@ljs staff has been nice, polite and helpful have to say tho! thanks for not arresting me ;-)

@ljs i've sometimes been in completely wrong areas where i should not even have access just like by plain accident. then the security guard has just said "you should have never even gotten to these ports, how did this happen" (not when arrested, more like when i've went to ask myself where the f*ck i am).

@ljs i know

@sima @josh hmm... just a friendly advice but maybe you should not buy anything from those web stores? :-) i mean for me it sounds more like that the web browser recommends you not buy anything given the faulty security... so it is a feature almost

The City of #Helsinki Education Division #databreach has upto 120000 victims: "the perpetrator has gained access to the usernames and email addresses of all city personnel, as well as the personal IDs and addresses of students, guardians and personnel from the Education Division."

The attacker also gained access to confidential or sensitive records stored on a network share. The beach occurred due to unpatched known vulnerability getting exploited to gain unauthorized access. https://www.hel.fi/en/news/investigation-into-helsinki-education-division-data-breach-proceeds https://www.hel.fi/en/decision-making/data-breach #infosec #cybersecurity

@ljs Chicago airport can be tricky.

Sometimes it feels like every day is a x.509 day tbh... #x509

@signalapp @rjzak what you think

@signalapp Also, e.g. in Finland Signal is the recommended app for journalists. Why leave known loopholes to the implementation? Does not reflect the company's brand at all.

@signalapp Also we had this feature in https://www.enarx.dev/, i.e. it is possible to piggy pack CPU-attestation into x.509 :-) Both the issue and at least one way to fix it has been shown to exist.

@mjg59 also previous work exists where piggy packing CPU attestation into x.509 has been demonstrated. At least Enarx has this feature. So proof-of-concept done I guess.

@mjg59 i don't care about this that much but i'd like if they fixed the privacy issue: https://social.kernel.org/notice/AhqRIM69n1KYN5p5hg. good times to promote this given the board changes...

Let's put this into nutshell.

In Signal, SGX *does not* help the user to secure contact delivery. You have to *believe* that signal.org is trustworthy plain and simple.

In Signal, SGX does only help signal.org to secure contact delivery from 3rd party adversaries.

The marketing has been somewhat misleading with this for number of years although there has not been any actual lies. They are actually claiming only the 2nd clause but at the same time claiming that it would improve users privacy.

Users privacy can be objectively said to be improved only if one can test and measure that this is really the case. Otherwise it is up to you to believe that signal.org is doing the right thing, and not e.g. just emulate the associated opcodes.

I personally believe that they are doing the (morally) right thing, and using legit SGX, but I would feel more convinced if they would also provide hard evidence on the topic, i.e. certificate delivery and verification in the app using Intel's CA.

#signal #sgx #infosec @signalapp

A smoke test for trusted keys: https://gitlab.com/jarkkojs/linux-tpmdd-test/-/commit/b737d6ca4f45fa171e623f8e1038801edf17c323

Running:

cmake -Bbuild && make -Cbuild buildroot-prepare
pushd build/buildroot/build
make
images/run-tests.sh

Runs successfully at least with my master, containing the HMAC encryption patches.

Failing in in-progress asymmetric key branch so had to extend the test to cover trusted keys (vs. writing commands manually):

https://git.kernel.org/pub/scm/linux/kernel/git/jarkko/linux-tpmdd.git/log/?h=tpm2_key

#linux #kernel #tpm #keys

I emailed to James Prestwood if he wants to rebase just the ops part from his patch set. My patch does the reorg and defines parser and key type so that is exactly left so better to ask. I also was also wondering TPM2_RSA_Decrypt vs TPM2_Sign/TPM2_VerifySignature. The old patch set uses the former.

Depending on response I'll take that patch from him or refactor it myself.

Submitted abstract to #ethprague CfP. I own 0 ETH 🤷 #Linux and authentication related stuff. #ethereum

And there is also other angle to this: would it be possible partition resources for a CPU core so that it would do RTIC in one thread as it was running on a single core CPU on bare metal, which is also pretty interesting problem. I think I look at Jailhouse hypervisor implementation for this one...

I.e. I'm not claiming that it can be done. It is just that by reflecting with different tool you really get to the bottom of the bottlenecks, constraints and limitations. Just because it is fun and learning I guess...

Learned a cool trick in Python, if need to have more deterministic latency for a thread: shutdown the gc as prologue and do collection once as epilogue.

I.e.

gc.disable()
# Do stuff that does not cause CPU
# exceptions or interrupts.
gc.collect()

I also noticed that MicroPython has pretty usable inline assembler.

This makes me wonder if you could implement Python version of https://rtic.rs/2/book/en/ running hard real-time tasks on bare metal.

This is more like learning thing than challenging thing… I.e. by doing the similar thing perhaps in limited scope in other language it is easier to get grip of the original target…

#python #rustlang

@briankrebs right, and to add, if you have a criminal court case ongoing shut f*ck up until it is done and finished. you might end up saying stupid things on internet that can be potentially used against you as evidence. no wonder the security was flawed...