Re: USB 3.0 flash drive not functional
So I've confirmed that sd_get_parms is returning -1 here (by using
printf() statements in /usr/src/sys/scsi/sd.c):
1671: if (sd_read_cap(sc, flags) != 0)
1672:return -1;
Then then sets this error variable to -1:
218: error = sd_get_parms(sc, sd_autoconf);
Then this check is false, and is bypassed:
222: if (error == 0) {
223: printf("%s: %lluMB, %u bytes/sector, %llu sectors",
...
This explains why I'm not seeing seeing the "bytes/sector" output.
On Tue, May 12, 2020 at 10:15 PM Andrew Klaus wrote:
>
> I recently tried using a USB Flash Drive (64GB Capacity) under OpenBSD
> 6.7 on both amd64 and arm64. It's detected as a umass0 device, but
> won't display the disksize/sector line in dmesg and is not available
> for me to use as a drive. This drive does work on other operating
> systems, so I know the drive is functional.
>
> I compiled with options SCSIDEBUG and UMASS_DEBUG, and now seeing this in
> dmesg:
>
> umass0 at uhub0 port 9 configuration 1 interface 0 "PNY Technologies
> USB 3.0 FD" rev 3.00/1.00 addr 2
> umass0: using SCSI over Bulk-Only
> scsibus4 at umass0: 2 targets, initiator 0
> probe(umass0:1:0): got 36 of 55 bytes of inquiry data:
> --
> 000: 00 80 06 02 33 00 00 00 50 4e 59 00 00 00 00 00
> 016: 55 53 42 20 33 2e 30 20 46 44 00 00 00 00 00 00
> 032: 00 00 00 00
> --
> probe(umass0:1:0): got 55 of 55 bytes of inquiry data:
> --
> 000: 00 80 06 02 33 00 00 00 50 4e 59 00 00 00 00 00
> 016: 55 53 42 20 33 2e 30 20 46 44 00 00 00 00 00 00
> 032: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
> 048: 00 00 00 00 00 00 00
> --
> scsi_inqmatch: match priority 2. T_DIRECT T_REMOV <"", "", "">
> sd0 at scsibus4 targ 1 lun 0: SCSI/SPC-4 removable
> serial.154b..
> probe(umass0:1:0): state 0, luns 1, openings 1
> probe(umass0:1:0): flags (0x0801)
> probe(umass0:1:0): quirks (0x4008)
> sd0(umass0:1:0): Check Condition (error 0) on opcode 0x1e
> sd0(umass0:1:0): Check Condition (error 0) on opcode 0x9e
> sd0(umass0:1:0): read capacity 10 data:
> --
> 000: 00 00 00 00 00 00 00 00
> --
> sd0(umass0:1:0): Check Condition (error 0) on opcode 0x1e
> sd0(umass0:1:0): Check Condition (error 0) on opcode 0x9e
> sd0(umass0:1:0): read capacity 10 data:
> --
> 000: 00 00 00 00 00 00 00 00
> --
>
> When trying to edit it under fdisk, it gives me Device not configured:
>
> # fdisk -e /dev/rsd0c
> # fdisk: /dev/rsd0c: Device not configured
>
> I presume this has to something to do with the "read capacity 10 data"
> showing null bytes. I looked at this field with other (working) USB
> Flash drives and they have non-null data here.
>
> My knowledge in this area is limited, but I'd like to learn how to fix
> this. I know I could just get another flash drive, but I enjoy the
> challenge.
>
> Any pointers on where to go from here would be really appreciated.
>
> Thanks!
Re: Secure end points for Internet tunnel, the most secure hardware
>That is a kernel level issue, not an SOC level one. Well, I have ordered a couple of Orange PI ONE. According to: http://philip.xinqu.net/orangepi.html it shall work on OpenBSD at least without a video port. Good features for my use case: 1) No video port means anyone non qualified enough cannot quickly boot and trojan it without a serial port. 2) This card is missing a WIFI which is good IMHO to avoid wireless exploits. 3) Small boot ROM, no other BLOBs like in Raspberry PI, and its BROM cannot be reflashed silently by someone while I am absent from home. 4) Its CPU is free of Spectre issues 5) Very cheap - used one costed me about 500 rub = $6.66 - already tested and includes a heat sink and a case :) The last question is how to deal with Nitrokey on OpenBSD, especially on the server side for keeping private key of the daemon. Anyone worked with Nitrokey on OpenBSD using ssh-pkcs11-helper? https://support.nitrokey.com/t/can-nitrokey-pro2-be-used-in-openbsd-with-ssh-and-gpg/2347/3 > In generic: you don’t need OpenSC to use gpg or ssh on *BSD. E.g. > “ssh-pkcs11-helper first appeared in OpenBSD 4.7” which will make the > connection to your token. Also gpg brings there own ssh/token agent in the > package. Will it work on OpenBSD server for SSHD daemon ?
USB 3.0 flash drive not functional
I recently tried using a USB Flash Drive (64GB Capacity) under OpenBSD 6.7 on both amd64 and arm64. It's detected as a umass0 device, but won't display the disksize/sector line in dmesg and is not available for me to use as a drive. This drive does work on other operating systems, so I know the drive is functional. I compiled with options SCSIDEBUG and UMASS_DEBUG, and now seeing this in dmesg: umass0 at uhub0 port 9 configuration 1 interface 0 "PNY Technologies USB 3.0 FD" rev 3.00/1.00 addr 2 umass0: using SCSI over Bulk-Only scsibus4 at umass0: 2 targets, initiator 0 probe(umass0:1:0): got 36 of 55 bytes of inquiry data: -- 000: 00 80 06 02 33 00 00 00 50 4e 59 00 00 00 00 00 016: 55 53 42 20 33 2e 30 20 46 44 00 00 00 00 00 00 032: 00 00 00 00 -- probe(umass0:1:0): got 55 of 55 bytes of inquiry data: -- 000: 00 80 06 02 33 00 00 00 50 4e 59 00 00 00 00 00 016: 55 53 42 20 33 2e 30 20 46 44 00 00 00 00 00 00 032: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 048: 00 00 00 00 00 00 00 -- scsi_inqmatch: match priority 2. T_DIRECT T_REMOV <"", "", ""> sd0 at scsibus4 targ 1 lun 0: SCSI/SPC-4 removable serial.154b.. probe(umass0:1:0): state 0, luns 1, openings 1 probe(umass0:1:0): flags (0x0801) probe(umass0:1:0): quirks (0x4008) sd0(umass0:1:0): Check Condition (error 0) on opcode 0x1e sd0(umass0:1:0): Check Condition (error 0) on opcode 0x9e sd0(umass0:1:0): read capacity 10 data: -- 000: 00 00 00 00 00 00 00 00 -- sd0(umass0:1:0): Check Condition (error 0) on opcode 0x1e sd0(umass0:1:0): Check Condition (error 0) on opcode 0x9e sd0(umass0:1:0): read capacity 10 data: -- 000: 00 00 00 00 00 00 00 00 -- When trying to edit it under fdisk, it gives me Device not configured: # fdisk -e /dev/rsd0c # fdisk: /dev/rsd0c: Device not configured I presume this has to something to do with the "read capacity 10 data" showing null bytes. I looked at this field with other (working) USB Flash drives and they have non-null data here. My knowledge in this area is limited, but I'd like to learn how to fix this. I know I could just get another flash drive, but I enjoy the challenge. Any pointers on where to go from here would be really appreciated. Thanks!
Re: Secure end points for Internet tunnel, the most secure hardware
On Tue, May 12, 2020 at 1:27 PM wrote: > > Aaron, thank you for your suggestion. > > For now I prefer to try to use the oldest suitable hardware I can find, not > sure if it is a good idea. > YMMV. Don't fall into the sunk cost fallacy. > Please someone let me know if AllWinner SoC backdoor described at: > > https://www.theregister.co.uk/2016/05/09/allwinners_allloser_custom_kernel_has_a_nasty_root_backdoor/ > > can be exploited in OpenBSD? > That is a kernel level issue, not an SOC level one. https://github.com/friendlyarm/h3_lichee/blob/master/linux-3.4/arch/arm/mach-sunxi/sunxi-debug.c Anyone who suggested this be put in OpenBSD's kernel would likely receive a visit from Theo brandishing a flamethrower fuelled by Substance N to melt their PC, house, land, self. > Is it a bad idea to run a small communication server on a AllWinner A20 board > like a Cubitruck if it works with OpenBSD (it is not on the list though). > What about other compatible boards like AllWinner A10 Orange PI One? > If it isn't on the list, it either isn't supported or hasn't been tested. If you have the hardware on hand, it never hurts to try the latest snap and send a dmesg to the the openbsd-arm mailing list so they can update their docs or get an idea of what's missing. > I just want my DNS (local) and postfix, dovecot (Internet) and SSH (local > and Internet) work on it protected from hackers. Running OpenBSD and spamd on your router and any non-internet facing services on other systems behind it, and not making silly decisions like password based root logins (or any login for that matter) and employing a default permit policy on your firewall are a good start. Anything else is service-specific. -- Aaron Mason - Programmer, open source addict I've taken my software vows - for beta or for worse
Re: OpenBSD insecurity rumors from isopenbsdsecu.re
And who the fuck gave you permission to talk cockbreath? ‐‐‐ Original Message ‐‐‐ On Monday, May 11, 2020 8:03 PM, Daniel Jakots wrote: > On Mon, 11 May 2020 17:27:24 +, slackwaree > slackwa...@protonmail.com wrote: > > > I wish if the someone who took the time to make this page at least > > would make an antisystemD page instead. > > I doubt anyone asked you how they should spend their time. > > > Let's face it how much time that old fart linus has, maybe > > COVID takes him too. > > Are you really saying you hope he dies? No I don't hope that this shithill dies, I hope half of the world population dies because they ain't good for anything. Eating shitting fuckmachines. All they know how to shit out retards like you. You surely ain't come out on the front hole but the back go back sit in a corner. > What the fuck is wrong with you? > > > I couldn't care less either, all I care is my > > BSD servers uptime 600+ days and not 1 day I worry about their > > security. > > You are clearly clueless. Ain't worth my time maggot, kind of you should die in COVID with their tard family. > > Please refrain from posting again such shitty emails. > > Thanks, > Daniel
Re: Intel I210 Fiber Optic Ethernet Card Transceiver Info.
Hi Vertigo, can you send on a dmesg, what version and architecture OpenBSD are you running. ? I believe dlg@ had added in SFP+ functionality between OpenBSD 6.5 6.6 ? ( it may have been SFP+ functionality on the ix(4) (and not em(4) driver) On Tue, 12 May 2020 at 20:58, Vertigo Altair wrote: > > Hi Misc, > > I have 2 questions about my dual port fiber optic ethernet card with Intel > I210 chipset: > 1. The ifconfig em0 media command output only shows that it supports > multi-mode fiber (1G SX). > Actually it worked when I tried single mode fiber. But I still wanted to > report this to OpenBSD developers. > > 2. The ifconfig em0 sff or ifconfig em0 transceiver output does not return > information about transceiver. > Could the EM driver not support the transceiver / sff command set? > I searched on Google but I couldn't find such an expression. > > You can find the relevant command outputs below. > Thank you very much for your help in advance. > Stay safe. > > # pcidump | grep Fiber > 2:0:0: Intel I210 Fiber > 3:0:0: Intel I210 Fiber > # pcidump -v 2:0:0 > 2:0:0: Intel I210 Fiber > 0x: Vendor ID: 8086, Product ID: 1536 > 0x0004: Command: 0147, Status: 0010 > 0x0008: Class: 02 Network, Subclass: 00 Ethernet, > Interface: 00, Revision: 03 > 0x000c: BIST: 00, Header Type: 00, Latency Timer: 00, > Cache Line Size: 10 > 0x0010: BAR mem 32bit addr: 0xdfd0/0x0008 > 0x0014: BAR empty () > 0x0018: BAR io addr: 0xd000/0x0020 > 0x001c: BAR mem 32bit addr: 0xdfd8/0x4000 > 0x0020: BAR empty () > 0x0024: BAR empty () > 0x0028: Cardbus CIS: > 0x002c: Subsystem Vendor ID: Product ID: > 0x0030: Expansion ROM Base Address: > 0x0038: > 0x003c: Interrupt Pin: 01 Line: 0b Min Gnt: 00 Max Lat: 00 > 0x0040: Capability 0x01: Power Management > State: D0 > 0x0050: Capability 0x05: Message Signalled Interrupts (MSI) > Enabled: yes > 0x0070: Capability 0x11: Extended Message Signalled Interrupts > (MSI-X) > Enabled: no; table size 5 (BAR 3:0) > 0x00a0: Capability 0x10: PCI Express > Link Speed: 2.5 / 2.5 GT/s, Link Width: x1 / x1 > 0x0100: Enhanced Capability 0x01: Advanced Error Reporting > 0x0140: Enhanced Capability 0x03: Device Serial Number > Serial Number: 00900b875ba7 > 0x01a0: Enhanced Capability 0x17: TPH Requester > > # ifconfig em0 media > em0: flags=8802 mtu 1500 > lladdr fe:e1:ba:d0:92:da > index 1 priority 0 llprio 3 > trunk: trunkdev aggr0 > media: Ethernet autoselect (none) > status: no carrier > supported media: > media 1000baseSX mediaopt full-duplex > media 1000baseSX > media autoselect -- Kindest regards, Tom Smyth.
Intel I210 Fiber Optic Ethernet Card Transceiver Info.
Hi Misc, I have 2 questions about my dual port fiber optic ethernet card with Intel I210 chipset: 1. The ifconfig em0 media command output only shows that it supports multi-mode fiber (1G SX). Actually it worked when I tried single mode fiber. But I still wanted to report this to OpenBSD developers. 2. The ifconfig em0 sff or ifconfig em0 transceiver output does not return information about transceiver. Could the EM driver not support the transceiver / sff command set? I searched on Google but I couldn't find such an expression. You can find the relevant command outputs below. Thank you very much for your help in advance. Stay safe. # pcidump | grep Fiber 2:0:0: Intel I210 Fiber 3:0:0: Intel I210 Fiber # pcidump -v 2:0:0 2:0:0: Intel I210 Fiber 0x: Vendor ID: 8086, Product ID: 1536 0x0004: Command: 0147, Status: 0010 0x0008: Class: 02 Network, Subclass: 00 Ethernet, Interface: 00, Revision: 03 0x000c: BIST: 00, Header Type: 00, Latency Timer: 00, Cache Line Size: 10 0x0010: BAR mem 32bit addr: 0xdfd0/0x0008 0x0014: BAR empty () 0x0018: BAR io addr: 0xd000/0x0020 0x001c: BAR mem 32bit addr: 0xdfd8/0x4000 0x0020: BAR empty () 0x0024: BAR empty () 0x0028: Cardbus CIS: 0x002c: Subsystem Vendor ID: Product ID: 0x0030: Expansion ROM Base Address: 0x0038: 0x003c: Interrupt Pin: 01 Line: 0b Min Gnt: 00 Max Lat: 00 0x0040: Capability 0x01: Power Management State: D0 0x0050: Capability 0x05: Message Signalled Interrupts (MSI) Enabled: yes 0x0070: Capability 0x11: Extended Message Signalled Interrupts (MSI-X) Enabled: no; table size 5 (BAR 3:0) 0x00a0: Capability 0x10: PCI Express Link Speed: 2.5 / 2.5 GT/s, Link Width: x1 / x1 0x0100: Enhanced Capability 0x01: Advanced Error Reporting 0x0140: Enhanced Capability 0x03: Device Serial Number Serial Number: 00900b875ba7 0x01a0: Enhanced Capability 0x17: TPH Requester # ifconfig em0 media em0: flags=8802 mtu 1500 lladdr fe:e1:ba:d0:92:da index 1 priority 0 llprio 3 trunk: trunkdev aggr0 media: Ethernet autoselect (none) status: no carrier supported media: media 1000baseSX mediaopt full-duplex media 1000baseSX media autoselect
Fwd: Are there architectural limitation for packages in ports?
Though according to: https://www.andrewhoefling.com/Blog/Post/net-5-and-the-future-of-net-framework-and-net-core >.NET 5 and .NET Standard >What is the life of .NET Standard and will it be going away? >.NET Standard is not going anywhere as far as I understand and will be very >important to the success of .NET 5 as the code-base get's unified. With .NET 5 >the idea is to create a shared Base Class Library (BCL) that will have >different runtime virtual machines. >MonoVM >CoreCLR >The idea is you can have drop-in replacements with the different runtime VMs >but it will all be 1 .NET. Therefore it may be not so important to have specifically Microsoft VM since if it is fully compatible with community's Mono VM which is already present in OpenBSD ports?
Re: Are there architectural limitation for packages in ports?
Another question, are we going to see DotNet Core in OpenBSD? Something like: https://data.gpo.zugaina.org/lanodanOverlay/dev-dotnet/dotnetcore-sdk/dotnetcore-sdk-3.0.100.ebuild
Re: pf table for all publicly routable ipv4 addresses
Hi, thanks to everyone who sent me tips and ideas about the topic. At the moment I am testing "negated table" approach, which seems to work fine: block log all pass in on $vlan_guests from $vlan:guests:network to ! ...where table is list of subnets I don't want to be reachable from guest vlan (basically table from pf FAQ). I have also been testing "table with negated records" approach, which also seems to work fine block log all pass in on $vlan_guests from $vlan:guests:network to ...where routable is list of negated subnets I don't want to be reachable from guest vlan (basically table from pf FAQ but with negated records, plus 0.0.0.0/0 on top). Could it be that pf FAQ is outdated about 0.0.0.0/0 shouldn't be used in tables? pfctl has no problem adding, removing and listing 0.0.0.0/0 subnet in tables. I'll test some more and send some feedback. -- Before enlightenment - chop wood, draw water. After enlightenment - chop wood, draw water. Marko Cupać https://www.mimar.rs/
Are there architectural limitation for packages in ports?
For example if we look at mono package on Gentoo: https://packages.gentoo.org/packages/dev-lang/mono We will see there are missing ports for alpha, hppa, ia64 and sparc, actually I might be interested only in sparc among them. On the other hand are there any similar limitations for the: https://openports.se/lang/mono if it is built on OpenBSD
Re: OpenBSD insecurity rumors from isopenbsdsecu.re
Please leave, optionally seek professional help and never come back. -- I'm not entirely sure you are real.
Re: OpenBSD insecurity rumors from isopenbsdsecu.re
> What exactly does your budget mean? These are all free, open source > operating system. You may sell both OpenBSD and any installations and > consulting. That could improve your income for your budget. I am in the process of trying to find a devops remote work, may be it will improve my budget, actually I am not familiar with current global market and my position in it and not sure if I have enough time to get a secure working place before I will have to look for cheaper and less qualified job alternatives not so sensitive to my working place security. > Open source means that most developers work for free and fun or to > obtain something they in particular want. Convince some developers to > work on your own desires, whether with OpenBSD or elsewhere. I am just trying to get a help at least with a simple question if Orange PI ONE (Cortex A7 free of Spectre issue) + Nitrokey Pro 2 + OpenBSD is enough for a secure SSH server and client end points, still nobody told anything related to it. Or may be anyone knows are there any better alternatives? > >> I guess it is a huge work to harden Linux installation to a level compared >> to OpenBSD, there is some interesting work which is by Whonix but >> unfortunately with systemd, and it seems someone from that community is >> referring to isopenbsdsecu.re site, so it looks to me like a OpenBSD vs >> Whonix dispute, excuse me if I am wrong. > > Linus actively discourages security work. OpenBSD is thrilled to > actively work on security. A major compenent that brings security > benefits is simple auditing of code, not for security but for > correctness. > If you are seeking perfect security, YOU CAN'T HAVE IT! > It is impossible. Not even agencies such as the NSA, etc have it. > Remember Edward Snowden? All systems can be breached. Period. Then how can I provide a good level of security for my remote client if everything can be broken? How much does it cost to break remotely into a SSH server running OpenBSD on Orange PI ONE with SSH private keys stored in Nitrokey Pro 2? If I connect to it from my home from a similar dedicated console (say Cubietruck + Nitrokey Pro 2 + OpenBSD) without any other spare software on that board? It will be dedicated only for devops activity. On both side of the channel would be a firewall which allows connection only for specified IP addresses (me and the client). Local physical perimeter is secured at least against external threats, I cannot protect from a teleportation :) But presumably it is not possible to reflash Orangle PI Boot ROM or Nitrokey Pro 2 anyway and I can periodically verify integrity of OpenBSD installation on the SD card. Any other applications except SSH and ansible like browsers would be running from another computers or cloud VM. > > My suggestion is to stop taking a confrontational attitude ( you may not > even realize you are doing it) and try to take a congenial attitude. It > will always produce more good results than confrontation. Good point, I am just trying to, OpenBSD chat and community is very nice, it is very interesting to talk to such high qualified persons, Thank you
Fwd: Secure end points for Internet tunnel, the most secure hardware
Dear OpenBSD gurus, Please suggest which one of the following types of CPU and preferably the whole system too is the most secure and backdoor free: ARM, PowerPC, SPARC64, SH-4, MIPS Can you please suggest a specific model of the board compatible with OpenBSD? Пересылаемое сообщение 11.05.2020, 09:14, i...@aulix.com: > I need a secure dedicated textual SSH console connected to Internet at home - > Console1 > and preferably a two ports router on another end of the Internet line to > accept my SSH connections - Router1. > > What is the most secure hardware (which was sold in public shops) for > Console1 and Router1 ? > > Can you offer anything better than Cortex A7 board which is immune to Spectre > like issues? > What is the most secure Cortex A7 board on which OpenBSD can run? I guess it > shall have as little BLOBs as possible - only a small Boot ROM like > Beaglebone Black which unfortunately is not Cortex A7, but rather Cortex A8.
Re: OpenBSD insecurity rumors from isopenbsdsecu.re
On Tue, May 12, 2020 at 07:17:44AM +0200, i...@aulix.com wrote: > I would prefer to begin from grsecurity, but it is not available up to date > for my budget. > What exactly does your budget mean? These are all free, open source operating system. You may sell both OpenBSD and any installations and consulting. That could improve your income for your budget. > I would also try HardenedBSD, but it is only amd64 now? And how many active > developers there are? one or two? > I run two intel based servers with OpenBSD amd64. They run flawlessly. > OpenBSD looks as the only viable option for me right now, may be one another > is a systemd free distro like Devuan with a hardened kernel like by @anthrax, > but I am too unskilled even to understand what are improvements of @anthrax > kernel for me without a good doc for it in the existence, and on the other > hand OpenBSD is famous with its very good documentation. Open source means that most developers work for free and fun or to obtain something they in particular want. Convince some developers to work on your own desires, whether with OpenBSD or elsewhere. > > I guess it is a huge work to harden Linux installation to a level compared to > OpenBSD, there is some interesting work which is by Whonix but unfortunately > with systemd, and it seems someone from that community is referring to > isopenbsdsecu.re site, so it looks to me like a OpenBSD vs Whonix dispute, > excuse me if I am wrong. > Linus actively discourages security work. OpenBSD is thrilled to actively work on security. A major compenent that brings security benefits is simple auditing of code, not for security but for correctness. If you are seeking perfect security, YOU CAN'T HAVE IT! It is impossible. Not even agencies such as the NSA, etc have it. Remember Edward Snowden? All systems can be breached. Period. My suggestion is to stop taking a confrontational attitude ( you may not even realize you are doing it) and try to take a congenial attitude. It will always produce more good results than confrontation. Chris Bennett PS. Please format your emails to 80 or 72 character width. Your long lines are mildly irritating and non-standard in the Unix-like world. Or just hit enter more often.
Re: Any plans to support newer Loongson-based systems?
I believe loongson people are primaly after running some Linux distros for their processor (new ones), but maybe if you ask them directly about their plans to donate people's effort / hardware to OpenBSD, might be a good start: I asked some months ago about buying Loongson out of China to play wth, but got no luck. main point of contact inside Loongson, at least for for alpine Linux port, is this one: 刘小东 maybe some others can help: www.loongson.cn be safe. -- Fabio Martins > According to https://www.openbsd.org/loongson.html only some old > Loongson-based systems are supported. > > Are there any plans to support the more recent Loongson 3A3000- or the > current 3A4000-based systems? > > I do not know where OpenBSD MIPS developers are located. > Apparently the Loongson-based systems are not easily available outside > China, but it seems Chinese merchants are selling 3A4000+mainboard > bundles for somewhat less than 500 â¬, though I do not know if any of > them ship outside China. > > Philipp > >
Re: OpenBSD insecurity rumors from isopenbsdsecu.re
>Also NSA controls your brain with 5G radio waves. Go burn some towers in the name of the Freedom! Would not just a foil hat help? Do you have some OpenBSD edition?
Re: OpenBSD insecurity rumors from isopenbsdsecu.re
On Tue, 12 May 2020 at 09:47, wrote: > > Is not systemd one of such backdoors? Does it include any interesting > "features" except so called "init system"? 1) You're asking in the wrong place 2) It's off topic 3) If you need to ask, it means you don't have a clue. It's ok to ask, but don't make sweeping statements if you don't have a clue 4) Learn how to quote a message. -- Ottavio Caruso
Re: OpenBSD insecurity rumors from isopenbsdsecu.re
On Tue, 12 May 2020 at 02:13, wrote: > > Linux GNU software has hardly visible NSA backdoors If you have the technical skills to back this argument up, please look in the "Linux GNU software" source, find the backdoors and report back. -- Ottavio Caruso
Re: OpenBSD insecurity rumors from isopenbsdsecu.re
On Tue, May 12, 2020 at 10:47:48AM +0200, i...@aulix.com wrote: > Sure I do not have such skills, I am a very noob trying to build a > secure console and router, but most likely IMHO the backdoors are > targeted to be used from invisible virtualization trojans on X86? I > was even suggested to avoid Libreboot on X86 because it is GNU, though > for me it is sometimes difficult to understand where trolling is in > this area of my interest. > > Is not systemd one of such backdoors? Does it include any interesting > "features" except so called "init system"? Also NSA controls your brain with 5G radio waves. Go burn some towers in the name of the Freedom!
Re: OpenBSD insecurity rumors from isopenbsdsecu.re
Sure I do not have such skills, I am a very noob trying to build a secure console and router, but most likely IMHO the backdoors are targeted to be used from invisible virtualization trojans on X86? I was even suggested to avoid Libreboot on X86 because it is GNU, though for me it is sometimes difficult to understand where trolling is in this area of my interest. Is not systemd one of such backdoors? Does it include any interesting "features" except so called "init system"?
