Will is a user on unixcorn.xyz. You can follow them or interact with them if you have an account anywhere in the fediverse. If you don't, you can sign up here.

Will @bitgeist@unixcorn.xyz

Will boosted

"Our TLBleed exploit successfully leaks a 256-bit EdDSA key from libgcrypt (used in e.g. GPG) with a
98% success rate after just a single observation of signing operation on a co-resident hyperthread and just 17 seconds of analysis time."

blackhat.com/us-18/briefings.h

We can show strength without hatred, justice without revenge, and compassion without weakness.

Will boosted

Colin Percival tweeted a short thread on the “Lazy FPU” vulnerability that was just disclosed (CVE-2018-3665).

Colin credits his learning about it to Theo de Raadt. Took him ~5 hours to come up with working exploit code.

twitter.com/cperciva/status/10

More info on seclists.org and discussion on lobste.rs.

seclists.org/oss-sec/2018/q2/1

lobste.rs/s/qotnxq/confirmed_s

Will boosted

#OpenBSD intuition regarding a new side-channel caused by the speculative execution on systems with lazy FPU context switching wasn't unsubstantiated. Intel has just published an avdisory: intel.com/content/www/us/en/se

Thanks to Kurt Mosiejczuk's console server talk, I learned about upobsd for upgrades for the brave. In ports.
bitbucket.org/semarie/upobsd

Will boosted

The BOF SWAP is complete.

DMS 1140: BUG BOF
DMS 1160: THEO BOF

Thanks to Romain Tartière's Puppet talk, I learned about the presentation tool called pdfpc. A really neat tool for presentations.
pdfpc.github.io/

Will boosted

"Speculating about #Intel" by Theo de Raadt of #OpenBSD will be livestreamed at bsdnow.tv/bsdcan_dms1140 Starts in around 2 hours, at 12:30 Canada/Eastern.

Or come to room DMS1140 if you are at #BSDCan.

To be very clear: OpenBSD has not agreed to an embargo or NDA.

Off to Cora's for breakfast. Last day of ,

Will boosted

Just a FYI to people at #bsdcan in the front rows near cameras: Your conversations are being live-streamed, even during the breaks.

Will boosted

RT (for those who missed it, i.e: me :blobpats: ) @allanjude@twitter.com: The #BSDCan live streams can be found over at #BSDNow bsdnow.tv/bsdcan #OpenBSD #NetBSD #DragonFlyBSD #FreeBSD #BSD

Looking forward to the opening session at . But then comes the really hard part: deciding on which sessions to attend for the rest of the day.

Off to the Red Lion for the general registration

Day 2 of . Just a tourism day for me and my brother. IO need to emember that registration is at The Red Lion this year.