Classic version control:

The City of #Helsinki Education Division #databreach has upto 120000 victims: "the perpetrator has gained access to the usernames and email addresses of all city personnel, as well as the personal IDs and addresses of students, guardians and personnel from the Education Division."

The attacker also gained access to confidential or sensitive records stored on a network share. The beach occurred due to unpatched known vulnerability getting exploited to gain unauthorized access. https://www.hel.fi/en/news/investigation-into-helsinki-education-division-data-breach-proceeds https://www.hel.fi/en/decision-making/data-breach #infosec #cybersecurity

Sometimes it feels like every day is a x.509 day tbh... #x509

Let's put this into nutshell.

In Signal, SGX *does not* help the user to secure contact delivery. You have to *believe* that signal.org is trustworthy plain and simple.

In Signal, SGX does only help signal.org to secure contact delivery from 3rd party adversaries.

The marketing has been somewhat misleading with this for number of years although there has not been any actual lies. They are actually claiming only the 2nd clause but at the same time claiming that it would improve users privacy.

Users privacy can be objectively said to be improved only if one can test and measure that this is really the case. Otherwise it is up to you to believe that signal.org is doing the right thing, and not e.g. just emulate the associated opcodes.

I personally believe that they are doing the (morally) right thing, and using legit SGX, but I would feel more convinced if they would also provide hard evidence on the topic, i.e. certificate delivery and verification in the app using Intel's CA.

#signal #sgx #infosec @signalapp

A smoke test for trusted keys: https://gitlab.com/jarkkojs/linux-tpmdd-test/-/commit/b737d6ca4f45fa171e623f8e1038801edf17c323

Running:

cmake -Bbuild && make -Cbuild buildroot-prepare
pushd build/buildroot/build
make
images/run-tests.sh

Runs successfully at least with my master, containing the HMAC encryption patches.

Failing in in-progress asymmetric key branch so had to extend the test to cover trusted keys (vs. writing commands manually):

https://git.kernel.org/pub/scm/linux/kernel/git/jarkko/linux-tpmdd.git/log/?h=tpm2_key

#linux #kernel #tpm #keys

Submitted abstract to #ethprague CfP. I own 0 ETH 🤷 #Linux and authentication related stuff. #ethereum

Learned a cool trick in Python, if need to have more deterministic latency for a thread: shutdown the gc as prologue and do collection once as epilogue.

I.e.

gc.disable()
# Do stuff that does not cause CPU
# exceptions or interrupts.
gc.collect()

I also noticed that MicroPython has pretty usable inline assembler.

This makes me wonder if you could implement Python version of https://rtic.rs/2/book/en/ running hard real-time tasks on bare metal.

This is more like learning thing than challenging thing… I.e. by doing the similar thing perhaps in limited scope in other language it is easier to get grip of the original target…

#python #rustlang

A 26-year-old Finnish man was sentenced to more than six years in prison today after being convicted of hacking into an online psychotherapy clinic, leaking tens of thousands of patient therapy records, and attempting to extort the clinic and patients.

https://krebsonsecurity.com/2024/04/man-who-mass-extorted-psychotherapy-patients-gets-six-years/

Even though Julius "Zeekill" Kivimaki has a cybercrime rap sheet thicker than a dictionary, he will end up serving roughly half that time, because all that stuff he did before he turned 18 doesn't count toward first-time offender status.

BTW, the CEO of the now-bankrupt psychotherapy practice was prosecuted as well (database credentials "root/root") but received a suspended sentence.

hmm... https://www.phoronix.com/news/Linux-610-TPM-Encrypt-Integrity. so it is not yet pulled so no need to announce in the current state "unfinished work" (by definition, given that it is not pulled) ;-)

I'll try to get asymmetric keys soon out which cleans this stack up further as a side-effect. If this did not make into 6.10 then I'll just add it on top of that patch set.

The single biggest issue in confidential computing is still. that there is no legit way to deliver cryptographic proof to client/browser inherited from CPU attestation. i.e. a x509 certificate. and so that it is vendor-neutral. not sure if even @signalapp can do this. who cares what you run in the backend if you cannot prove it.

this is still somewhat solid reference: https://www.decentriq.com/article/swiss-cheese-to-cheddar-securing-amd-sev-snp-early-boot

I wonder if it would make sense to elf stamp kernel images with some sort of. identifier to check where the image is at in the mainline reflecting to the latest of https://docs.kernel.org/process/cve.html. Or maybe this already exist. It would make in the mainline perhaps because then you could detect "too old" when running multiple distributions.

imho at least qemu would need snp and tdx emulation in upstream for like testing patches. i mean most have x86 so even rigged emulation would do the job for trivial patch testing

SDL3 Adds PipeWire Camera Support

Adding to the growing list of features coming with the SDL3 release for this hardware/software abstraction layer commonly used by cross-platform games and other software is PipeWire camera capturing support...
https://www.phoronix.com/news/SDL3-PipeWire-Camera-Capture

#GNOME 47 Desktop Environment Is Slated for Release on September 18th, 2024 https://9to5linux.com/gnome-47-desktop-environment-release-date-slated-for-september-18th-2024

@gnome #Linux #OpenSource

#Amaranth sounds like a name of a black/death metal band from Scandinavia but is actually pretty neat hardware (#FPGA) synthesis framework:

https://amaranth-lang.org/docs/amaranth/latest/intro.html

working on RFC patch for TPM2 asymmetric keys (will use null seed encrypted session) for supporting x509: https://git.kernel.org/pub/scm/linux/kernel/git/jarkko/linux-tpmdd.git/commit/?h=tpm2_key

https://datatracker.ietf.org/doc/draft-woodhouse-cert-best-practice/

Splitting my pull request. For v6.10 not yet fully finished/polished but the idea is to have simple script to create the PR from signed git tag and then have a few #aerc templates for each subsystem:

https://lore.kernel.org/linux-integrity/D15DSV117DQZ.3GJOTXCTGZHE9@kernel.org/T/#u

Two first I did for keyring and trusted key did not yet use this scheme but learned along the way that I need to scale a bit. Slowly figuring out how to do this properly.

https://man.archlinux.org/man/aerc-templates.7.en

this looks cool: https://aya-rs.dev/

(speaking for myself here) One of the cooler things about Google is getting just the slightest glimpse of the power of some of the tooling your wizard coworkers use.

https://perfetto.dev/ is one of those very cool tools. It's like kernel shark, but has really powerful SQL capabilities. It's well configured for use with Android and CrOS, but with classic Linux environments it can be a little daunting. So here are my notes on using it for upstream kernel development: https://gist.github.com/johnstultz-work/0ec4974e0929c4707bfd89c876ae4735