17 posts total
Second MR with our work on the IPv6 stack for #SerenityOS just landed! This means that on the master branch, you can already IPv6 ping a SerenityOS host, and it will handle a neighbor solicitation (equivalent to ARP) and actual ICMPv6 Echo Request packets :blobcat3c: Next up: refactoring IPv4 sockets to make them generic by @filmroellchen, and then we can add some more glue code for handling TCP/UDP. Really really excited for this :ablobcatbongo: after many weeks of implementing drivers, hunting bugs and debugging hangs:
finally, #SerenityOS on a Chromebook FOSS maintainers don’t owe you anything, even thanklessly maintaining the software forever. Furthermore: It’s okay for software to not be updated with new features, as long as it doesn’t have known security holes. It’s not a bad thing to have something that doesn’t change, even if modern software developers would like you to think that you NEED a constant stream of “feature updates” and “redesigns”. the only takeaway anyone should have from the Crowdstrike incident today is that running a poorly-managed rootkit on all of your machines for “vulnerability management” maaaaaybe isn’t the brightest idea. reading through some printer-adjacent microperl scripts and my brain started autocompleting PSA: Backdoor in latest version of xz: https://openwall.com/lists/oss-security/2024/03/29/4 Downgrade if you’re running one of the latest xz versions, it has been compromised. If you’re using mainstream distros, you may be fine (as they lag with versions a bit behind master). If you’re running Alpine or any other non-gnu or non-systemd distro, you should be fine too (the exploit checks for GNU, and also probably won’t work with distro-unpatched sshd) @domi it looks like Arch narrowly escaped being exploitable: https://gitlab.archlinux.org/archlinux/packaging/packages/xz/-/issues/2
there’s something beautifully chaotic about decrypting the iPod firmware by sending it to the iPod, 0x30 bytes at a time, really slowly Witchcraft: I made a Minecraft server in Bash and I survived it blogpost(this is a very technical post, going really in-depth. if that’s not your jam, check out the source code) |
@domi and now opening any modern website with fancy js frameworks initiates like a 50M download split into hundreds of requests