Subscribe: OpenBSD Journal
http://undeadly.org/cgi?action=rss
Added By: Feedage Forager Feedage Grade B rated
Language: English
Tags:
deraadt  hellip  henning brauer  intel  openbsd  patrick  raadt deraadt  raadt  read hellip  read  reyk floeter  theo raadt  update 
Rate this Feed
Rate this feedRate this feedRate this feedRate this feedRate this feed
Rate this feed 1 starRate this feed 2 starRate this feed 3 starRate this feed 4 starRate this feed 5 star

Comments (0)

Feed Details and Statistics Feed Statistics
Preview: OpenBSD Journal

OpenBSD Journal



The OpenBSD Community.



 



CPU microcode update code for amd64

Mon, 15 Jan 2018 07:34:06 GMT

Patrick Wildt (patrick@) recently committed some code that will update the Intel microcode on many Intel CPUs, a diff initially written by Stefan Fritsch (sf@). The microcode of your CPU is basically the firmware that runs on your (Intel) processor, defining its instruction set in terms of so called "microinstructions". The new code depends, of course, on the corresponding firmware package, ported by Patrick which can be installed using a very recent fw_update(1). Of course, this all plays into the recently revealed problems in Intel (and other) CPUs, Meltdown and Spectre.

Read more…




Handling of CPU bugs disclosure 'incredibly bad': OpenBSD's de Raadt

Wed, 10 Jan 2018 09:02:24 GMT

ITWire has published an article regarding Theo de Raadt's (deraadt@) reaction to the Meltdown/Spectre disclosures.

One choice quote reads:

Intel engineers attended the same conferences as other company engineers, and read the same papers about performance enhancing strategies – so it is hard to believe they ignored the risky aspects.




OpenBSD-current now has 'smtpctl spf walk'

Tue, 09 Jan 2018 08:29:16 GMT

If you run a mail service, you probably like to have greylisting in place, via spamd(8) or similar means. However, there are some sites that simply do not play well with greylisting, and for those it's useful to extract SPF information to identify their valid outgoing SMTP hosts.

Now OpenBSD offers a straightforward mechanism to do that and fill your nospamd table, right from the smtpctl utility via the subcommand spf walk. Gilles Chehade (gilles@) describes how in a recent blog post titled spfwalk.

This feature is still in need of testing, so please grab a snapshot and test!




Response to the "Meltdown" Vulnerability

Sat, 06 Jan 2018 08:22:38 GMT

A message to tech@ from Philip Guenther (guenther@) provides the first public information from developers regarding the OpenBSD response to the recently announced CPU vulnerabilities:

So, yes, we the OpenBSD developers are not totally asleep and a handful of
us are working out how to deal with Intel's fuck-up aka the Meltdown
attack.  While we have the advantage of less complexity in this area (e.g.,
no 32bit-on-64bit compat), there's still a pile of details to work through
about what has to be *always* in the page tables vs what can/should/must be
hidden.

Read it and weep…




BSDCAN2017 Interview with Peter Hessler, Reyk Floeter, and Henning Brauer

Fri, 29 Dec 2017 08:09:44 GMT

In a message to misc@, Tom Smyth wrote (in part):

While  attending BSDCAN2017 in Ottawa I met many OpenBSD Developers,
and I was fortunate to grab a few moments and video an interview
with Peter Hessler, Henning Brauer and Reyk Floeter and talk to
them about OpenBSD generally,
I really appreciate the guys generosity in their time on the
interview
I have posted the video here
https://www.youtube.com/watch?v=e-Xim3_rJns&feature=youtu.be

Nice work, Tom!




pledge() work in progress

Fri, 08 Dec 2017 08:22:46 GMT

In a message to tech@, Theo de Raadt (deraadt@) provided some insights into ongoing work on pledge(2):

I wanted to give an update that a two pledge-related changes are being
worked on.  The semantics and integration are complicated so it is
taking some time.

Read more…




arm64 platform now officially supported [and has syspatch(8)]

Fri, 08 Dec 2017 08:22:38 GMT

arm64 is now an officially supported platform for OpenBSD. As some readers will have noticed, there's now syspatch(8) support, too.

Theo de Raadt (deraadt@) committed the following change:

CVSROOT:        /cvs
Module name:    www
Changes by:     deraadt@cvs.openbsd.org  2017/12/07 12:00:12

Modified files:
	.              : plat.html 

Log message:
graduate arm64 to supported; having syspatch it is even beyond some other systems



s2k17 Hackathon Report: Stefan Sperling (stsp@) on wireless (iwm(4), athn(4) and more) progress

Tue, 05 Dec 2017 04:57:03 GMT

I could not travel to the Toronto t2k17 hackathon earlier this year, in circumstances which left me with a voucher for an already purchased intercontinental flight ticket and hiking clothes I had bought for a trip into the Canadian mountains.

Read more…