Smeedy 🇪🇺🇳🇱
@smeedy.bsky.social
Forever learning - Solution Architect - DevOps - Nerd - Music - Running - News Addict - AWS - LPWAN/Sensors - Retro hardware
@smeedybuild1970
@smeedybuild1970
Reposted by Smeedy 🇪🇺🇳🇱
Zijn de #fascisten terug? Elon Musk die de #AfD aanmoedigt is voor Timothy Snyder, als hoogleraar geschiedenis gespecialiseerd in de Holocaust en Oost-Europa, allesbehalve verrassend. Duik met Snyder in de gedachtegang van #oligarchen, die elkaar steeds vaker weten te vinden op het wereldtoneel.
Zijn de ultrarijken de nieuwe f*scisten? | VPRO Tegenlicht
YouTube video by VPRO Tegenlicht
www.youtube.com
February 16, 2025 at 10:06 AM
Zijn de #fascisten terug? Elon Musk die de #AfD aanmoedigt is voor Timothy Snyder, als hoogleraar geschiedenis gespecialiseerd in de Holocaust en Oost-Europa, allesbehalve verrassend. Duik met Snyder in de gedachtegang van #oligarchen, die elkaar steeds vaker weten te vinden op het wereldtoneel.
Nice read on the design, the process, and moving out of AWS and into DC bare metal because of costs.
newsletter.pragmaticengineer.com/p/bluesky
newsletter.pragmaticengineer.com/p/bluesky
Building Bluesky: a Distributed Social Network (Real-World Engineering Challenges)
Bluesky is built by around 10 engineers, and has amassed 5 million users since publicly launching in February this year. A deep dive into novel design decisions, moving off AWS, and more.
newsletter.pragmaticengineer.com
April 29, 2024 at 9:14 AM
Nice read on the design, the process, and moving out of AWS and into DC bare metal because of costs.
newsletter.pragmaticengineer.com/p/bluesky
newsletter.pragmaticengineer.com/p/bluesky
Colleague Matt got an answer from AI when asking about Kubernetes.
April 24, 2024 at 1:07 PM
Colleague Matt got an answer from AI when asking about Kubernetes.
Reposted by Smeedy 🇪🇺🇳🇱
I'm watching some folks reverse engineer the xz backdoor, sharing some *preliminary* analysis with permission.
The hooked RSA_public_decrypt verifies a signature on the server's host key by a fixed Ed448 key, and then passes a payload to system().
It's RCE, not auth bypass, and gated/unreplayable.
The hooked RSA_public_decrypt verifies a signature on the server's host key by a fixed Ed448 key, and then passes a payload to system().
It's RCE, not auth bypass, and gated/unreplayable.
This might be the best executed supply chain attack we've seen described in the open, and it's a nightmare scenario: malicious, competent, authorized upstream in a widely used library.
Looks like this got caught by chance. Wonder how long it would have taken otherwise.
Looks like this got caught by chance. Wonder how long it would have taken otherwise.
Woah. Backdoor in liblzma targeting ssh servers.
www.openwall.com/lists/oss-se...
It has everything: malicious upstream, masterful obfuscation, detection due to performance degradation, inclusion in OpenSSH via distro patches for systemd support…
Now I’m curious what it does in RSA_public_decrypt
www.openwall.com/lists/oss-se...
It has everything: malicious upstream, masterful obfuscation, detection due to performance degradation, inclusion in OpenSSH via distro patches for systemd support…
Now I’m curious what it does in RSA_public_decrypt
March 30, 2024 at 5:13 PM
I'm watching some folks reverse engineer the xz backdoor, sharing some *preliminary* analysis with permission.
The hooked RSA_public_decrypt verifies a signature on the server's host key by a fixed Ed448 key, and then passes a payload to system().
It's RCE, not auth bypass, and gated/unreplayable.
The hooked RSA_public_decrypt verifies a signature on the server's host key by a fixed Ed448 key, and then passes a payload to system().
It's RCE, not auth bypass, and gated/unreplayable.
It's alive! github.com/othermod/PSP...
October 26, 2023 at 7:16 AM
It's alive! github.com/othermod/PSP...
