Hacker News: xorbyte

New comment by xorbyte in "Wallbleed: A Memory Disclosure Vulnerability in the Great Firewall of China"

xorbyte — Fri, 28 Feb 2025 17:12:10 +0000

Wallbleed, a buffer over-read vulnerability that existed in the DNS injection subsystem of the Great Firewall of China. Wallbleed caused certain nation-wide censorship middleboxes to reveal up to 125 bytes of their memory when censoring a crafted DNS query. It afforded a rare insight into one of the Great Firewall’s well-known network attacks, namely DNS injection, in terms of its internal architecture and the censor’s operational behaviors.

Wallbleed: A Memory Disclosure Vulnerability in the Great Firewall of China

xorbyte — Fri, 28 Feb 2025 17:12:10 +0000

Article URL: https://gfw.report/publications/ndss25/en/

Comments URL: https://news.ycombinator.com/item?id=43207936

Points: 1

# Comments: 1

New comment by xorbyte in "Why We Terminated Daily Stormer"

xorbyte — Thu, 17 Aug 2017 00:56:06 +0000

If he doesn't like your site, he may not allow you to use his service, which is something the TOS already cover.

Over time, such capricious terminations could lead to the Board seeking action against the CEO, depending on the impact to the business.

New comment by xorbyte in "TunnelBear Publishes Security Audit"

xorbyte — Wed, 16 Aug 2017 19:05:25 +0000

macOS and iOS don't support OpenVPN with the built-in client. You can use strongSwan-based VPNs (e.g., as would be deployed through Algo) or Cisco, but for OpenVPN you'll need a custom client which, unfortunately, very likely brings along its own .kext.

New comment by xorbyte in "“Packages should be reproducible” added to Debian Policy"

xorbyte — Mon, 14 Aug 2017 22:05:35 +0000

I think you may be confusing deterministic reproducible builds (that remove randomness and ensure binaries have the same content hash regardless of who builds them (so you can reproduce what the maintainers did and verify the source and binaries) to merely a repro'd environment where everything still works because deps are included, which seems to be all that Nix promises (and in fact there is at least one open issue to add full deterministic builds to Nix https://github.com/NixOS/nixpkgs/issues/9731 )

New comment by xorbyte in "Quitting Caffeine"

xorbyte — Mon, 14 Aug 2017 21:13:15 +0000

Not all tonic water is low cal, a 350 mL bottle can be 100 calories from the 30g of sugar added.

New comment by xorbyte in "Salesforce fires red team staffers who gave Defcon talk"

xorbyte — Thu, 10 Aug 2017 08:40:30 +0000

Any comparatively large corporation very likely has a release process for these sorts of things where a bunch of groups (like PR, maybe Legal etc) would take a look. Releasing company IP as open source outside of such a process would be a gross violation of any number of non-disclosure agreements between employer and employee.

New comment by xorbyte in "PoC or GTFO 15 [pdf]"

xorbyte — Sun, 25 Jun 2017 07:33:06 +0000

Back issues are always included in the current issue, hence the zip. Keep recursing that way (or use binwalk)

New comment by xorbyte in "Ask HN: Anonymous person sent proof of SSH access to our production server"

xorbyte — Wed, 27 Jul 2016 14:33:57 +0000

There's nothing in the OPs post suggesting SSH was exposed to the public, or that the breach happened over SSH. So it's important to secure that, but it's also important to think holistically about the attack surface.

New comment by xorbyte in "Ask HN: Anonymous person sent proof of SSH access to our production server"

xorbyte — Wed, 27 Jul 2016 14:30:20 +0000

You assume the breach happened over SSH. This is valuable information to securing SSH, but it's entirely possible the original breach happened over some other service, and there were some other steps involved in the breach before the SSH screenshot was taken.

New comment by xorbyte in "Simple Ways to Protect an API"

xorbyte — Wed, 25 Jun 2014 16:36:03 +0000

The article makes no mention of TLS anywhere, and the example endpoints are all HTTP. So, this is a thoroughly insecure implementation, relying on very weak security mechanisms, prone to straightforward interception and tampering, replay etc.

New comment by xorbyte in "The Operating System That Can Protect You Even if You Get Hacked"

xorbyte — Mon, 14 Apr 2014 05:21:14 +0000

Wouldn't that just be regular Xen?

New comment by xorbyte in "Why systemd is winning the init wars and other things aren't"

xorbyte — Wed, 12 Feb 2014 08:04:23 +0000

Not sure how you see progress and innovation otherwise. Much of what is good in Linux comes from experimentation and people/distros 'doing their own thing' which sometime improved the ecosystem, and sometimes resulted in abandoned projects. But things have not stagnated.

As for UNIX, perhaps you're familiar with Plan 9? Some of the principal UNIX designers were unhappy with the result, so they went and worked on improving it. Nothing is good enough the first time around.

New comment by xorbyte in "Asusgate: A story about thousands of crimeless victims"

xorbyte — Wed, 05 Feb 2014 01:15:30 +0000

Similarly echoed in the OpenWRT talk from 30C3 https://www.youtube.com/watch?v=Y-OlUxeS57E

New comment by xorbyte in "Square thinks I don’t exist"

xorbyte — Tue, 28 Jan 2014 01:55:27 +0000

No, I think this means PayPal recognizes tptacek's CCs and forces a log in. Even with a new card, perhaps they'll just base it on the name and refuse to process it without an account login.

New comment by xorbyte in "Cryptocat Considered Harmful: The Root Cause"

xorbyte — Thu, 02 Jan 2014 03:00:43 +0000

OTR is only used in one-on-one communications in CC; group chat mechanisms are custom, and may now converge towards the mpOTR draft but that's still a pretty big risk.

Internet-Wide Scan Data Repository

xorbyte — Thu, 02 Jan 2014 00:28:38 +0000

Article URL: https://scans.io/

Comments URL: https://news.ycombinator.com/item?id=6997494

Points: 3

# Comments: 0

New comment by xorbyte in "The NSA Reportedly Has Total Access To The Apple iPhone"

xorbyte — Tue, 31 Dec 2013 08:16:32 +0000

Much of Jacob's presentation echoes many of the articles he (and others) had published in Der Spiegel earlier that day, going into a little more into the technical aspects (to the extent they are known and/or can be inferred.) While you may skip out the talk, at least look over the articles. While Jacob's style may rub you wrong, the issues are there regardless, and impatience is hardly a justifiable excuse.

On another note, if you are aware of Jacob misleading on any matter, it would be nice pointing that out directly. He is an activist that has done everything from helping with on-the-ground infrastructure deployments in war-torn areas, working on and advocating for Tor, speaking in front of the EU council… Casting doubt on his integrity without highlighting relevant facts is a way of distracting from the actual issues under discussion.

New comment by xorbyte in "Ask HN: MS Word alternatives for writing academic reports"

xorbyte — Fri, 27 Dec 2013 15:59:28 +0000

Look if anyone in your institution has created a dissertation template for LaTeX, or if you can use one [from elsewhere](https://github.com/briandealwis/ubcdiss). I personally found the formatting to be the hardest part, not the actual writing, especially since you can find helpers for various text editors, like LaTeXTools for Sublime etc.

As pointed out elsewhere in this thread, don't make your hammer solve all of the problems.

New comment by xorbyte in "Ask HN: MS Word alternatives for writing academic reports"

xorbyte — Fri, 27 Dec 2013 15:53:55 +0000

MultiMarkdown might be more suitable for large documents, as it allows the inclusion of files between documents, cross-references etc.