Tag: linux

  1. Ubuntu Linux and the Heartbleed OpenSSL vulnerability.

    07 April 2014

    If you're in the mad scramble to patch the Heartbleed vulnerability in OpenSSL on your Ubuntu servers but you need to see some documentation, look in your /usr/share/doc/openssl/changelog.Debian.gz file. If you see the following at the very top of the file, you're patched:

    openssl (1.0.1-4ubuntu5.12) precise-security; urgency=medium

    * SECURITY UPDATE: side-channel attack on Montgomery ladder implementation
    - debian/patches/CVE-2014-0076.patch: add and use constant time swap in
    crypto/bn/bn.h, crypto/bn/bn_lib.c, crypto/ec/ec2_mult.c,
    - CVE-2014-0076
    * SECURITY UPDATE: memory disclosure in TLS …


  2. Turtles All the Way Down: Bootstrapping an operating system.

    10 March 2014

    Now we need an operating system for the trusted, open source computer. As previously mentioned, Windows and MacOSX are out because we can't audit the code, and it is known that weaponized 0-days are stockpiled by some agencies for the purpose of exploitation and remote manipulation of systems, and are also sold on the black and grey markets for varying amounts of money (hundreds to multiple thousands of dollars). It has been observed by experts many a time that software being open source is not a panacea for security. It does, however, mean that the code can be audited for …


  3. Cryptsetup benchmarks for a Dell 17r.

    01 August 2013

    For no good reason today I decided to run some cryptsetup benchmarks on Windbringer. The only really significant change to the systemware configuration is that Windbringer is now running Linux kernel version 3.9.4-1-ARCH.

    [drwho@windbringer ~]$ cryptsetup benchmark
    # Tests are approximate using memory only (no storage IO).
    PBKDF2-sha1       407688 iterations per second
    PBKDF2-sha256     222155 iterations per second
    PBKDF2-sha512     144511 iterations per second
    PBKDF2-ripemd160  334367 iterations per second
    PBKDF2-whirlpool  187245 iterations per second
    #  Algorithm | Key |  Encryption |  Decryption
         aes-cbc   128b   563.0 MiB/s  1862.0 MiB/s
     serpent-cbc   128b    67.7 …


  4. Announcing Byzantium Linux v0.4b - "No sleep 'till Brooklyn!"

    01 July 2013

    Project Byzantium can now take a breather for a day or two to recuperate, so I have some time to write a hopefully coherent post during my second cup of coffee.

    Last week we wrapped up ISC development milestone number three: Addding amateur radio support to Byzantium Linux. This was probably our more difficult development effort to date, as it required that we use our relatively newly earned skills as ham radio operators to figure out a way to connect mesh networks over long distances - longer distances than 802.11 wireless can ordinarily cover. I'll not recap the entire report …


  5. Setting up AIDE in Kali Linux.

    17 June 2013

    Kali Linux (formerly Backtrack) is a distribution of Linux designed for penetration testers and information security professionals. I'll spare you the details - that's what Wikipedia is for - but I did want to post about a problem that I've been wrestling with for a couple of hours.

    Kali Linux can be installed and operated like any other distribution of Linux, which means that you get all of the nifty and handy tools that you'd expect to have, like AIDE for monitoring the file system for unauthorized changes. Unfortunately, because Kali is based upon Debian, and Debian over-engineers a lot of things …


  6. Announcing the release of v0.3a - Beach Cat!

    27 March 2013


    NOTE: This is Byzantium Linux for x86-compatible laptops and desktops. This release is not compatible with the Raspberry Pi. We just started work on that port.

    Project Byzantium, a working group of HacDC is proud to announce the release of v0.3 alpha of Byzantium Linux, a live distribution of Linux which makes it fast and easy to construct an ad-hoc wireless mesh network which can augment or replace the current telecommunications infrastructure in the event that it is knocked offline (for example, due to a natural …


  7. Project Byzantium awarded InformSec development grant!

    26 March 2013

    Hit and run, because I'm at work:

    The reason I haven't been posting much here is because I've been gearing up for this: Project Byzantium was awarded a grant by InformSec to advance the development of Byzantium Linux. The grant is for $10,000us across a six month period of time, during which we will accomplish the following milestones:

    • Port Byzantium Linux to the RaspberryPi.
    • Port Byzantium Linux to the Intel Macbook.
    • Develop a method for interfacing Byzantium Linux with existing amateur radio mesh networking projects.
    • Release v0.4.
    Parties interested in joining the development effort are encouraged to join …


  8. August 2012 Byzantium development sprint this weekend!

    20 August 2012

    To work around some scheduling conflicts, this month's Project Byzantium development sprint will be held this weekend, 24 and 25 August 2012 at HacDC. If you've been following the project for a while and would like to get involved, or if you're a new developer and would like to get up to speed this will be a perfect time. In addition to talking over lessons learned since the release of v0.2a we'll be teaching new developers everything you'll need to know to get up to speed.

    If you can't attend physically we'll be livestreaming the sprint so you can …


  9. Linux on the Dell Inspiron 17R (N7010)

    27 April 2012

    As I mentioned a couple of days ago I had to buy a new laptop because Windbringer's old hardware became unstable due to cumulative heat damage. I drive my machines pretty hard (doubly so when programming because I test in several virtual machines) so after five years of steady use it was time to upgrade. So, I upgraded with software design in mind... I purchased a Dell Inspiron 17R (under the hood it's called the N7010) and customized it online.

    To save everyone's eyes I'll put the nitty-gritty behind the cut, starting with a component inventory.

    Distribution: Arch Linux, 64-bit …


  10. Down to the wire: Byzantium Development Sprint (September Edition)

    04 October 2011

    Friday evening the Byzantium development team met once again at HacDC to determine where all of us are in the engineering and development process and figure out what we have to do before we can put the alpha release online and announce open testing. Ben the Pyrate has been hard at work setting up the infrastructure and is constructing an automated build environment for the Porteus project (whose distro we're basing Byzantium on), and which we can leverage to make it easier to compile Byzantium Linux into a bootable .iso image. Right now the installation process is entirely manual, which …


4 / 9