Subscribe: OpenBSD Journal
http://undeadly.org/cgi?action=rss
Added By: Feedage Forager Feedage Grade B rated
Language: English
Tags:
code  eurobsdcon  guenther  hellip  henning brauer  henning  intel  meltdown  openbsd developers  openbsd  philip  read hellip  read  talk  time 
Rate this Feed
Rate this feedRate this feedRate this feedRate this feedRate this feed
Rate this feed 1 starRate this feed 2 starRate this feed 3 starRate this feed 4 starRate this feed 5 star

Comments (0)

Feed Details and Statistics Feed Statistics
Preview: OpenBSD Journal

OpenBSD Journal



The OpenBSD Community.



 



Meltdown fix committed by guenther@

Wed, 21 Feb 2018 20:18:56 GMT

Meltdown mitigation is coming to OpenBSD. Philip Guenther (guenther@) has just committed a diff that implements a new mitigation technique to OpenBSD: Separation of page tables for kernel and userland. This fixes the Meltdown problems that affect most CPUs from Intel. Both Philip and Mike Larkin (mlarkin@) spent a lot of time implementing this solution, talking to various people from other projects on best approaches.

In the commit message, Philip briefly describes the implementation:

Read more…




a2k18 Hackathon preview: Syncookies coming to PF

Wed, 07 Feb 2018 09:00:00 GMT

As you may have heard, the a2k18 hackathon is in progress. As can be seen from the commit messages, several items of goodness are being worked on.

One eagerly anticipated item is the arrival of TCP syncookies (read: another important tool in your anti-DDoS toolset) in PF. Henning Brauer (henning@) added the code in a series of commits on February 6th, 2018, with this one containing the explanation:

Read more…




Remi Locherer's EuroBSDcon 2017 Talk

Sat, 03 Feb 2018 22:22:01 GMT

Remi Locherer wrote in:

Last September I gave a talk at EuroBSDcon in Paris. It was about the VPN setup for connecting the branch offices of my employer.
https://2017.eurobsdcon.org/talk-speakers/#RemiLocherer

It was not my first EuroBSDcon but the first time I delivered a talk! I feared that only few people will show up at to my talk since Michael W. Lucas had his talk at the same time and also covered an OpenBSD topic. But the room was full and my talk was well received.

After the talk I received a nice gift from the EuroBSDcon organizers: a cartoonist made drawings from the presenters during the talks!

Read more…




The OpenBSD Foundation 2018 Fundraising Campaign

Mon, 29 Jan 2018 19:06:41 GMT

Details of the 2018 campaign have been added to the Foundation's website. The goal for the year is for $300,000. The total for "smaller" donations has already taken the OpenBSD community to bronze level sponsorship!

Please show your support by contributing.




CPU microcode update code for amd64

Mon, 15 Jan 2018 07:34:06 GMT

Patrick Wildt (patrick@) recently committed some code that will update the Intel microcode on many Intel CPUs, a diff initially written by Stefan Fritsch (sf@). The microcode of your CPU is basically the firmware that runs on your (Intel) processor, defining its instruction set in terms of so called "microinstructions". The new code depends, of course, on the corresponding firmware package, ported by Patrick which can be installed using a very recent fw_update(1). Of course, this all plays into the recently revealed problems in Intel (and other) CPUs, Meltdown and Spectre.

Read more…




Handling of CPU bugs disclosure 'incredibly bad': OpenBSD's de Raadt

Wed, 10 Jan 2018 09:02:24 GMT

ITWire has published an article regarding Theo de Raadt's (deraadt@) reaction to the Meltdown/Spectre disclosures.

One choice quote reads:

Intel engineers attended the same conferences as other company engineers, and read the same papers about performance enhancing strategies – so it is hard to believe they ignored the risky aspects.




OpenBSD-current now has 'smtpctl spf walk'

Tue, 09 Jan 2018 08:29:16 GMT

If you run a mail service, you probably like to have greylisting in place, via spamd(8) or similar means. However, there are some sites that simply do not play well with greylisting, and for those it's useful to extract SPF information to identify their valid outgoing SMTP hosts.

Now OpenBSD offers a straightforward mechanism to do that and fill your nospamd table, right from the smtpctl utility via the subcommand spf walk. Gilles Chehade (gilles@) describes how in a recent blog post titled spfwalk.

This feature is still in need of testing, so please grab a snapshot and test!




Response to the "Meltdown" Vulnerability

Sat, 06 Jan 2018 08:22:38 GMT

A message to tech@ from Philip Guenther (guenther@) provides the first public information from developers regarding the OpenBSD response to the recently announced CPU vulnerabilities:

So, yes, we the OpenBSD developers are not totally asleep and a handful of
us are working out how to deal with Intel's fuck-up aka the Meltdown
attack.  While we have the advantage of less complexity in this area (e.g.,
no 32bit-on-64bit compat), there's still a pile of details to work through
about what has to be *always* in the page tables vs what can/should/must be
hidden.

Read it and weep…




BSDCAN2017 Interview with Peter Hessler, Reyk Floeter, and Henning Brauer

Fri, 29 Dec 2017 08:09:44 GMT

In a message to misc@, Tom Smyth wrote (in part):

While  attending BSDCAN2017 in Ottawa I met many OpenBSD Developers,
and I was fortunate to grab a few moments and video an interview
with Peter Hessler, Henning Brauer and Reyk Floeter and talk to
them about OpenBSD generally,
I really appreciate the guys generosity in their time on the
interview
I have posted the video here
https://www.youtube.com/watch?v=e-Xim3_rJns&feature=youtu.be

Nice work, Tom!