Before email, were Carbon Copies typically "Blind" (nobody knew who got copies other than themselves), or were there conventions in place so ppl knew who had copies?
Notices by William D. Jones (cr1901@mastodon.social)
-
Embed this notice
William D. Jones (cr1901@mastodon.social)'s status on Thursday, 31-Oct-2024 23:40:58 JST William D. Jones -
Embed this notice
William D. Jones (cr1901@mastodon.social)'s status on Thursday, 05-Sep-2024 01:56:03 JST William D. Jones @ewenmcneill @mxshift Never thought about this, so sorry if this is a stupid q, but... since routing uses subnet and dest IP to decide how/where/which iface to send a packet, why can't a machine lie about it's source IP in a packet to get past a incoming conn firewall?
-
Embed this notice
William D. Jones (cr1901@mastodon.social)'s status on Thursday, 05-Sep-2024 01:56:02 JST William D. Jones @david_chisnall @ewenmcneill @mxshift Indeed, as mentioned by Ewen earlier, I forgot the part where the dest actually has to reply.
Re: sending a big packet to a victim, at worst won't that cause excess network traffic that'll be ignored (b/c the victim won't be listening, the kernel will discard it)?
Also I thought the whole purpose of IOMMU was "the kernel decides the memory addresses a device can write to/read from, for each xaction". Won't not knowing valid addrs guard against spoofing?
-
Embed this notice
William D. Jones (cr1901@mastodon.social)'s status on Thursday, 05-Sep-2024 01:56:01 JST William D. Jones @david_chisnall >They assume trusted devices and untrusted VMs.
Are you using VM as a catch-all for "anything running a kernel"? Or actual VM as in "kernel running under control of a hypervisor, either bare metal or another kernel"?
Anyways this sounds backwards :P. I thought devices not choosing to read/write all over mem was what we were trying to prevent. Why would we trust the devices to _not_ do that :D?
-
Embed this notice
William D. Jones (cr1901@mastodon.social)'s status on Thursday, 05-Sep-2024 01:56:01 JST William D. Jones @david_chisnall Ack everything re: the network slowing down.
>A malicious device can choose to use a different mapping.
Yes, but when the malicious devices tries to write/read into kernel mem using its own chosen device physical addresses, the IOMMU will recognize that the kernel said "no, I don't allow writes/reads through this address" and quash the write/read.
And how would the device be able to choose which host physical address it wants to (maliciously) read and write?
-
Embed this notice
William D. Jones (cr1901@mastodon.social)'s status on Thursday, 05-Sep-2024 01:56:00 JST William D. Jones @david_chisnall Okay, you lost me. Why is this threat model specific to VMs, as opposed to applying equally to not-VMs?
What's special about VMs such that they're more susceptible to having host memory overwritten?
I guess guest OS memory can be overwritten by a rogue device too, but that at least will be constrained to the VM given proper sandboxing...
-
Embed this notice
William D. Jones (cr1901@mastodon.social)'s status on Monday, 26-Aug-2024 06:21:03 JST William D. Jones @notgull How is Rust's LLVM dep being handled? Don't get me wrong, I would love to get rid of it, just based on the fact it's 10 million lines of C++, arguably the only language more complex to write a compiler for than Rust. But we don't have that luxury :/.
-
Embed this notice
William D. Jones (cr1901@mastodon.social)'s status on Sunday, 14-Jan-2024 02:50:40 JST William D. Jones @erincandescent I thought you _liked_ C :D