow 最初の章:預言者の到来 Since the birth of the technology deity, the free software/firmware/hardware community has faced numerous adversaries, and Intel ME (Management Engine) stands as one of the most clandestine enemies.
Principle of OTR protocol Diffie–Hellman (DH) key exchange Diffie–Hellman key exchange is performed between integers and a finite cyclic group. Started here, integers are represented with lowercase letters, while elements of the cyclic group are represented with uppercase letters, and “==” is used to represent mathematical identity.
Character of finite cyclic groups The number of the elements of a finite cyclic group is finite (as its name), and is called the order of the group.
===
Abstract perf is a complex system in linux kernel, and exists other vulnerabilities like CVE-2013-2094. Di Shen, a member of Keen Team, presetated a parper (Defeating Samsung KNOX with zero privilege)[1] that mentioned CVE-2016-6787[2].
Analysis of CVE-2016-6787 This is a double-free vulnerability. The vulnerable object is struct perf_event_context. Review below code firstly, the mainly bug is in the if(move_group) statement; thus set move_group to 1 is necessary. We will talk about how to set the variable move_group up in later section.
Install the prerequisite packages: Or if you are using PaX/Grsecurity 4.9.x:
Install the CHIPSEC Firmware security checklist based on CHIPSEC According to the firmware security training from McAfee Advanced Threat Research. CHIPSEC modules perform a couple checks for the auditing purposes:
Issue CHIPSEC Module References SMRAM Locking common.smm CanSecWest 2006 BIOS Keyboard Buffer Sanitization common.bios_kbrd_buffer DEFCON 16 SMRR Configuration common.smrr ITL 2009, CanSecWest 2009 BIOS Protection common.bios_wp BlackHat USA 2009, CanSecWest 2013, Black Hat 2013, NoSuchCon 2013 SPI Controller Locking common.
Security Promotion: Mandatory TLS Connection for XMPP Although, according to RFC7590 “Use of Transport Layer Security (TLS) in the Extensible Messaging and Presence Protocol (XMPP)”, TLS was recommended for XMPP connection. But it is not mandatory. Despite the consensus to switch XMPP on mandatory encryption reached by XMPP communities on 2014, there are still some XMPP service providers support non-encrypted connection as a fallback along with TLS.
This will probably lead to some security risks.
HardenedLinux: The way to the Ark PaX/Grsecurity no longer provides the public access to test patch in Apr 26 2017. In the FAQ of the announcement, PaX team and Spender listed a couple of reasons why they do this. As some people already know, it’s not the whole story. As the result of a discussion inside h4rdenedzer0, we believe that Linux foundation is the culprit behind all this result that the commercial/individual/community users losing access to the test patches.