Thinking of dumping some FreeBSD/OpenBSD zero-day exploits

>>60770222
What kind of exploits.

>>60770255

Just local root exploits.

File: 1458494181936.jpg (16KB, 480x236px) Image search: [Google]

16KB, 480x236px

>>60770222
pls deliver OP

>>60770271
So no remote exploits?

>>60770420
No local ones either, OP's pulling this out of his ass.

>>60770420

Not the ones I'm thinking of dumping, no.

>>60770477

Spot the BSD developer fishing for info.

>>60770859
I'm not a BSD dev, I just don't believe OP.

>>60770864

What would make you believe the OP? INB4 "telling me what the vulnerabilities are."

>>60770912
So I'm just supposed to take some random guy's word on it? Nah.

>>60770222
IMO best option is to notify vendors and wait for response before contacting any news outlets

>>60770222
What happened with the atom tablets?

>>60770420
Openbsd has no remote exploits, or so I have been told.

>>60771008
no one ever said this

they even claim that they had at least two at some point

>>60770271
Will these work for Mac?

>>60770946

Well, not that this is the foundation of an exploit, but speaking of random, maybe it's about time that FreeBSD developers fix /etc/rc.d/random to restore the secure permissions on /entropy

save_dev_random()
{
+ oumask=`umask`
+ umask 077
for f ; do
if :>>"$f" ; then
debug "saving entropy to $f"
dd if=/dev/random of="$f" bs=4096 count=1 2>/dev/null
fi
done
+ umask ${oumask}
}


Keep doubting. The spergout is going to be hilarious.

>>60770222
Dump everything now and the developers can fix it.

File: bsdworry.jpg (600KB, 1000x981px) Image search: [Google]

600KB, 1000x981px

>>60770477
>>60770948
>>60771208

>>60771357
I don't use BSD but I think BSD being secure would be good.

File: 1492814772068.jpg (11KB, 319x216px) Image search: [Google]

11KB, 319x216px

trueos doesn't have this problem

File: unimpressed.jpg (104KB, 851x478px) Image search: [Google]

104KB, 851x478px

>>60771388

>>60771485
Even some debian developers use mac osx. If you don't mind proprietary software mac osx is actually good.

>>60771485
looks like GNU propaganda, move along and ignore it.

>>60771994
looks like BSD bullshit, again

stop pretending like nothing is wrong with BSD motherfucker

>>60772066
I'm not pretending like nothing is wrong with BSD, I'm saying that everything is wrong with this picture. It's obvious GNU propaganda.

I know a bunch of people who run a BSD daily, even NetBSD ffs, and with "modern software" like firefox or chromium which aren't much but are still tanks.

Just read what's in the picture a bit. It's starting with some license war, saying that the BSD licensed alternative to GPL software sucks, which it most definitely doesn't (look at llvm, look at openssh, look at libressl, look at libedit)
Then it says that BSD projects can't run modern applications that weren't made in the 90's, which is flat out wrong, FreeBSD has plasma 5, while NetBSD and OpenBSD have qt5 working, they all have modern compilers, chromium, firefox, etc.
Then they attack the developers themselves saying that they don't use their OS, which they most definitely do.
Then they talk about how BSD is a monolithic kernel, when NetBSD can be officially used as a microkernel while linux still is a monolithic mess.
Then they tell lies about how you have to reboot your computer if a driver crashes on BSD but not on linux, this simply depends on which driver, whether it's a module, etc.

Yes, things are wrong with BSD, they lack some support because they lack manpower and keeping the GPL out while keeping modern support is a huge task because of Linux, but everything is wrong with the article in the image and nothing in there should be taken seriously.

can you play tekken 7 in wine on bsd*?

>>60772147
bullshit, you rush to accuse everything is propaganda and defend BSD at all cost

>>60770222
Taunt them on their mailing lists.

>>60772318

Eh, I don't have any animus toward BSD or its developers. It's just that FreeBSD and OpenBSD local exploits are the only things I have that (a) have extremely low market value; (b) might still be newsworthy enough for my main goal of drawing attention to something totally unrelated to BSD.

>>60771008
>has no remote exploits
They has. Also failed to find openssl exploit and gone full autism with libressl.

File: bsd-copyright.png (220KB, 800x832px) Image search: [Google]

220KB, 800x832px

do it.

if you found stuff others have or will and youre better off forcing people to patch it quickly instead of it being drawn out and exploited for a decade from alphabet agencies or sold on the black market and kept secret to exploit

maybe this will force openbsd to actually adopt jails

>>60771015
>they even claim that they had at least two at some point
the one would have been prevented, but theo decided to hold off on a couple things for -RELEASE. if he hadn't hesitated the exploit would have been ineffective.

>>60772638
>openssl
was never an openbsd project

File: swedish-bsd-creator.png (122KB, 745x283px) Image search: [Google]

122KB, 745x283px

>>60772712

>>60772638
>gone full autism with libressl

what?

>>60770912
>I have these secrets
>>no you don't
>How can I make your beleive me, and don't say reveal the secrets
>>>>>>>>

>>60771485
FreeBSD devs use OSX*

OpenBSD devs all use OpenBSD on their laptops.

>>60770222
>local
You'd be lucky if Goodwill let you drop this trash off

>>60770948

Last time I notified FreeBSD about vulnerabilities, they were very receptive and professional, but it was many months before fixes were available. That's no good for my immediate goal of drawing attention to some information.

>>60773780
What do you think about Phoronix? I feel like the readers of that would make a big stink about it. Obviously HN too.

Why don't you just bug report...

>>60773733
ehh
this is true