Rocksolid Light

Welcome to novaBBS (click a section below)

mail  files  register  newsreader  groups  login

Message-ID:  

The universe seems neither benign nor hostile, merely indifferent. -- Sagan


computers / rocksolid.shared.linux / FreeBSD almost blew their reputation

SubjectAuthor
* FreeBSD almost blew their reputationAnonymous
+- FreeBSD almost blew their reputationAnonymous
`* FreeBSD almost blew their reputationAnonymous
 `- FreeBSD almost blew their reputationAnonymous

1
FreeBSD almost blew their reputation

<ee12195dc8ea2e3c1e986c30c52febc8$1@dkzerogt6z6ybhcj.onion>

 copy mid   Newsgroups: rocksolid.shared.linux
Path: i2pn2.org!.POSTED!not-for-mail
From: Anonym...@rslight.i2p (Anonymous)
Newsgroups: rocksolid.shared.linux
Subject: FreeBSD almost blew their reputation
Date: Sun, 28 Mar 2021 12:43:57 +0000
Organization: Rocksolid Light
Message-ID: <ee12195dc8ea2e3c1e986c30c52febc8$1@dkzerogt6z6ybhcj.onion>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
Injection-Info: i2pn2.org; posting-account="retrobbs1";
logging-data="27631"; mail-complaints-to="usenet@i2pn2.org"
User-Agent: Rocksolid Light (news.novabbs.com/getrslight)
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on novabbs.org
X-Spam-Level: **
X-Rslight-Site: $2y$10$Av9o/.y4bEAb9LQsjXRJ4u5Y0noB2EDFP5khVC1.91Aw336ot.oVO
 by: Anonymous - Sun, 28 Mar 2021 12:43 UTC

Holy moly, this is quite strong, especially considering the strict way FreeBSD usually acts.

The nicest example from the article is a validation function, targeted to be in the kernel and checking if the firewall should route a packet or not:

wg_allowedip_valid(const struct wg_allowedip *wip)
{

return (true);
}

Oh yeah ! This is what you want to see in your firewall: just let everything through !
And best yet: a company called "netgate" actually shipped that shit code. Read the full story here:

https://arstechnica.com/gadgets/2021/03/buffer-overruns-license-violations-and-bad-code-freebsd-13s-close-call/
--
Posted on Rocksolid Light

Re: FreeBSD almost blew their reputation

<4eb94825731b8baba89acb2570df1288$1@www.rocksolidbbs.com>

 copy mid   Newsgroups: rocksolid.shared.linux
Path: i2pn2.org!.POSTED!not-for-mail
From: Anonym...@retrobbs.i2p (Anonymous)
Newsgroups: rocksolid.shared.linux
Subject: Re: FreeBSD almost blew their reputation
Date: Tue, 30 Mar 2021 10:24:51 +0000
Organization: RetroBBS
Message-ID: <4eb94825731b8baba89acb2570df1288$1@www.rocksolidbbs.com>
References: <ee12195dc8ea2e3c1e986c30c52febc8$1@dkzerogt6z6ybhcj.onion>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
Injection-Info: i2pn2.org; posting-account="retrobbs1";
logging-data="22155"; mail-complaints-to="usenet@i2pn2.org"
User-Agent: Rocksolid Light (news.novabbs.com/getrslight)
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on rocksolidbbs.com
X-Rslight-Site: $2y$10$8COADdDWHg09z3py4sNRTu9yDRPym0BTKZRYViLst9X07u0/5OIae
 by: Anonymous - Tue, 30 Mar 2021 10:24 UTC

Anonymous wrote:

> Holy moly, this is quite strong, especially considering the strict way FreeBSD usually acts.

> The nicest example from the article is a validation function, targeted to be in the kernel and checking if the firewall should route a packet or not:

> wg_allowedip_valid(const struct wg_allowedip *wip)
> {

> return (true);
> }

> Oh yeah ! This is what you want to see in your firewall: just let everything through !
> And best yet: a company called "netgate" actually shipped that shit code. Read the full story here:

> https://arstechnica.com/gadgets/2021/03/buffer-overruns-license-violations-and-bad-code-freebsd-13s-close-call/

I'm surprised pfsense installed the code without any review. That's a bad sign for them also.
--
Posted on RetroBBS

Re: FreeBSD almost blew their reputation

<l.737.1vl2v9@anon.com>

 copy mid   Newsgroups: rocksolid.shared.linux
Path: i2pn2.org!rocksolid2!.POSTED.127.213.60.80!not-for-mail
From: pos...@anon.com (Anonymous)
Newsgroups: rocksolid.shared.linux
Subject: Re: FreeBSD almost blew their reputation
Date: Tue, 30 Mar 2021 10:47:45 -0700
Organization: rocksolid2 (novabbs.org)
Message-ID: <l.737.1vl2v9@anon.com>
References: <ee12195dc8ea2e3c1e986c30c52febc8$1@dkzerogt6z6ybhcj.onion>
Content-Type: text/plain; charset=UTF-8
Injection-Info: novabbs.org; posting-account="def2"; posting-host="127.213.60.80";
logging-data="17278"; mail-complaints-to="usenet@novabbs.org"
 by: Anonymous - Tue, 30 Mar 2021 17:47 UTC

>>94946b95e370f07e2c
>I'm surprised pfsense installed the code without any review. That's a bad sign for them also.

Oh fuck, I did not realize that pfsense was behind netgate. Bad sign indeed....
Good thing that I roll my own stuff with iptables. :-)

--
Posted on def2

Re: FreeBSD almost blew their reputation

<0807fec3a0186e02f4a2c87ce6e7eb69$1@www.rocksolidbbs.com>

 copy mid   Newsgroups: rocksolid.shared.linux
Path: i2pn2.org!.POSTED!not-for-mail
From: Anonym...@retrobbs.i2p (Anonymous)
Newsgroups: rocksolid.shared.linux
Subject: Re: FreeBSD almost blew their reputation
Date: Wed, 31 Mar 2021 03:57:51 +0000
Organization: RetroBBS
Message-ID: <0807fec3a0186e02f4a2c87ce6e7eb69$1@www.rocksolidbbs.com>
References: <ee12195dc8ea2e3c1e986c30c52febc8$1@dkzerogt6z6ybhcj.onion> <l.737.1vl2v9@anon.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
Injection-Info: i2pn2.org; posting-account="retrobbs1";
logging-data="13988"; mail-complaints-to="usenet@i2pn2.org"
User-Agent: Rocksolid Light (news.novabbs.com/getrslight)
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on rocksolidbbs.com
X-Rslight-Site: $2y$10$yC72GDCtHTWNIQWW11IVxOKrkygo0mpYotieFDfU3iVdR1ICu7CEq
 by: Anonymous - Wed, 31 Mar 2021 03:57 UTC

Anonymous wrote:

>>>94946b95e370f07e2c
>>I'm surprised pfsense installed the code without any review. That's a bad sign for them also.

> Oh fuck, I did not realize that pfsense was behind netgate. Bad sign indeed....
> Good thing that I roll my own stuff with iptables. :-)

pfsense says

Open Source Security
Secure networks start here.™ With thousands of enterprises using pfSense® software, it is rapidly becoming the world's most trusted open source network security solution.

yet they hire a programmer who doesn't even really want to do the work.

"I didn't even want to do this work," Macy eventually told us. "I was burned out, spent many months with post-COVID syndrome... I'd suffered through years of verbal abuse from non-doers and semi-non-doers in the project whose one big one up on me is that they aren't felons. I jumped at the opportunity to leave the project in December... I just felt a moral obligation to get [the WireGuard port] over the finish line. So you'll have to forgive me if my final efforts were a bit half-hearted."
--
Posted on RetroBBS

1
server_pubkey.txt

rocksolid light 0.9.7
clearnet tor