HackerTrans
TopNewTrendsCommentsPastAskShowJobs

almet

55 karmajoined 10 anni fa

Submissions

Tool to use signal without a smartphone

github.com
1 points·by almet·22 ore fa·0 comments

Reticulum: Source-privacy claim vs. routing metadata

codeberg.org
12 points·by almet·2 mesi fa·1 comments

How to Reproduce Container Images

dangerzone.rocks
1 points·by almet·3 mesi fa·0 comments

Pwn Santa – Container Isolation Bug Bounty / CTF

dangerzone.rocks
4 points·by almet·7 mesi fa·1 comments

comments

almet
·3 mesi fa·discuss
Currently working on a way to help folks setup a signal account without requiring a smartphone.

It's in rust with egui, and should help folks to do that without the cli.

Not ready for prime time yet, but available at https://github.com/almet/signal-without-smartphone
almet
·6 mesi fa·discuss
(Hi, disclaimer: I'm one of the current dangerzone maintainers)

You are correct: that's basically what Dangerzone is doing!

The challenges for us are to have a sandbox that keeps being secure and make it possible for non-tech folks (e.g. journalists) to run this in their machines easily.

About the sandbox:

- Making sure that it's still updated requires some work: that's testing new container images, and having a way to distribute them securely to the host machines ;

- In addition to running in a container, we reduce the attack surface by using gVisor¹ ;

- We pass a few flags to the Docker/Podman invocation, effectively blocking network access and reducing the authorized system calls ;

Also, in our case the sandbox doesn't mount the host filesystem in any way, and we're streaming back pixels, that will be then written to a PDF by the host (we're also currently considering adding the option to write back images instead).

The other part of the work is to make that easily accessible to non-tech folks. That means packaging Podman on macOS/Windows, and providing an interface that works on all major OSes.

¹ https://dangerzone.rocks/news/2024-09-23-gvisor/
almet
·6 mesi fa·discuss
(Hi, disclaimer: I'm one of the current dangerzone maintainers)

That's a good question :-)

Opening PDFs, or images, or any other document directly inside your machine, even with a limited PDF viewer, potentially exposes your environment to this document.

The reason is that exploits in the image/font/docs parsing/rendering libraries can happen and are exploited in the wild. These exploits make it possible for an attacker to access the memory of the host, and in the worse case allow code execution.

Actually, that's the very threat Dangerzone is designed to protect you from.

We do that by doing the docs to pixel conversion inside a hardened container that uses gVisor to reduce the attack surface ¹

One other way to think about it is to actually consider document rendering unsafe. The approach Dangerzone is taking is to make sure the environment doing the conversion is as unprivileged as possible.

In practice, an attack is still possible, but much more costly: an attacker will be required to do a container escape or find a bug in the Linux kernel/gVisor in addition to finding an exploit in document rendering tools.

Not impossible, but multiple times more difficult.

¹ We covered that in more details in this article https://dangerzone.rocks/news/2024-09-23-gvisor/
almet
·6 mesi fa·discuss
(Hi, dangerzone maintainer here)

There is indeed a dangerzone-cli tool¹, and it should be made more visible. We plan on updating/consolidating our docs in the foreseeable future, to make things clearer.

Also, plans are here to make it possible to use dangerzone as a library, which should help use cases like the one you mention.

¹ https://github.com/freedomofpress/dangerzone/blob/main/dange...
almet
·7 mesi fa·discuss
Freedom of the Press Foundation is kick-starting a bug bounty program for this holiday season.

Challenge the popular adage "containers don't contain", by sending Santa a naughty letter that bypasses Dangerzone protections (Libreoffice + gVisor + Podman)

If your letter breaks a containerization layer by capturing a flag, you get the associated bounty.

Have fun!