Colin O'Brien

@TRA4669 @ID_AA_Carmack QUIC is fine

@ID_AA_Carmack I've been trying to make my first multiplayer game using QUIC. I just got interpolation, reconciliation, prediction, and lag comp working Do you think QUIC is problematic in a way that I should be using something else?

It is a shame that the simple act of transferring a large block of data as fast as possible over the internet is not handled effectively by the primitive operating system calls. You either multiplex over parallel persistent TCP connections to combat head-of-line blocking and slow starts, or reinvent reliable delivery and flow control over UDP. QUIC has a lot going for it, but it is a large library (six figure LoC!) and conflates security and performance in a way I don’t love. There is also fundamental information about competition with other processes and link layer congestion that should be useful, but is unavailable to user libraries. You should be able to just write(really_big_buffer) and it is all taken care of for you.

At this rate there won't be anything left of the kernel by 2028

@spendergrsec How much of the kernel do you think we can kill this way? lol

"the Linux cryptographic subsystem is proactively dropping zero-copy functionality from AF_ALG due to growing security concerns."

@tqbf an os where the maintainers care about security but no one uses it vs an os where the maintainers think security is dumb but everyone uses it

@tqbf neither is secure but at least linux had easy access to grsec at one point, idk that's the best I can come up with to even start a conversation on such a pointless topic lol

I think my basic thing is, if you have a reasoned, nuanced argument for why you think OpenBSD is more secure than Linux, I'll be like "ok we can just disagree". But if you come in "only 2 remote holes in the default base OS in a long time!" I'm just, like, no.

@dinodaizovi Systems engineering was a more common skillset back then. You can't even subprocess out or sandbox in most common languages without inviting tons of weird bugs. So people don't.

Sometimes it confuses me how the security field today fails to remember why things like least privilege and privilege separation were built into qmail, postfix, and SSH long ago. Then I remember that an astonishingly small percentage of the field today were around back then.

@dinodaizovi Seems odd that removing read from all suid on a Linux would break anything. I haven't tried it but it feels like it should kinda "just work"?

It's interesting that all of these page cache exploits require a readable, suid binary. Notably, all of the suid bins on NixOS in /run/wrappers/bin/ aren't readable by unpriv users. There are likely other ways to exploit them, but it adds more complications and work to exploit.

People are counting the `unsafe` blocks in bun like it's a "gotcha" ("haha ai wrote unsafe") when it's the entire point. They can literally count the problem now.

@spendergrsec reported by qualys lol

What have we here: git.kernel.org/pub/scm/linux/…

Confirmed! @chompie1337 of IBM X-Force Offensive Research (XOR) used a single bug to exploit NV Container Toolkit, earning $50,000 and 5 Master of Pwn points. #Pwn2Own #P2OBerlin

@zeta_globin You're discrediting a massive, valid field because of a few pop scientists who have capitalized on hype.

had a heartwarming chat with my boss recently about how we both hate theoretical physicists more than any other demographic on the planet for how they butchered the sanctity of science with string theory and so much more non-predictive accommadative bullshit

Kinda funny that you can literally produce full-grown drinking age adults with master's degrees in the time it takes to improve upstream Linux security

@abh1sek Ah yes, I haven't seen this in quite a while. Thanks for putting it back on my radar.

@InsanityBit That’s exactly what PMG does. github.com/safedep/pmg

Can we get sandboxed package managers now??? lol

@ramimacisabird #blockexoticsubdeps" target="_blank" rel="nofollow noopener">pnpm.io/settings#block… neat TIL

Everyone is tweeting out "use pnpm & set a minimumReleaseAge of 7 days" but don't forget blockExoticSubdeps - which would also prevent the usage of a remote github reference here!

Honestly, this should extend to test harnesses too. I guess it'll take years to get into a good spot but it's very frustrating, none of this is new.

@scriptjunkie1 Weird because Firefox said that they were going to get rid of all of the vulns

So many browser exploit chains that Pwn2Own is rejecting fully demonstrated submissions. I'm sure it's a fine time to be browsing the internet. x.com/ggwhyp/status/…

@adamgordonbell I'm kinda skeptical tbh. I sort of assume that the dev is just not realizing something about that service, like that it's packing 128bits of specific data for locality reasons etc instead of, as they seem to assume, uuidv4

I kinda hope this is a true story.

Everyone's really loving saying "Rust doesn't prevent TOCTOU" lately but uhhhhh, use cap-std? It's very easy to avoid TOCTOU vulns in Rust with almost no effort.

Interesting that claude is reaching right for Kani to verify my rust code. I gave zero indication that it should do that, or even to care about correctness.