HackerLangs
TopNewTrendsCommentsPastAskShowJobs

uniformlyrandom

no profile record

Submissions

[untitled]

1 points·by uniformlyrandom·5개월 전·0 comments

comments

uniformlyrandom
·5개월 전·discuss
exactly.
uniformlyrandom
·5개월 전·discuss
Access Denied You don't have permission to access "http://www.tesla.com/" on this server. Reference #18.882d3e17.1769800239.f443cb0

https://errors.edgesuite.net/18.882d3e17.1769800239.f443cb0
uniformlyrandom
·2년 전·discuss
To be fair, it is perfectly normal for a surgeon to cut people with a sharp knife with their permission while in the hospital.

It is kinda sus when they do it at home without consent.
uniformlyrandom
·5년 전·discuss
Except if it is awscli creds, then of course there is no MFA.
uniformlyrandom
·7년 전·discuss
The author is probably an English major. He was waiting all his life to finally say 'you see, my degree is not completely useless'. He would, of course, be completely and utterly wrong - both in justifying his degree, and his analysis of relnotes grammar.
uniformlyrandom
·7년 전·discuss
Not really, I have seen a lot of unneeded abbreviations. Thankfully we are (almost) out of the age of 140c messages and 40c editor lines.

But more to the point, 'vulns' seems like a very unnatural abbreviation. I would go with v11n (similar to i18n).
uniformlyrandom
·7년 전·discuss
> oddly vulgar

My initial reaction was 'linguistically disgusting', but I decided to hold off the opinion, just in case I am strangely illiterate.
uniformlyrandom
·7년 전·discuss
Yep, chat makes sense. Thank you for actually stating a use-case.
uniformlyrandom
·7년 전·discuss
This blog post is so watered down and manages to digress at every possible point that it is almost impossible to read. The only useful part of the text are the URLs.

Also, this:

> A vulnerability, or vuln for short, is a bug that makes software go wrong in a way that reduces computer security.

Does anyone actually use this abbreviation?
uniformlyrandom
·9년 전·discuss
That is also in there. You can either specify "pti off" or "nopti" as a boot parameter.

  +void __init pti_check_boottime_disable(void)
  ...
  +	ret = cmdline_find_option(boot_command_line, "pti", arg, sizeof(arg));
  +	if (ret > 0)  {
  +		if (ret == 3 && !strncmp(arg, "off", 3)) {
  +			pti_print_if_insecure("disabled on command line.");
  +			return;
  +		}
  +		if (ret == 2 && !strncmp(arg, "on", 2)) {
  +			pti_print_if_secure("force enabled on command line.");
  +			goto enable;
  +  		}
  +		if (ret == 4 && !strncmp(arg, "auto", 4))
  +			goto autosel;
  +	}
  +
  +	if (cmdline_find_option_bool(boot_command_line, "nopti")) {
  +		pti_print_if_insecure("disabled on command line.");
  +		return;
  +	}
  +
  +autosel:
  +	if (!boot_cpu_has_bug(X86_BUG_CPU_INSECURE))
  +		return;
uniformlyrandom
·9년 전·discuss
Not so sure about that. I am reading the merge commit, and comments are pretty interesting:

  --- a/arch/x86/include/asm/processor.h  
  +++ b/arch/x86/include/asm/processor.h
  + * On Intel CPUs, if a SYSCALL instruction is at the highest canonical
  + * address, then that syscall will enter the kernel with a
  + * non-canonical return address, and SYSRET will explode dangerously.
  + * We avoid this particular problem by preventing anything executable  
  + * from being mapped at the maximum canonical address.
  + *
  + * On AMD CPUs in the Ryzen family, there's a nasty bug in which the
  + * CPUs malfunction if they execute code from the highest canonical page.
  + * They'll speculate right off the end of the canonical space, and
  + * bad things happen.  This is worked around in the same way as the
  + * Intel problem.
uniformlyrandom
·9년 전·discuss
From the merge commit:

  +#ifdef CONFIG_PAGE_TABLE_ISOLATION
  +# define DISABLE_PTI		0
  +#else
  +# define DISABLE_PTI		(1 << (X86_FEATURE_PTI & 31))
  +#endif
PS - MSFT has not published relnotes, so we do not know yet. We'll find out soon enough.