h0r14 @horia@bsd.network
Horia Racoviceanu
💡 rename "man.openbsd.org" to "woman.openbsd.org"
WoMan = Wonderful Manual
Colin Percival tweeted a short thread on the “Lazy FPU” vulnerability that was just disclosed (CVE-2018-3665).
Colin credits his learning about it to Theo de Raadt. Took him ~5 hours to come up with working exploit code.
https://twitter.com/cperciva/status/1007010583244230656?s=21
More info on seclists.org and discussion on lobste.rs.
http://seclists.org/oss-sec/2018/q2/189
https://lobste.rs/s/qotnxq/confirmed_speculative_register_leakage
I'm looking for free #DNS hosts, with slave zones and DNSSEC support.
Which are your favorites?
> If you disable the redesign, you unflag your comments from being shown in the main threads of popular posts (from others browsing with the redesign) https://www.reddit.com/r/Economics/comments/8gv6a3/psa_please_disable_the_reddit_redesign/dygw7yo/
#reddit redesigns auto-playing video ads https://redditblog.com/2018/06/12/native-video-ads-are-here/
Bravo, good job. :bravo:
https://svnweb.freebsd.org/ports?view=revision&revision=470717
🔑 #OpenKeychain 5.1 adds support for #OpenPGP Web Key Directory #WKD https://www.openkeychain.org
Hopefully, K-9 Mail will support Web Key Service #WKS soon!
Apparently there are rumors that FPU state is affected by Spectre as well (h/t @mlarkin on the birdsite):
“post-Spectre rumors suggest that the %cr0 TS flag might not block speculation, permitting leaking of information about FPU state (AES keys?) across protection boundaries.”
The PINE64 people have come up with the necessary accessories to the Rock64Pro board which includes a PCI-e slot:
* RockPro64: https://www.pine64.org/?page_id=61454
* PCI-e to dual SATA II: https://www.pine64.org/?product=rockpro64-pci-e-to-dual-sata-ii-interface-card
* Prototype NAS case: https://forum.pine64.org/showthread.php?tid=6129
things are starting to warm up dramatically. My plan remains to migrate to a ClusterBoard-based design with SOPINE modules "per-machine" but now the NAS feeding them NFS need not be a Synology…
so, OpenBSD folks...my i386 machine has a crooked setting somewhere and my console (X is fine) doesn't use the full screen. wsconsctl (manually or conf) doesn't allow to set display.width or height because: read only
help?!
Happy to share my first technical post on my #blog: Setup a Radicale server on #FreeBSD https://greinbold.github.io/setup-radicale-on-freebsd/ Comments & Boost are welcome! 👍
#VPS #TechSupport Ticket
💡 [pf.conf] Use "max-pkt-rate" for ICMP
#OpenBSD httpd request rewrite https://marc.info/?l=openbsd-tech&m=152761257806283&w=2
Nice: DNS-Lookup from inside Firefox:
URL "about:networking" , select "DNS Lookup" and fire a DNS query
Tested with firefox 60
Also works with DNS-over-HTTPS (Doh)
https://gist.github.com/bagder/5e29101079e9ac78920ba2fc718aceec
Parmi les nouveautés d'Unbound 1.7.1, l'ajout de nouvelles pour authentifier un résolveur accessible via DNS-sur-TLS
« Can set tls authentication with forward-addr: IP#tls.auth.name And put the public cert bundle in tls-cert-bundle: "ca-bundle.pem". such as forward-addr: 9.9.9.9@853#dns.quad9.net or 1.1.1.1@853#cloudflare-dns.com »
Font Awesome now includes the awesome #FreeBSD logo https://fontawesome.com/icons/freebsd?style=brands
☠️ Does #OpenBSD stand a chance against state actors? https://www.reddit.com/r/openbsd/comments/8kpdqm/if_ciansa_have_exploited_pretty_much_all_routers/
