Beauty of Zenbleed and its walk-through

Last week (23w30) I stumbled upon such a ‘great’ vulnerability, but also the great explanation (and I’ve read a ‘few’).

Explanation of Zenbleed is here https://lock.cmpxchg8b.com/zenbleed.html.
And I highly recommend it to anyone interested in learning some of the ‘magic’ of modern CPUs on a ever-expanding 40+ year old x86 instruction set.

And a bit of jealous how clean and clear the walk-through is written πŸ™‚

Weekly breakdown – 22w37d3

Security

https://darknetdiaries.com/episode/115/

Listen to the podcast episode and replace mentions of games with i.e. cars.
It should raise a lot of eyebrows.

It is really not hard to image black market for all kinds of:

  • Standard: Enabling features
    Example with BMW’s subscription for more smart headlights, or Tesla’s back seat warmers.
  • Scarier: Disabling features
    Usual theft protection, but also removing any safety limitations, like speed limit, alcohol checks, hands-off-steer check, etc.
    Even now you can buy speed limit disabling feature for even most expensive electric bikes with top-of-line security features that allows you to go from limit of 25 km/h to over 40 km/h where only limit is the battery capacity.

All of this already exists, but at the moment, is not the most scalable business.
To ‘pimp-up’ your current generation cars, you would need to go to a ‘guy’ or a shady shop to make changes.

But the cars are becoming ‘smarter’. Over-the-air updates and all new fancy features allows you to make changes remotely from any part of the world.

And there lies huge black-market opportunity for finding bugs and loopholes, as no software and protection is perfect.
Just check yearly Android bug-list and their severity, even if it is owned developed by all-mighty Google.

If there is a sprawling market for cheats for 50$ games, imagine an opportunity for ‘cheats’ in 50000$+ car.

It is not hard to imagine a 100% online subscription service that will allow you to receive all kinds of un-official ’improvements’ applied automatically to your car.

Thanks goes to Patrik ThunstrΓΆm for sharing this podcast gem and fun discussion πŸ™‚

Programming

https://calebhearth.com/fan-out-vs-fan-in

Another way how to look at code complexity and how to prevent it during design or in refactor.

As with everything, it should not be followed blindly, as the original complexity could end up moving into ever-evolving wrapper classes.
Check Law of Demeter for more information.

Big tech monopoly

https://cfenollosa.com/blog/after-self-hosting-my-email-for-twenty-three-years-i-have-thrown-in-the-towel-the-oligopoly-has-won.html

One more take on how big tech companies have taken over internet from original intent.
If you have ever found legitimate mail ending up in spam folder of your free mail service out of sudden, or not delivered, this is primary reason.

Old but gold: When the product is free, you are the product.

Fun

https://github.com/IdreesInc/Minecraft-Font

For the ones with kids or feel like one πŸ™‚

Fragile Manifesto

Go-to manifest, more often than not πŸ™‚

Weekly breakdown – 22w22d3

Security

https://kenkantzer.com/learnings-from-5-years-of-tech-startup-code-audits/
Highly distilled and valuable knowledge about security and securing software from-first person audit experience.
Anyone who is interested in improving security (and everyone should) should at least glance through.

https://www.zerodayinitiative.com/blog/2022/5/18/pwn2own-vancouver-2022-the-results
Notable results:

Sandbox escape on Tesla Model 3 Infotainment System – Important due to fact that significant amount of car information is consumed, but also produced by the infotainment system, possibly leading to much significant compromise of safety relevant components of a car

Sandbox escape on Microsoft Teams – Important due to enormous presence of Teams in high variety of companies due to free(ish) model included in Office suite.

https://www.feistyduck.com/bulletproof-tls-newsletter/issue_89_certificate_transparency_data_is_used_to_compromise_wordpress_before_installation
How security improvement can have not-so-good side-effects when setting up your standard WordPress (or other web apps) installation.

https://www.lightbluetouchpaper.org/2022/01/19/security-engineering-course/
https://www.lightbluetouchpaper.org/2022/03/18/security-course-at-cambridge/
Free quality lectures going through fundamentals of security and hands-on approach on gaining security experience. And students from few countries can apply for course access in full and free.
Best learning is when you get your hands dirty πŸ™‚

Funny

https://rubenerd.com/git-ignores-gitignore-with-gitignore-in-gitignore/
Sort-of-recursion πŸ™‚

Weekly breakdown – 22w20d2

Security

https://research.nccgroup.com/2022/05/15/technical-advisory-tesla-ble-phone-as-a-key-passive-entry-vulnerable-to-relay-attacks
https://duo.com/decipher/researchers-demo-relay-attack-against-bluetooth-le-systems
More and more successful real-life attacks will happen on Bluetooth protocol features unless additional layer of security is used.

Even though security was thought of when Bluetooth was originally introduced (year 1998.), state of security considerations and possible attacks were not the ‘most important’ items on the list. Further improvements resolved some problems, but fundamental issues with the protocol itself cannot be solved without breaking backward compatibility.

As one of the speakers at EU Tech Chamber session about IoT vulnerabilities last year, I had luck to listen to presentation from Maximilian about broken fundamentals in Bluetooth standard.
Just check KNOB Attack how easy is to manipulate Bluetooth key negotiation to reduce attack space.

Artificial intelligence

https://www.nature.com/articles/d41586-022-00858-1
AI is becoming more and more important tool in all kinds of applications.

For any application that touches safety, security and actual real-life implications, it should be paramount to understand why AI system came to the specific conclusion, something like a train-of-thought.
.
Imagine (near) future situation when (it is not if) autonomously driven car causes an accident, it would be beneficial to have such kind of logs when investigating without complex proprietary technology needed for each car vendor.
Or imagine medical AI assistant decides that some person has some illness, the doctor should have information why it has deduced such conclusion. Sometimes AI assistant would be wrong, but sometimes it can actually remind doctor about different possibilities.

I would not be surprised, and probably it should be pushed for quite heavily, that some kind of legal framework is put on top of safety and security related AI systems in which they are required to produce something like standardized decision-tree for their actions or inactions.

Random

https://www.newscientist.com/article/2319584-computer-powered-by-colony-of-blue-green-algae-has-run-for-six-months/
With current prices of electricity, it is not not so far fetch idea to have your own pond of algae on stand-by, just in case πŸ™‚

Weekly breakdown – 22w19d4

New day, new assortment of links πŸ™‚

Thanks to old colleague Ivica for always good comments.
And for C and C++ lovers and practitioners, in case that you still have not found his blog, please check it out at:

https://johnysswlab.com/

As someone who has written not-so-small number of C++ lines, there are million ways to write bad C++ code, but only a few correct ones.

Security

https://media.ccc.de/v/rc3-2021-r3s-216-practical-bruteforce-of-military-grade-aes-1024
When there is a will, there is a way.

IT

https://www.netmeister.org/blog/futurama.html
What Futurama character is your preferred language?

Law

https://writing.kemitchell.com/2022/04/30/Zelensky-Compound-NDA
‘Fun’ take on NDAs, even when its purpose is purposeless in real-life situation.

Games

https://thegamednd.com/the-game-out-of-game/
To the lovers of D&D games, a comment from my friend, summarized by one word: “WOW”

Random

https://bjoernkarmann.dk/occlusion-grotesque
Fun take on creating evolving typeface carved in the tree trunk and how it evolves through years.

Weekly breakdown – 22w17

New week, new useful, interesting, or plain fun links found, at least for me πŸ™‚

And also a way to offload and preserve good information stored in way-too-many Firefox tabs πŸ™‚

IT

https://12factor.net/
Good and clean methodology breakdown how to approach software development for Web/SaaS apps, but most of the ‘rules’ are also applicable for all kinds of software areas, even all the way down to embedded (i.e. IoT devices).

https://www.potaroo.net/ispcol/2022-04/leogeo.html
On surface, TCP is ‘simple’ protocol. But depending on underlying network behavior, different configuration options and TCP congestion control protocols used can have enormous impact on your networks performance and throughput.
Link above tests different TCP CCP protocols with Starlink internet service with surprising results.
Check ‘Conclusions‘ chapter for breakdown.
Note: It could be fun experiment to test different CCP protocols in noisy 2.4 and 5 GHz environments and WiFi versions. And people are already thinking about it in 5G and beyond mobile networks.

ttps://securityzines.com/
Funny, yet highly informative graphic breakdown of different (mostly web oriented, but again, web is everywhere) security ‘bugs’ and help information.

https://spectrum.ieee.org/single-chip-processors-have-reached-their-limits
Where the future is already moving for the ASICs, since gigahertz fight has plateaued long time ago.

https://iansommerville.com/technology/research-impact/
Short, informative info about (sad) state of research impact in software engineering.
(Topic for another day, but my take on software engineering is that it is less engineering and more old-school apprenticeship)

https://greenash.net.au/thoughts/2022/03/i-dont-need-a-vps-anymore/
Short but useful information what to think about when wanting to setup your own web presence and server in current day and age from decades of experience.

https://www.system.com/graph
New approach to search and graph connection between terms and topics.

Sciences

https://www.jpl.nasa.gov/news/nasas-mars-helicopter-spots-gear-that-helped-perseverance-rover-land
Breaking: Helicopter spots extra-terrestrial ‘trash’ on Mars πŸ™‚

https://interconnected.org/home/2022/04/05/dunbar
Informative breakdown of human social network sizes and its impact.
Companies (especially larger ones) could use extracts from available information to optimize different workflows: from meeting sizes and its effectiveness (magic number 5?), to sizes of complete ARTs (magic number 150?).

https://qchu.wordpress.com/2016/05/26/whats-a-fire-and-why-does-it-whats-the-word-burn/
If you ever wondered what fire is, in way more details that you need and even understand πŸ™‚

Finance

https://www.ineteconomics.org/perspectives/blog/how-intel-financialized-and-lost-leadership-in-semiconductor-fabrication
One example of what happens when financial people take total control from engineers and push for shareholder and short term gains only through outsourcing, stock buybacks, lack of motivation for innovation, etc.
Same thing happened to Boeing and Sony.

https://devonzuegel.com/post/inflation-propagates-unevenly
One way of looking into inflation and its uneven impact.