Viable ROP-free roadmap for i386/armv8/riscv64/alpha/sparc64
Theo de Raadt (deraadt@
) posted to
tech@
a detailed
message
explaining the past and (potential) future of
anti-ROP
measures in OpenBSD.
It’s well worth reading its entirety.
Highlights include:
Years later, Todd Mortimer and I developed RETGUARD. At the start of that initiative he proposed we protect all functions, to try to guard all the RET instructions, and therefore achieve a state we call "ROP-free". I felt this was impossible, but after a couple hurdles the RETGUARD performance was vastly better than the stack protector and we were able to protect all functions and get to ROP-free (on fixed-sized instruction architecures). Performance was acceptable to trade against improved security. […] We were able to enable RETGUARD on all functions because it was fast. […] On the other hand the RETGUARD approach uses an illegal instruction (of some sort), which is a speculation barrier. That prevents the cpu from heading off into an alternative set of weeds. It will go decode more instructions along the post-RET execution path. I filed that idea as interesting but did nothing with it. Until now.
Like we said earlier, it is worth reading the whole thing! This points forward to some remarkable improvements on several architectures, and those changes could be a clear benefit for other systems too.
parallel @ Savannah: GNU Parallel 20230922 (‘Derna’) released [stable]
GNU Parallel 20230922 (‘Derna’) has been released. It is available for download at: lbry://@GnuParallel:4
Quote of the month:
Parallel is so damn good! You’ve got to use it.
— @ThePrimeTimeagen@youtube.com
New in this release:
- No new features. This is a candidate for a stable release.
- Bug fixes and man page updates.
News about GNU Parallel:
- This CLI Tool is AMAZING | Prime Reacts https://www.youtube.com/watch?v=ry49BZA-tgg
- New Data Engineering Stack – GNU parallel https://www.linkedin.com/feed/update/urn:li:activity:7100509073149743104?updateEntityUrn=urn%3Ali%3Afs_feedUpdate%3A%28V2%2Curn%3Ali%3Aactivity%3A7100509073149743104%29
GNU Parallel – For people who live life in the parallel lane.
If you like GNU Parallel record a video testimonial: Say who you are, what you use GNU Parallel for, how it helps you, and what you like most about it. Include a command that uses GNU Parallel if you feel like it.
About GNU Parallel
GNU Parallel is a shell tool for executing jobs in parallel using one or more computers. A job can be a single command or a small script that has to be run for each of the lines in the input. The typical input is a list of files, a list of hosts, a list of users, a list of URLs, or a list of tables. A job can also be a command that reads from a pipe. GNU Parallel can then split the input and pipe it into commands in parallel.
If you use xargs and tee today you will find GNU Parallel very easy to use as GNU Parallel is written to have the same options as xargs. If you write loops in shell, you will find GNU Parallel may be able to replace most of the loops and make them run faster by running several jobs in parallel. GNU Parallel can even replace nested loops.
GNU Parallel makes sure output from the commands is the same output as you would get had you run the commands sequentially. This makes it possible to use output from GNU Parallel as input for other programs.
For example you can run this to convert all jpeg files into png and gif files and have a progress bar:
parallel –bar convert {1} {1.}.{2} ::: *.jpg ::: png gif
Or you can generate big, medium, and small thumbnails of all jpeg files in sub dirs:
find . -name ‘*.jpg’ |
parallel convert -geometry {2} {1} {1//}/thumb{2}_{1/} :::: – ::: 50 100 200
You can find more about GNU Parallel at: http://www.gnu.org/s/parallel/
You can install GNU Parallel in just 10 seconds with:
$ (wget -O – pi.dk/3 || lynx -source pi.dk/3 || curl pi.dk/3/ ||
fetch -o – http://pi.dk/3 ) > install.sh
$ sha1sum install.sh | grep 883c667e01eed62f975ad28b6d50e22a
12345678 883c667e 01eed62f 975ad28b 6d50e22a
$ md5sum install.sh | grep cc21b4c943fd03e93ae1ae49e28573c0
cc21b4c9 43fd03e9 3ae1ae49 e28573c0
$ sha512sum install.sh | grep ec113b49a54e705f86d51e784ebced224fdff3f52
79945d9d 250b42a4 2067bb00 99da012e c113b49a 54e705f8 6d51e784 ebced224
fdff3f52 ca588d64 e75f6033 61bd543f d631f592 2f87ceb2 ab034149 6df84a35
$ bash install.sh
Watch the intro video on http://www.youtube.com/playlist?list=PL284C9FF2488BC6D1
Walk through the tutorial (man parallel_tutorial). Your command line will love you for it.
When using programs that use GNU Parallel to process data for publication please cite:
O. Tange (2018): GNU Parallel 2018, March 2018, https://doi.org/10.5281/zenodo.1146014.
If you like GNU Parallel:
- Give a demo at your local user group/team/colleagues
- Post the intro videos on Reddit/Diaspora*/forums/blogs/ Identi.ca/Google+/Twitter/Facebook/Linkedin/mailing lists
- Get the merchandise https://gnuparallel.threadless.com/designs/gnu-parallel
- Request or write a review for your favourite blog or magazine
- Request or build a package for your favourite distribution (if it is not already there)
- Invite me for your next conference
If you use programs that use GNU Parallel for research:
- Please cite GNU Parallel in you publications (use –citation)
If GNU Parallel saves you money:
- (Have your company) donate to FSF https://my.fsf.org/donate/
About GNU SQL
GNU sql aims to give a simple, unified interface for accessing databases through all the different databases’ command line clients. So far the focus has been on giving a common way to specify login information (protocol, username, password, hostname, and port number), size (database and table size), and running queries.
The database is addressed using a DBURL. If commands are left out you will get that database’s interactive shell.
When using GNU SQL for a publication please cite:
O. Tange (2011): GNU SQL – A Command Line Tool for Accessing Different Databases Using DBURLs, ;login: The USENIX Magazine, April 2011:29-32.
About GNU Niceload
GNU niceload slows down a program when the computer load average (or other system activity) is above a certain limit. When the limit is reached the program will be suspended for some time. If the limit is a soft limit the program will be allowed to run for short amounts of time before being suspended again. If the limit is a hard limit the program will only be allowed to run when the system is below the limit.
OpenBSD: viable ROP-free roadmap for i386/armv8/riscv64/alpha/sparc64
Wonderful Tonight – Eric Clapton ( Harmonica Shorts) @ericclapton #dailymotion #youtube https…
Video by via Dailymotion Source https://www.youtube.com/watch?v=kI_mEjWGfIgWonderful Tonight – Eric Clapton ( Harmonica Cover) @ericclapton #dailymotion #harpmanofperth #ericclapton Eric Clapton – Wonderful Tonight ( lyrics)Wonderful Tonight – Eric Clapton ( Harmonica Cover)Instrumental song – Wonderful Tonight ( Eric Clapton) @HarpManOfPerth #harpmanofperth Eric Clapton – Wonderful Tonight ( Cover by Harp Man Of Perth)Wonderful Tonight on HarmonicaGreatest…
غرائب “دانيال”.. صحراء ليبية تتحول لبحيرة
Video by via Dailymotion Source غرائب “دانيال”.. صحراء ليبية تتحول لبحيرة العين الإخبارية.. بوابة إخبارية عربية شاملة، تغطي أخبار العالم العربي والدولي .. تضعك دائما في قلب الحدث، لتصبح عينك على العالم برؤية مختلفة، ومحتوى متميز———————————————–زوروا مواقعنا الخاصة #العين_الإخباريةWebsite: https://al-ain.comTwitter: https://twitter.com/AlAinNewsYouTube: https://www.youtube.com/c/AlAinNewsDailymotion: https://www.dailymotion.com/AlAinNewsFacebook: https://www.facebook.com/AlAinNewsThreads: https://www.threads.net/@alainnewsInstagram: https://www.instagram.com/AlAinNewsTiktok: https://www.tiktok.com/@alainnewsLive Stream: https://www.youtube.com/c/AlAinNews/livePeriscope: https://www.pscp.tv/alain_4uTelegram: https://telegram.me/alain4uApple Store: https://apple.co/3HT5QfrGoogle Play: https://bit.ly/3sWNpSQ…
Which Army Is Best For 3 Attack in Clan Capital | Clash of Clans | @AvengerGaming52
Video by via Dailymotion Source ➤Subscribe (It’s FREE): https://www.youtube.com/channel/UCxH20f7ZCrWp_hv_7Tufd_Q If You Like This Video Don’t Forget To Hit The Like Button, Drop Your Valuable Comment, and Share This Video on Your Favorite Platforms (Facebook, Twitter, Instagram, and others) ➤Watch Gaming Video: #avengergaming52 #clancapitalattackstrategy #clashofclansclancapital #clancapital #bestarmyforclancapitalincoc ➤Suppoet Me:- https://www.buymeacoffee.com/avengergaming71 Contact Us:➤Blogs:- https://friendsbdthehitechdoctore.blogspot.com➤Instagram:- https://www.instagram.com/arif_yt_official➤Facebook:- https://www.facebook.com/avengergaming71➤Twitter:- https://twitter.com/@Avengergaming71➤Twitch:-…
Retired Special Police Officers Athmiya Sammelanam At Banjara Hills _ Hyderabad _ V6 News
Video by via Dailymotion Source రిటైర్డ్ పోలీసుల ఆత్మీయ సమ్మేళనం | V6 News Watch Teenmaar Full Episode : https://youtu.be/BFEdYAeAy2Y?si=Xzocg… గ్రూప్ -1 పరీక్ష మళ్లీ రద్దు https://youtu.be/uB-g2zIfz6w?si=HqIxR… జంపింగులు బుజ్జగింపులు https://youtu.be/ToU9NjcQ32Q?si=O6wFW… ఈ దోస్తు కూడా జంప్ https://youtu.be/PvHu5BYQ93E?si=16g3V… మందు తాగొద్దని ప్రమాణం https://youtu.be/4uqF6Mo-t44?si=kPDzm… పోస్టర్ల ఫైటింగ్ https://youtu.be/quAGdsvpSxA?si=mteOM… బర్లకు పిండని పాలుhttps://youtu.be/6lFQ5eKtkRw?si=iKZk9… ప్రైవేట్లకు ఎందుకొచ్చిన్రు సర్కార్ల డాక్టర్లున్నరా? https://youtu.be/DWz7IIR0CPo?si=7W4Qh… స్టేడియంలో శివతత్త్వంhttps://youtu.be/Frk6qffeVTI?si=tN_D8… Watch LIVE Stream : https://www.youtube.com/watch?v=_xtce…► Subscribe…