Milan Broz
Posts
17Following
40Followers
88Linux cryptsetup/LUKS maintainer.
Milan Broz
repeated
repeated
Jenniferplusplus
jenniferplusplus@hachyderm.io
So here's the other thing that bothers me about all this. Regardless of the eventual results, this thing they're doing is *incredibly* resource intensive. They routinely spend billions of dollars on training these models, and billions more on operating them. It's not simple to parse out what fraction of that is directly attributable to the massive scale vuln finder/fabricator. But for the sake of argument lets just pick a plausible number, and call it 50-100 million dollars.
What could we have gotten for 50-100 million dollars of sponsorship for security audits? Prior to this, the largest single investment into FOSS security I'm aware of was the 2015 audit of openssl, after the heartbleed incident. It's hard to find precise costs for that, but I found a few sources estimating 1.2 million dollars, and that is arguably the most security critical piece of software in the world.
But suddenly there's 100x more resources available to do this work, now that producing the artifact can be done with stolen labor? Now that they can externalize the cost of false positives onto the already mostly unpaid maintainers of these projects? Even if their claims are true, which we have no reason to believe and very good reason not to, it's still a travesty
1
11
0
Milan Broz
asalor
Cryptsetup 2.8.6 stable version released
https://gitlab.com/cryptsetup/cryptsetup#download
Quick fix for an unexpected Easter egg in the form of broken tmpfiles.d config introduced in 2.8.5, sorry :-)
Full release notes (also for 2.8.5) https://cdn.kernel.org/pub/linux/utils/cryptsetup/v2.8/v2.8.6-ReleaseNotes
https://gitlab.com/cryptsetup/cryptsetup#download
Quick fix for an unexpected Easter egg in the form of broken tmpfiles.d config introduced in 2.8.5, sorry :-)
Full release notes (also for 2.8.5) https://cdn.kernel.org/pub/linux/utils/cryptsetup/v2.8/v2.8.6-ReleaseNotes
0
1
2
Milan Broz
asalor
Cryptsetup 2.8.5 stable version released
https://gitlab.com/cryptsetup/cryptsetup#download
It includes fixes for FileVault metadata parsing, fixes to alternative Meson configuration and many other bugfixes and code hardening.
Full release notes https://cdn.kernel.org/pub/linux/utils/cryptsetup/v2.8/v2.8.5-ReleaseNotes
#cryptsetup
https://gitlab.com/cryptsetup/cryptsetup#download
It includes fixes for FileVault metadata parsing, fixes to alternative Meson configuration and many other bugfixes and code hardening.
Full release notes https://cdn.kernel.org/pub/linux/utils/cryptsetup/v2.8/v2.8.5-ReleaseNotes
#cryptsetup
0
1
3
Milan Broz
asalor
Cryptsetup 2.8.4 stable version released
https://gitlab.com/cryptsetup/cryptsetup#download
The 2.8.4 includes fixes for displaying size in status, resizing integrity device and activation of BitLocker devices.
Release notes https://cdn.kernel.org/pub/linux/utils/cryptsetup/v2.8/v2.8.4-ReleaseNotes
#cryptsetup
https://gitlab.com/cryptsetup/cryptsetup#download
The 2.8.4 includes fixes for displaying size in status, resizing integrity device and activation of BitLocker devices.
Release notes https://cdn.kernel.org/pub/linux/utils/cryptsetup/v2.8/v2.8.4-ReleaseNotes
#cryptsetup
0
1
2
Milan Broz
asalor
cryptsetup 2.8.3 stable version released
https://gitlab.com/cryptsetup/cryptsetup#download
It includes fix-for-fix in 2.8.2 :-)
The 2.8.2 includes minor fixes and improvements to BitLocker-compatible support.
Release notes https://cdn.kernel.org/pub/linux/utils/cryptsetup/v2.8/v2.8.3-ReleaseNotes
#cryptsetup
https://gitlab.com/cryptsetup/cryptsetup#download
It includes fix-for-fix in 2.8.2 :-)
The 2.8.2 includes minor fixes and improvements to BitLocker-compatible support.
Release notes https://cdn.kernel.org/pub/linux/utils/cryptsetup/v2.8/v2.8.3-ReleaseNotes
#cryptsetup
0
0
1
Milan Broz
asalor
Cryptsetup 2.8.2 stable version released
https://gitlab.com/cryptsetup/cryptsetup#download
It includes minor fixes and improvements to BitLocker-compatible support.
Release notes https://cdn.kernel.org/pub/linux/utils/cryptsetup/v2.8/v2.8.2-ReleaseNotes
#cryptsetup
https://gitlab.com/cryptsetup/cryptsetup#download
It includes minor fixes and improvements to BitLocker-compatible support.
Release notes https://cdn.kernel.org/pub/linux/utils/cryptsetup/v2.8/v2.8.2-ReleaseNotes
#cryptsetup
0
0
2
Milan Broz
asalor
Edited 9 months ago
Cryptsetup 2.8.1 stable version released
https://gitlab.com/cryptsetup/cryptsetup#download
It includes minor fixes and major man page updates.
Release notes https://cdn.kernel.org/pub/linux/utils/cryptsetup/v2.8/v2.8.1-ReleaseNotes
#cryptsetup
https://gitlab.com/cryptsetup/cryptsetup#download
It includes minor fixes and major man page updates.
Release notes https://cdn.kernel.org/pub/linux/utils/cryptsetup/v2.8/v2.8.1-ReleaseNotes
#cryptsetup
0
4
5
Milan Broz
asalor
Cryptsetup 2.8.0 stable version released
https://gitlab.com/cryptsetup/cryptsetup#download
Release notes https://cdn.kernel.org/pub/linux/utils/cryptsetup/v2.8/v2.8.0-ReleaseNotes
#cryptsetup
https://gitlab.com/cryptsetup/cryptsetup#download
Release notes https://cdn.kernel.org/pub/linux/utils/cryptsetup/v2.8/v2.8.0-ReleaseNotes
#cryptsetup
0
5
11
Milan Broz
asalor
Cryptsetup 2.7.5 stable version released
https://gitlab.com/cryptsetup/cryptsetup#download
It contains fixes for online reencryption (fix possible data corruption).
Release notes https://kernel.org/pub/linux/utils/cryptsetup/v2.7/v2.7.5-ReleaseNotes
#cryptsetup
https://gitlab.com/cryptsetup/cryptsetup#download
It contains fixes for online reencryption (fix possible data corruption).
Release notes https://kernel.org/pub/linux/utils/cryptsetup/v2.7/v2.7.5-ReleaseNotes
#cryptsetup
0
2
5
Milan Broz
asalor
Cryptsetup 2.7.4 stable version released
https://gitlab.com/cryptsetup/cryptsetup#download
It contains fixes for concurrent activation of devices and several fixes for issues detected by static analysis.
Release notes https://kernel.org/pub/linux/utils/cryptsetup/v2.7/v2.7.4-ReleaseNotes
#cryptsetup
https://gitlab.com/cryptsetup/cryptsetup#download
It contains fixes for concurrent activation of devices and several fixes for issues detected by static analysis.
Release notes https://kernel.org/pub/linux/utils/cryptsetup/v2.7/v2.7.4-ReleaseNotes
#cryptsetup
0
3
5
Milan Broz
asalor
Cryptsetup 2.7.3 stable version released
https://gitlab.com/cryptsetup/cryptsetup#download
It contains detection for broken OPAL firmware reporting wrong encryption logical sector size and other fixes.
Release notes https://kernel.org/pub/linux/utils/cryptsetup/v2.7/v2.7.3-ReleaseNotes
#cryptsetup
https://gitlab.com/cryptsetup/cryptsetup#download
It contains detection for broken OPAL firmware reporting wrong encryption logical sector size and other fixes.
Release notes https://kernel.org/pub/linux/utils/cryptsetup/v2.7/v2.7.3-ReleaseNotes
#cryptsetup
0
4
4
Milan Broz
asalor
Cryptsetup 2.7.2 stable version released, https://gitlab.com/cryptsetup/cryptsetup#download
It contains several fixes to OPAL HW encryption support.
Release notes https://kernel.org/pub/linux/utils/cryptsetup/v2.7/v2.7.2-ReleaseNotes
#cryptsetup
It contains several fixes to OPAL HW encryption support.
Release notes https://kernel.org/pub/linux/utils/cryptsetup/v2.7/v2.7.2-ReleaseNotes
#cryptsetup
0
4
4
Milan Broz
asalor
Cryptsetup 2.7.1 stable version released, https://gitlab.com/cryptsetup/cryptsetup#download
It contains several mainly build and test configuration fixes.
Release notes https://kernel.org/pub/linux/utils/cryptsetup/v2.7/v2.7.1-ReleaseNotes
#cryptsetup
It contains several mainly build and test configuration fixes.
Release notes https://kernel.org/pub/linux/utils/cryptsetup/v2.7/v2.7.1-ReleaseNotes
#cryptsetup
0
1
2
Milan Broz
asalor
Cryptsetup 2.7.0 stable release, https://gitlab.com/cryptsetup/cryptsetup#download
It introduces optional support for handling hardware encrypted OPAL devices.
Release notes https://kernel.org/pub/linux/utils/cryptsetup/v2.7/v2.7.0-ReleaseNotes
It introduces optional support for handling hardware encrypted OPAL devices.
Release notes https://kernel.org/pub/linux/utils/cryptsetup/v2.7/v2.7.0-ReleaseNotes
1
5
8
Milan Broz
asalor
Cryptsetup 2.7.0-rc1 release candidate is ready for testing, https://gitlab.com/cryptsetup/cryptsetup#download
It introduces optional support for handling hardware encrypted OPAL devices.
Release notes https://kernel.org/pub/linux/utils/cryptsetup/v2.7/v2.7.0-rc1-ReleaseNotes
It introduces optional support for handling hardware encrypted OPAL devices.
Release notes https://kernel.org/pub/linux/utils/cryptsetup/v2.7/v2.7.0-rc1-ReleaseNotes
0
5
2
Milan Broz
asalor
Cryptsetup 2.6.1 stable version released, https://gitlab.com/cryptsetup/cryptsetup#download
It fixes several bugs found by new OSS-Fuzz fuzzers.
Release notes https://kernel.org/pub/linux/utils/cryptsetup/v2.6/v2.6.1-ReleaseNotes
#cryptsetup
It fixes several bugs found by new OSS-Fuzz fuzzers.
Release notes https://kernel.org/pub/linux/utils/cryptsetup/v2.6/v2.6.1-ReleaseNotes
#cryptsetup
0
4
6
Milan Broz
asalor
Cryptsetup 2.6.0 stable version released, https://gitlab.com/cryptsetup/cryptsetup#download
It introduces support for handling legacy FileVault2 (macOS) encrypted devices and many other fixes.
Release notes https://kernel.org/pub/linux/utils/cryptsetup/v2.6/v2.6.0-ReleaseNotes
#cryptsetup
It introduces support for handling legacy FileVault2 (macOS) encrypted devices and many other fixes.
Release notes https://kernel.org/pub/linux/utils/cryptsetup/v2.6/v2.6.0-ReleaseNotes
#cryptsetup
0
5
4
Milan Broz
asalor
Cryptsetup 2.6.0-rc0 release candidate is ready for testing, https://gitlab.com/cryptsetup/cryptsetup#download
It also introduces support for handling legacy FileVault2 (macOS) encrypted devices.
Release notes https://kernel.org/pub/linux/utils/cryptsetup/v2.6/v2.6.0-rc0-ReleaseNotes
It also introduces support for handling legacy FileVault2 (macOS) encrypted devices.
Release notes https://kernel.org/pub/linux/utils/cryptsetup/v2.6/v2.6.0-rc0-ReleaseNotes
0
8
8