inks

dark mode

rss

best

tags

sources

random

A Huge Collection of Apollo 11 Press Kits

https://kottke.org/19/03/a-huge-collection-of-apollo-11-press-kits - [kottke.org]
2019-03-21 11:08:03
tags: archive design history space

> When Apollo 11 landed two men on the Moon and returned them safely to Earth, thousands of people at NASA were joined in the effort by dozens of companies that did everything from building the spacecraft to providing the cameras for the mission. Each of those companies was understandably proud of their involvement and wanted to use the mission to drum up interest in their products and services. Marketing strategist David Meerman Scott has been collecting the press kits produced by the Apollo contractors and has made them available online for free download in PDF format.

Main link: https://www.apollopresskits.com

source: K

^

Analysis for CVE-2019-5418 File Content Disclosure on Rails

https://chybeta.github.io/2019/03/16/Analysis-for【CVE-2019-5418】File-Content-Disclosure-on-Rails/ - [chybeta.github.io]
2019-03-21 10:47:47
tags: exploit programming ruby security turtles web

See also: https://github.com/mpgn/CVE-2019-5418

See also: https://groups.google.com/forum/#!topic/rubyonrails-security/pFRKI96Sm8Q

> replace the Accept header with Accept: ../../../../../../../../../../etc/passwd{{

Somebody found a way to put a path traversal vuln in the Accept header. Wow.

^

rdist(1) – when Ansible is too much

https://chargen.one/obsdams/rdist-1-when-ansible-is-too-much - [chargen.one]
2019-03-21 10:21:36
tags: admin openbsd swtools

> We didn’t have a requirement to go full configuration management with tools like Ansible or Salt Stack. And there wasn’t any interest in building additional logic on top of rsync or repositories. Enter rdist(1), rdist is a program to maintain identical copies of files over multiple hosts. It preserves the owner, group, mode, and mtime of files if possible and can update programs that are executing. The only tricky part with rdist(1) is that in order to copy files and restart services, owned by a privileged user, has to be done by root. Our solution to the problem was to wrap doas(1) around rdist(1).

source: L

^

Rules for Autocomplete

http://jeremymikkola.com/posts/2019_03_19_rules_for_autocomplete.html - [jeremymikkola.com]
2019-03-21 10:09:10
tags: development ux

> Autocompleting text with known values seems like an easy problem to solve, but so so so many UIs get it wrong. I see this frequently enough that, rather than complain about them individually, I though I’d just write down the set of rules they often break.

source: L

^

Death by vmmap

https://objective-see.com/blog/blog_0x3E.html - [objective-see.com]
2019-03-20 14:42:55
tags: mac swtools systems

> In this blog post, we dug into why (on macOS Mojave) executing vmmap against launchd (pid 1), deadlocks the entire system. In short, after vmmap has suspended launchd it (indirectly) attempts to ‘call’ into launchd via XPC. As launchd has been suspended (by vmmap), everything grinds to a halt.

source: L

^

Heap Exploitation Part 1: Understanding the Glibc Heap Implementation

https://azeria-labs.com/heap-exploitation-part-1-understanding-the-glibc-heap-implementation/ - [azeria-labs.com]
2019-03-19 01:12:58
tags: c malloc programming

> or this reason, before I write about exploiting heap-based vulnerabilities, I will use the first two parts of this series to talk about how the heap works. This first post will be an introduction into some high-level concepts, and a discussion about how new heap chunks are created. In the next post I will do a deeper dive into the technical implementation of how chunks are freed and recycled.

source: green

^

What is Amazon?

https://zackkanter.com/2019/03/13/what-is-amazon/ - [zackkanter.com]
2019-03-19 01:01:42
tags: business valley

> So, what is Amazon? It started as an unbound Walmart, an algorithm for running an unbound search for global optima in the world of physical products. It became a platform for adapting that algorithm to any opportunity for customer-centric value creation that it encountered. If it devises a way to keep its incentive structures intact as it exposes itself through its ever-expanding external interfaces, it – or its various split-off subsidiaries – will dominate the economy for a generation. And if not, it’ll be just another company that seemed unstoppable until it wasn’t.

source: white

^

Local privilege escalation via the Windows I/O Manager: a variant finding collaboration

https://blogs.technet.microsoft.com/srd/2019/03/14/local-privilege-escalation-via-the-windows-i-o-manager-a-variant-finding-collaboration/ - [blogs.technet.microsoft.com]
2019-03-19 00:59:18
tags: defense programming security systems windows

> In Windows, when a system call is made from a user mode thread, the system call handler records this in the thread object by setting its PreviousMode field to UserMode. If instead the system call is made from kernel mode using a Zw-prefixed function, or from a system thread, the PreviousMode of the thread will be set to KernelMode. This method of distinguishing between user mode and kernel mode callers is used to help determine if the arguments of the call are from a trusted or untrusted source, and therefore to what extent they need to be validated by the kernel.

> In his research, James found that there were various kernel mode drivers shipped with Windows that, when handling IRP_MJ_CREATE requests, check the IRP’s RequestorMode, but do not check for SL_FORCE_ACCESS_CHECK. Furthermore, these are potentially exploitable via kernel mode code that, on the face of it, appears to be doing the correct thing in setting IO_FORCE_ACCESS_CHECK when creating or opening a file. An attacker obtaining sufficient control of the arguments of a file create/open call, via some request originating from user mode, could use this to send an IRP_MJ_CREATE request where the RequestorMode is KernelMode. If the RequestorMode check is used in a security decision, this may lead to a local privilege escalation vulnerability.

Also: https://googleprojectzero.blogspot.com/2019/03/windows-kernel-logic-bug-class-access.html

^

Every Move You Make, WeWork Will Be Watching You

https://www.bloomberg.com/news/articles/2019-03-15/every-move-you-make-wework-will-be-watching-you - [www.bloomberg.com]
2019-03-19 00:56:26
tags: business hoipolloi opsec valley

> Of the company swag worn by WeWork employees, one T-shirt slogan says a lot about where the shared workspace business is headed: “bldgs=data.”

> One New York law firm wondered if it needed more conference room space. WeWork’s study included placing battery-powered thermal sensors under conference room tables to measure how many pairs of legs were present and for how long. Its finding: Make conference rooms smaller since they’re rarely full. When a New Jersey consulting company wanted more employees in the office on Fridays, WeWork analyzed a year’s worth of badge swipe data.

source: ML

^

Browser Side Channels

https://github.com/xsleaks/xsleaks/wiki/Browser-Side-Channels - [github.com]
2019-03-19 00:34:37
tags: browser reference security sidechannel web

> Well-known DOM APIs

Only a few dozen issues.

source: grugq

^

XS-Searching Google’s bug tracker to find out vulnerable source code

https://medium.com/@luanherrera/xs-searching-googles-bug-tracker-to-find-out-vulnerable-source-code-50d8135b7549 - [medium.com]
2019-03-19 00:32:59
tags: exploit html security sidechannel web

> This article is a detailed explanation of how I could have exploited Google’s Monorail issue tracker to leak sensitive information (vulnerable source code files and line numbers) from private bug reports through a XS-Search attack.

^

Flawed analysis, failed oversight: How Boeing, FAA certified the suspect 737 MAX flight control system

https://www.seattletimes.com/business/boeing-aerospace/failed-certification-faa-missed-safety-issues-in-the-737-max-system-implicated-in-the-lion-air-crash/ - [www.seattletimes.com]
2019-03-19 00:03:25
tags: article flying policy tech

> As Boeing hustled in 2015 to catch up to Airbus and certify its new 737 MAX, Federal Aviation Administration (FAA) managers pushed the agency’s safety engineers to delegate safety assessments to Boeing itself, and to speedily approve the resulting analysis.

> But the original safety analysis that Boeing delivered to the FAA for a new flight control system on the MAX — a report used to certify the plane as safe to fly — had several crucial flaws.

> That flight control system, called MCAS (Maneuvering Characteristics Augmentation System), is now under scrutiny after two crashes of the jet in less than five months resulted in Wednesday’s FAA order to ground the plane.

Also: https://theaircurrent.com/aviation-safety/the-world-pulls-the-andon-cord-on-the-737-max/

source: DF

^

Unicode TOFU

https://github.com/begriffs/utofu - [github.com]
2019-03-17 16:13:36
tags: c library security text

> Check unicode strings to detect changes over time that might be spoofing.

source: L

^

Phoenix LiveView: Interactive, Real-Time Apps. No Need to Write JavaScript.

https://dockyard.com/blog/2018/12/12/phoenix-liveview-interactive-real-time-apps-no-need-to-write-javascript - [dockyard.com]
2019-03-17 16:10:17
tags: beta erlang library programming web

> Live views share functionality with the regular server-side HTML views you are used to writing – you write some template code, and your render function generates HTML for the client. That said, live views go further by enabling stateful views which support bidrectional communication between the client and server. Live views react to events from the client, as well as events happening on the server, and push their rendered updates back to the browser. In effect, we share similar interaction and rendering models with many client-side libraries that exist today, such as React and Ember.

Now in beta.

https://github.com/phoenixframework/phoenix_live_view

source: L

^

Airbnb and Miami Beach Are at War. Travelers Are Caught in the Crossfire.

https://www.nytimes.com/2019/03/09/travel/airbnb-miami-beach-war.html - [www.nytimes.com]
2019-03-16 23:41:10
tags: business hoipolloi policy travel valley

> “It came as a shock,” Airbnb says in its lawsuit, that the city “expected home-sharing platforms to comply both with the registration-number display requirements and the geofencing provision.”

^

Sublucid Geometry

https://zalo.github.io/ - [zalo.github.io]
2019-03-16 23:31:11
tags: geometry interactive math physics programming series visualization

Just going to link to the whole blog.

source: L

^

Why Every Influencer Has a Discord

https://www.theatlantic.com/technology/archive/2019/03/how-discord-went-mainstream-influencers/584671/ - [www.theatlantic.com]
2019-03-16 23:21:36
tags: social valley

> Over the past few months, seemingly all the pet- and animal-themed Instagram accounts I follow have begun interspersing their videos with pleas. “Join our bird-themed Discord community!” one posted. Another urged me to connect with a group of like-minded reptile lovers on Discord. A commenter touted a dog-lover Discord server.

^

The Squeal of Data

https://tedium.co/2019/03/14/teletype-computer-evolution-history/ - [tedium.co]
2019-03-16 16:33:48
tags: hardware networking retro tty

> My favorite sound in computing is one that I haven’t actually had to use on a computer in nearly 20 years. The modem was a connection to a world outside of my own, and to get that connection required hearing the sounds of a loud, abrasive handshake that could easily be mistaken for Lou Reed’s Metal Machine Music. I’d like to compare it to another kind of sound for a little bit—the noise of a “straight key” used for a telegraph. Both technologies, despite more than a century in age difference, seemingly turned data into sound, then into electrical pulses, and back into sound again. It’s no wonder, then, that you can actually trace the roots of the modem back to the telegraph, and later the teletype machine. Data and wires, simply put, go way back. And it’s not the only example of the telegraph’s quiet influence on modern computing. Today’s Tedium draws a line between the modern computer and the pulses that inspired it.

^

XXH3 - a new speed-optimized hash algorithm

http://fastcompression.blogspot.com/2019/03/presenting-xxh3.html - [fastcompression.blogspot.com]
2019-03-16 04:22:34
tags: hash library perf release

> I was recently summoned to investigate performance for a bloom filter implementation, requiring to generate quickly 64 pseudo-random bits from small inputs of variable length. XXH64 could fit the bill, but performance on small inputs, never was its priority. It’s not completely wasteful either, it pays a bit attention to short inputs thanks to a small speed module in SMHasher. However, the module itself does the bare minimum, and it was not clear to me what’s exactly measured.

> So I decided to create my own benchmark program, as a way to ensure that I understand and control what’s being measured. This was a very interesting journey, leading to surprising discoveries.

> The end result of this investigation is XXH3, a cross-over inspired by many other great hash algorithms, which proves substantially faster than existing variants of xxHash, across basically all dimensions. Let’s detail those dimensions, and give some credit where inspiration is due.

source: L

^

IoT Security Bills Use Federal Spending as Leverage

https://duo.com/decipher/iot-security-bills-use-federal-spending-as-leverage - [duo.com]
2019-03-16 04:20:18
tags: ioshit policy security vapor

> The bill includes a number of separate provisions, but the one that stands to have the biggest potential effect on IoT security is the establishment of a set of standards for security in connected devices, standards that will be developed by the National Institute of Standards and Technology. The draft legislation doesn’t set out too many specifics for what those security standards would be, but dictates they will include four separate areas: secure development, identity management, patching, and configuration management. Under the language in the bill, vendors selling IoT devices to federal agencies will have to meet the NIST standards for those areas.

^

page two