with a microscope
if it was at least a scanning tunneling one, then yes, good job π π€ͺ
smb
joined 10 months ago
well there is plenty of what is possible to try. but unless one had looked at the real cause i'ld suspect one of apples hardware backdoors to cause the crashes like if the backdoor doesn't work, crash the kernel, so we never loose control over the sheeapple thing. or more realistic if you want:
First maybe just crappy hardware:
There is a reason why i suspect apple's hardware, cause my shitty macbook at work should(!) go to something like hibernate, sleep, or its spyveillance-only mode when closing the lid, and it should also lock the screen when doing so, the actual results seem pure randomly choosen, sometimes the sleep mode survives the weekend with lots of accu left, sometimes its completely depleted and i even have to charge it for a while before it has enough power to show the charging logo. for security reasons i have to manually lock my screen, verify it and then close the lid, which is pure annoy. this could just be buggy hardware, a sensor so broken that reading its inputs directly could crash any OS that assumes i.e. no division by zero, pointers to nonexisting ram or whatever, and maybe apple just knows what faulty measurements mean what (but cannot make that stable too, only no crash occurs)
secondly with a hardware backdoor:
"The discovered vulnerability is a hardware feature, possibly based on the principle of βsecurity through obscurity,β and may have been intended for testing or debugging. Following the initial 0-click iMessage attack and subsequent privilege escalation, the attackers leveraged this hardware feature to bypass hardware-based security protections and manipulate the contents of protected memory regions."
which is that (some/all?) iphones have at least one memory page where one only has to accidently or intentionally write something into it, that could trigger the backdoor feature to let you choose which memory address to overwrite with what bytes, bypassing every(!) security mechanism in hardware AND of course those made of software too. that is how i understood documentation and presentations about it. now apple said they "fixed" it in software, from what i remember that fix was just a "os preventing apps from writing to that memory backdoor page" thus not a fix but only a mitigation, while "fix" is more a lie than only misleading words to just pretend it wasn't permanent and unfixable. let us assume that linux does not include hardware backdoor mitigations for apple devices AND that apple placed the very same backdoor memory page into macbooks as well but maybe at (an)other physical address(es). now the code that runs on closing the lid "might" just reside at or write to the very same memory page on every boot for a given exact same kernel, which might be a memory page that acts the same or similar like that iphone hardware backdoor, overwriting some other memory page depending on what is actually written to the backdoor page which immediately crashes the kernel. if that's whats happening there, t2linux is not broken, but macbooks are just insecure costly (loss of money, time, security, trust, work performance, patents, stability, a.s.o. ...) waste.
how to find out? (maybe)
- get the kernel code.
- deactivate every driver not needed to boot and run the lidclose stuff like i.e. the sensor, compile the kernel anew and try booting from it.
changin the kernel a lot by removing everything(!) not needed should in theory/hopefully also change the pages that would be affected when closing the lid. same effect: likely no backdoor. no effect: maybe something you deactivated, maybe yet another backdoor discovery.
it might also be solveable by sth like acpi settings or such, probably switchable from kernel boot cmdline , maybe change settings for hibernate / suspend to ram (does apple hardware even support such? i mean without the buggy behaviour i experience?)l
but you did notice that compilers can be manipulated to include backdoors into resulting binaries AND put the same manipulation into newly compiled compilers as well, right? then where did you get that compiler from? did you have a look at the binary output? then if so, did you look at it using the hexeditor of that same compiler? π plz have a look .. π₯ bzzzt ... really you are lucky to be alive after a blast like that, especially you, have yourself checked out with ems before you leave!
you should definitely know what type of authentication you use (my opinion) !! the agent can hold the key forever, so if you are just not asked again when connecting once more, thats what the agent is for. however its only in ram, so stopping the process or rebooting ends that of course. if you didn't reboot meanwhile maybe try unload all keys from it (ssh-add -D, ssh-add -L) and see what the next login is like.
btw: i use ControlMaster /ControlPath (with timeouts) to even reduce the number of passwordless logins and speed things up when running scripts or things like ansible, monitoring via ssh etc. then everything goes through the already open channel and no authentication is needed for the second thing any more, it gets really fast then.
isnβt a security feature. At most it can be a safety feature.
o,,O
~~no bad politics~~
π
you already have an internet connected back door in your CPU.
unless you're running your own gsm station and let your cpu's safely connect to it, and use that connection for additional snmp monitoring data?
ok, not sure, but...
- its billionaires..
- they tried to put additional sand there to "protect" their luxury vacation homes they had literally "build on sand" and damage wildlife while they go, but were stopped by a court ruling
- now one of them accusing another of "stealing sand" and sues him to put "the stolen sand back", so he can be forced by court to put sand there. and maybe more than he ever "stole".
- it sounds like only lies is what they have
- its only billionaires, nothing good comes from them.
maybe the court should rule that he has to put sand there personally by his own hands (no tech other than a bucket is allowed) that he has to carry without machinery, cars or anything from at least 5km away until his neigbour is fine with the situation. if the neighbour is fine quite quickly, the court should fine that neighbour due to abusing the court with false claims. if not, that sandy billionaire still can fine his neigbour to help him. maybe...
but anyway that situation stinks.
not the home screem
if had to use windows at home i'ld screem too.
not too surprised they didn't change that.
The whole point of ssh-agent is to remember your passphrase.
replace passphrase with private key and you're very correct.
passphrases used to login to servers using PasswordAuthentication are not stored in the agent. i might be wrong with technical details on how the private key is actually stored in RAM by the agent, but in the context of ssh passphrases that could be directly used for login to servers, saying the agent stores passphrases is at least a bit misleading.
what you want is:
- use Key authentication, not passwords
- disable passwordauthentication on the server when you have setup and secured (some sort of backup) ssh access with keys instead of passwords.
- if you always want to provide a short password for login, then don't use an agent, i.e. unset that environment variable and check ssh_config
- give your private key a password that fits your needs (average time it shoulf take attackers to guess that password vs your time you need overall to exchange the pubkey on all your servers)
- change the privatekey every time immediately after someone might have had access to the password protected privkey file
- do not give others access to your account on your pc to not have to change your private key too often.
also an idea:
- use a token that stores the private key AND is PIN protected as in it would lock itself upon a few tries with a wrong pin. this way the "password" needed to enter for logins can be minimal while at the same time protecting the private key from beeing copied. but even then one should not let others have access to the same machine (of course not as root) or account (as user, but better not at all) as an unlocked token could also possibly be used to place a second attacker provided key on the server you wanted to protect.
all depends on the level of security you want to achieve. additional TOTP could improve security too (but beware that some authenticator providers might have "sharing" features which could compromise the TOTP token even before its first use.
its not just ads and malware, and its not only about beeing sorry for them. ads are also manipulating how people think. not only the obvious things like "that product is good", but also that products in general would help (with problems you didn't have). and the format itself of ads (even without considering its contents) already has a changing effects on the minds of those who watch it. i am thinking of some parts of neil postmans thoughts about television back then and i guess there is plenty of possibilities to make a realistic conspiracy theory out of it why exactly the most poisonous parts of television are replicated to the internet with massive force even though everyone ignores ads in the net. i like theories
unfortunately, feeling sorry for them does not help society to stability. π₯