@jmorris In my experience, the signal to noise ratio is extremely good in Fedi. Twitter is dead, and bsky & threads are redundant/closed.
Notices by Kees Cook :tux: (kees@fosstodon.org), page 3
-
Embed this notice
Kees Cook :tux: (kees@fosstodon.org)'s status on Wednesday, 08-Nov-2023 10:41:07 JST Kees Cook :tux:
-
Embed this notice
Kees Cook :tux: (kees@fosstodon.org)'s status on Wednesday, 08-Nov-2023 03:46:32 JST Kees Cook :tux:
Today is the anniversary of the launch of the #Linux #Kernel Self-Protection Project (2015), and the invention of the Flux Capacitor (1955):
https://lore.kernel.org/kernel-hardening/CAGXu5jJ3FgxXK9WuOLRwnEq=y4dS+CTm+WQBxWe3sYZ7e9p6Gg@mail.gmail.com/ -
Embed this notice
Kees Cook :tux: (kees@fosstodon.org)'s status on Monday, 30-Oct-2023 06:04:42 JST Kees Cook :tux:
Here's how to enable the kernel Memory Tagging Extension (#MTE) on the Pixel 8:
adb shell setprop arm64.memtag.bootctl memtag,memtag-kernel
I'm so happy there's real-world hardware finally available to provide mitigations against linear buffer overflows and many types of use-after-free flaws.
More details here:
https://outflux.net/blog/archives/2023/10/26/enable-mte-on-pixel-8/In conversation from fosstodon.org permalink Attachments
-
Embed this notice
Kees Cook :tux: (kees@fosstodon.org)'s status on Saturday, 16-Sep-2023 07:25:42 JST Kees Cook :tux:
I really excited about making Use-After-Free exploits much harder in the #Linux #kernel.
CONFIG_RANDOM_KMALLOC_CACHES has landed:
https://git.kernel.org/linus/3c6152940584CONFIG_SLAB_VIRTUAL is coming:
https://lore.kernel.org/lkml/20230915105933.495735-15-matteorizzo@google.com/In conversation from fosstodon.org permalink Attachments
-
Embed this notice
Kees Cook :tux: (kees@fosstodon.org)'s status on Wednesday, 13-Sep-2023 09:26:14 JST Kees Cook :tux:
@Azeria I remain delighted that the Linux kernel eliminated VLAs back in 2018. :) I encourage everyone with a C codebase to build with -Wvla
In conversation from fosstodon.org permalink -
Embed this notice
Kees Cook :tux: (kees@fosstodon.org)'s status on Wednesday, 30-Aug-2023 09:58:18 JST Kees Cook :tux:
@gregkh Who was the original target audience and what changed about their consumption patterns?
In conversation from fosstodon.org permalink -
Embed this notice
Kees Cook :tux: (kees@fosstodon.org)'s status on Wednesday, 30-Aug-2023 09:58:17 JST Kees Cook :tux:
@gregkh Ah! Neat. What're the regulations? This is (likely good) news to me.
In conversation from fosstodon.org permalink -
Embed this notice
Kees Cook :tux: (kees@fosstodon.org)'s status on Monday, 28-Aug-2023 08:09:22 JST Kees Cook :tux:
@lanodan Ah, I see. Thanks for the link! Yeah, many things are repeated, but there are some options there that I think are a bit "heavy". It's based on the KSPP recommendations which tries to include everything but some stuff may be very disruptive (dropping 32-bit compatibility, removing module loading, etc).
In conversation from fosstodon.org permalink -
Embed this notice
Kees Cook :tux: (kees@fosstodon.org)'s status on Monday, 28-Aug-2023 00:48:18 JST Kees Cook :tux:
@lanodan in not sure what you're asking. What's Gentoo been doing?
In conversation from fosstodon.org permalink -
Embed this notice
Kees Cook :tux: (kees@fosstodon.org)'s status on Saturday, 26-Aug-2023 23:08:22 JST Kees Cook :tux:
The #Linux #kernel has been overdue for having a Kconfig fragment for #hardening options. I'm hoping this can land:
https://lore.kernel.org/lkml/20230825050618.never.197-kees@kernel.orgIn conversation from fosstodon.org permalink Attachments
-
Embed this notice
Kees Cook :tux: (kees@fosstodon.org)'s status on Wednesday, 26-Jul-2023 08:15:21 JST Kees Cook :tux:
@jmorris Gives me a stroke.
In conversation from fosstodon.org permalink