so i woke up this morning to like 5 pages of scroll from a thread i was lucky enough to be included on here, with several kernel developers talking about the disclosure and coordination of the copyfail bug.
-
so i woke up this morning to like 5 pages of scroll from a thread i was lucky enough to be included on here, with several kernel developers talking about the disclosure and coordination of the copyfail bug.
ive learned a lot about the mechanics of how the linux kernel devs work with the various linux distros.
the short version is:
when the kernel devs do stuff, it doesnt obligate the distros to. and almost everyone is a volunteer. -
so i woke up this morning to like 5 pages of scroll from a thread i was lucky enough to be included on here, with several kernel developers talking about the disclosure and coordination of the copyfail bug.
ive learned a lot about the mechanics of how the linux kernel devs work with the various linux distros.
the short version is:
when the kernel devs do stuff, it doesnt obligate the distros to. and almost everyone is a volunteer.the same day the bug was made public, i posted a little bit about it, and included a post on how to mitigate it on ubuntu hosts.
it seems like the strongest foot forwards for security leaders, and folks who are hands-on-keyboard to mitigate this sort of stuff is to more or less do what everyone else has so far - do the tiny manual fix for now, then wait for the official one to seep through the layercake of plumbing into the kernel of whatver you run
-
the same day the bug was made public, i posted a little bit about it, and included a post on how to mitigate it on ubuntu hosts.
it seems like the strongest foot forwards for security leaders, and folks who are hands-on-keyboard to mitigate this sort of stuff is to more or less do what everyone else has so far - do the tiny manual fix for now, then wait for the official one to seep through the layercake of plumbing into the kernel of whatver you run
i appreciate this approach because it forces people who make decisions to at least be knowledgeable enough about the shit that they run, the shit that is in their perview, to be functionally useful.
there is this mba-flavored school of thought that managers dont have to be technical, and never need to get into the weeds or 'the technicals' about the systems their teams manage and the day to day of it all.
this bug is a great example of why that school of thought is fucking stupid.
-
i appreciate this approach because it forces people who make decisions to at least be knowledgeable enough about the shit that they run, the shit that is in their perview, to be functionally useful.
there is this mba-flavored school of thought that managers dont have to be technical, and never need to get into the weeds or 'the technicals' about the systems their teams manage and the day to day of it all.
this bug is a great example of why that school of thought is fucking stupid.
@Viss and something to be grateful for is that we have a mitigation within a day of the announcement, great messaging, @mttaggart demo and its fixed, we're done. Great teamwork everybody. As it should be.
Meanwhile very similar series of bugs, same severity imho is still unpatched on Windows a month after the unhinged researcher dropped them. Yeah you're just screwed.
-
so i woke up this morning to like 5 pages of scroll from a thread i was lucky enough to be included on here, with several kernel developers talking about the disclosure and coordination of the copyfail bug.
ive learned a lot about the mechanics of how the linux kernel devs work with the various linux distros.
the short version is:
when the kernel devs do stuff, it doesnt obligate the distros to. and almost everyone is a volunteer.@Viss yeah, I'm turning 42 and I just learned more about how the ecosystem does shit than I ever have in one sweep.
-
@Viss and something to be grateful for is that we have a mitigation within a day of the announcement, great messaging, @mttaggart demo and its fixed, we're done. Great teamwork everybody. As it should be.
Meanwhile very similar series of bugs, same severity imho is still unpatched on Windows a month after the unhinged researcher dropped them. Yeah you're just screwed.
@nf3xn @Viss @mttaggart wasn't there mitigation in the announcement itself? Disable the module. AF_ALG isn't really used in most systems.
-
@nf3xn @Viss @mttaggart wasn't there mitigation in the announcement itself? Disable the module. AF_ALG isn't really used in most systems.
-
R relay@relay.infosec.exchange shared this topic
