*nix is kill

>>60978273
>*nix is kill
Don't you mean EVERY SINGLE FUCKING OS is kill?

>time to use AIX, gayz :DDD

At least OpenBSD hipster won't be schadenfreuding as they usually do.

>fixed already
ok

>compiled my system with -fstack-protector-all
a-am i safe /g/uys?

>local only
>patches for all distributions are available June 19, 2017

wow its fucking nothing

Why do you guys have to be so faggy about this type of shit? You could have started your thread with the article and a couple of questions, but instead it's always "X BTFO FINISHED AND BANKRUPT". Is it because nobody responds if you aren't as sensationalist as possible?

>>60978415
Because this is not reddit or hn?

>>60978437
I know. That doesn't mean it isn't retarded. I'm just a little tired of "le bantz"

>>60978273
>no Windows
whut

>>60978386
This. This is on the level of popping an Oophcrack CD in a Windows box and getting the passwords. In fact, it's even gayer than that because the exploit is so ridiculously convoluted, nobody would ever seriously attempt it.

>>60978763
They have working exploits tho.

>>60978312
AIX is UNIX, retard.
It's also probably the worst UNIX you can find.

>>60978273
> Apple and Microsoft
> W-we don't h-have that sploit

all *nix will fix the exploit while micro$haft and crApple will leave it in their OSes since no one can audit it

>>60978995
I'm pretty sure Windows is not unix-like OS
Their servers, on the other hand...

Unix is finished and bankrupt
unixfags on suicide watch

I'm confused, where the f. are stack canaries?

Title is clickbait garbage. OpenBSD was not really affected.

First they say "all OSes affected, 32/64bit"

Then the OpenBSD section says i386 only.

Then the OpenBSD section says they modified a non-default kernel option to make their PoC work (which, by the way, also needed to create fourty million cronjob files over the course of a week to work).

Linux was hit the hardest by this.

>>60978273
>on i386 and amd64
So it's not a matter of the OS, it's the shitty architecture.

>>60980014
>cuck license

>>60981186
xD

>>60978273
>monolithic archs

>>60978695
>>60978995
Windows is immune because 1) it doesn't grow the stack on demand (size is always fixed, location isn't), and 2) threads are not separate lightweight processes, therefore their stacks are placed at random locations in the addressing space of what would be the "main" process in a unix-like.

The process model is fundamentally different, even if it all boils down to "tasks" for the CPUs to run.

File: c7xhOav.jpg (100KB, 533x400px) Image search: [Google]

100KB, 533x400px

>>60978273
>developed in the course of our research are all Local Privilege Escalations
wow nothing to see here

>>60981186
lol are you >>60978318

Linux is finished, but for different reasons.

Global variables.

just ran eix-sync and both sys-kernel/hardened-sources and sys-kernel/gentoo-sources are not showing any upgrades.
>This system is not affected by any of the listed GLSAs

>>60980014
gfy

>>60980014
>Linux was hit the hardest by this.
No because it's already been patched.

>>60978830
Local only

>>60979369
If you smash the stack, the bird stops singing.

>>60978273
>is kill
>everything's already been patched
ok

>>60978273
macOS Sierra doesn't have this problem :)

File: _.png (115KB, 1199x608px) Image search: [Google]

115KB, 1199x608px

>>60980014
if only anybody used OpenBSD

>>60984798
>this damage control

>>60984798
I do

>>60984798
>email from 3 years ago

>>60984841
ya they even payed off 2016 really turned it around!

>>60980014
Look at this openbsd shill who is spouting completely inaccurate information because be has to defend his precious little OS.

>>60978353
No

>>60984496
>No because it's already been patched.
The same can be said about every platform affected, still, Linux it's where the exploit it's most straightforward

>>60981186
Just don't contribute code

>>60981467

>does not understand the concept of chaining exploits

pls leave

File: Not so stupid anymore, am I?.jpg (158KB, 1024x1024px) Image search: [Google]

158KB, 1024x1024px

>>60978273
>on i386 or amd64
*blocks your path*

'member that kernel bug for linux that got called dirty cow?

>>60980014
>non-default kernel
lel
Once again OpenBSD > *BSD > shitnux

File: C__Data_Users_DefApps_AppData_INTERNETEXPLORER_Temp_Saved Images_1463071425780.png (78KB, 249x250px) Image search: [Google]

78KB, 249x250px

>>60978329
>>60984496
>>60984762
>Windows is affected by an exploit fixed 3 months earlier
>LEL WINSHIT IS FINISHED xDDDD
>Unix and Unix-like systems are affected by an exploit fixed a couple of hours
>hurr durr no problemo it's already fixed

>>60978995
All supported Apple devices are either ARM or x86_64 and therefore not affected according to OP.

>>60986462
>x86_64
>mfw this retarded macfaggot thinks that his Intel processor isn't amd64

>>60978273
>are all Local Privilege Escalations: an attacker who has any kind of access to an affected system can exploit the Stack Clash vulnerability and obtain full root privileges.
Whoop dee doo.

Linux + ARM wins again

btfo x86_64 fags

>>60986462
>he doesnt know _64 = AMD64 the x86 extention

poor poor child

>>60986880
>ARM wins
Everything non-x86 won

File: FB_IMG_1497946067062.jpg (237KB, 1346x2048px) Image search: [Google]

237KB, 1346x2048px

>yfw this is really x86's fault

Guys, remind me again why we're still using the deprecated x86 architecture.

>>60986935
>implying x64 isn't x86
or are you a MIPS-faggot?

There's nothing special about x86(-64) tho, it's just the authors tested their ideas on it. It's the same reason there are no exploits for macOS - they just didn't care enough to spend time breaking it.

>>60978386
>>60978763
This.

Nobody would attempt this at any level unless they were seriously targeting you on some revenge shit.

Local attacks don't really happen on a consumer basis and the last large scale local attack was when they were dropping fake flash drives outside of the pentagon hoping some idiot would pick them up and stick them into their intranet PC's.

>>60986935

who took this pic

>>60986371
I love this cat, mind if i save it?

>>60986961
>implying there's something wrong with MIPS

>openbsd
>i386
>requires local root to exploit

>>60988622
It doesn't need local root to exploit, it would be a pretty shitty privilege escalation if it needed root.

What it needs is ability to run something on the local machine. It isn't a remote exploit (in itself) but if you got in through a remote exploit you could use this exploit to get privilege escalation.

Windows doesn't have this problem

>>60986935
Risc-v Just isn't ready yet

>>60978415
Yeah. I'm not OP but I sympathize with his methods. During my time here I learned that you can't just say or ask something and expect /g/ to take it seriously. People will take a holier-than-thou attitude as if they knew they were right and discuss anything except what you wanted to talk about.

There is a better way. You must coax /g/ into doing what you want. To do this, you become the insufferable uneducated prick that pretends he's right. You advance retarded positions such as "*nix is finished" and it somehow baits /g/ into responding. It puts them on the defensive, they rapidly rush in to defend *nix, explain mitigation and why everything's okay, which is probably what OP wanted all along.

You can see this all over the board.

>why do you use <language> in <year>? it doesn't even have <feature>
><company> IS FINISHED
>my linux broke again! fuck your timesink OS that doesn't work!

It'a simple. Notice the fanboyism present in /g/. All you have to do is negate some generally accepted logical proposition and it will make fanboys rush in to restablish it's veracity.

/g/ is like live wikipedia editing. You write some stupid shit about a topic and people thay care way too much about it come rushing in to undo your damage. The only difference is that their posts don't overwrite yours.

The trick is figuring out exactly what you must say to offend as many fanboys as possible. Can't do something in Linux? Imply that Linux can't do it at all. That will trigger fanboys, who will rush in and prove you wrong, and they'll call you retarded even though you bamboozled them into doing your homework for you. Much more efficient than asking smart questions the hacker way. /g/ just ignores those.

>>60991407
>try editing a dwg on linux
>not supported
/g/ told me linux can do everything
All linux is good for is pointless ricing.

>>60991573
Psychological effects disappear once people become aware of them. People compensate. You can't bait people after talking about baiting them. Well, you can but it's a lot harder.

>>60978763
Wrong, retard
Privescs are extremely useful, getting a user to run malware on their user account is a lot easier than getting them to run as root
Then you escalate to root, install your own driver/rootkit, and you know everything they ever do now

>>60991645
Baited.

>>60991407
I think /g/ is just incapable of comprehending the idea of general trends. Something being slightly more inconvenient on Linux for instance usually ends in two sides being taken.

A) "You're a fucking idiot because I can do this in Gimp with 3 plugins and a script and a third party program and it's almost as good as the single button you click on Windows, IT'S LITERALLY THE SAME THING YOU MUST BE RETARDED"

B) "LOL Linux can't even do this one simple thing therefore it can't do anything, BTFO"

Also see web browsers, hardware manufacturers, mobile phone brands and practically any binary choice you could make including whether or not you should breathe.

>>60980014
>720p video at 70% cpu usage
Can you stop

>>60991958
What?

>>60991757
Is it really bait if I was willing to answer all along?

>>60991901
Pretty much. Those two framing devices invite different kinds of replies. The first attracts Windows people who will argue endlessly that it's easier on Windows, the second will attract Linux people who will prove that it can be done. OP can learn useful information from both groups. It all depends on OP's need.

Honestly in /g/'s case I'd rather assume malice than stupidity. I'd rather think people are baiting than believe they're actually this stupid. With this mindset this board makes a lot of sense.

>>60992067
OpenBSD has no support for hardware video decoding acceleration like VA-API, meaning you're going waste nearly 100% of your CPU to decode 1080p/60fps youtube videos. It's basically unusable on the desktop unless you're rms.

>>60986371
>they laugh at my OS ZOMG time to call /v/eddit army!1!!!1111

Windows is shit.
*nix is not yet, though Poettering and his cocksuckers are working hard to "fix" it

Did you know that your great patched OS renders scrollbars in the kernel space?

>>60987109

probably an ugly person

>>60984798
Apple uses it in all their Airport products.

>>60987109
A Trump.

>>60986371
This is a local exploit that is really complicated. Its not that bad.

>>60992636
Works on my machine

>>60993028
Airport devices use NetBSD

>>60986371
>that filename

>>60991958
>>60992636
cpu is meant to be used.

>>60992648
>being this salty because you got told hard
Hypocrisy may be one of your "qualities", both operating systems have their own shit but at least I don't get butthurt because of it.

Or should I assume you like to suck Stallman's cock too like those freetards just because you don't like Windows?

>>60994698
I dunno man. Rendering scrollbars in kernel space seems pretty bad.

>>60994852
It is.
But that doesn't mean the neighbor's grass is greener as well, as you can see from this thread.

>>60978273

a stack overflow in its most basic form

W e W

really doing cutting edge research

>>60978273
L M A O

You get what you pay for Linuxtards

>>60978273
HAHAHAHAHAHA FREEKEKS BTFO!!!1!!!!

What are the steps for this attack exactly?

Someone please tell.

File: scr.png (7KB, 317x141px) Image search: [Google]

7KB, 317x141px

I think I'll be fine.

>>60978273
with every exploited bug Linux is only getting stronger

>>60987358

Lack of available consumer hardware makes MIPS pretty much unusable for anything other than embedded.

>>60998858
isn't lemote MIPS?

i wish i could find lemote hardware for cheap somewhere

>>60998829
I guess that explains why Windows is so secure

>>60998871

I wish I could find a place where Lemote hardware could be purchased AT ALL. Is it really that hard for them to just put their laptop on Amazon and let freetards buy their shit?

>>60991901
ayyyyyy you like modern web browsers?

File: td.jpg (24KB, 418x438px) Image search: [Google]

24KB, 418x438px

>>60978273
>they put their code on the stack

>>60991901
It's much simpler than that. 4chan is filled with counter-culture nerds that desperately want to be snowflakes, so they latch on to everything contrary to pop culture.

Of course, much like the Hot Topic mall goths who wear those hilariously ironic shirts, they end up all being the same as the other 'non-conformists', despite their intent.

File: image.png (17KB, 711x378px) Image search: [Google]

17KB, 711x378px

this is from the freebsd installation

does it mitigate any?

new android root when

So basically it's a stack overflow except instead of writing on an unmapped/protected page, you write possibly uncontrollable data at possibly random addresses of the process.

It sure sounds easy to exploit, especially with ASLR.

>>60998858
My next desktop's going to be an 8 core miniITX MIPS build.

>>60999058
You can buy it straight from them, send them an email.

>>60998776
>using a distro with a broken gpg

Eh. The PaX team had their own response to this which was basically, the new linux patch is more of a triage than a real fix. They have had a true fix in the form of a guard page for quite a few years now in the security patch set but nobody uses them.

>>61002581
>ASLR
...doesn't affect the stack location much on Linux, which only randomizes it within an 8MB range. The stack exploit this thread talks about uses much more space, so ASLR is essentially useless here.

>>61002762
Where do you buy your mips equipment?

>>61000229
Seems like it >>61002847

>>60995211
And Windows has telemetry. So, what now?

>>61002804
What's wrong with the gpg?

>>60992648
>le epic scrollball in kernel maymay xD

>>60978946
I always hear that.
Why AIX is so bad?

>>60991282
This works on all the boards by the way, it's not just a /g/ thing.

>>60986371
>Linux bug is made know to developers for first time
>Fixed within hours
>Windows """bug""" previously """unknown""" to Microsoft that the NSA have been using for years is finally leaked
>Fixed as soon as the general public know about it

File: 14248683652.jpg (27KB, 399x385px) Image search: [Google]

27KB, 399x385px

>>60991282
>Newfags thinks shitposting is fanboyism

>>61003278
There's nothing wrong with telemetry.

>>61005296
>he believes in the bug correcting process of linux
those fuckers suppress news of bugs as soon as they can.

>>61000229
>>61002847
Have you even read the page? That's their point, they managed to jump over a guard page.

>>60986371
You jelly winfag?

>>61005487

How does that even work, idiot.

>>61005541
While theoretically this is possible, it just seems completely infeasible to exploit in most situations due to the amount of control over the stack/SP that is required; additionally, unless the binary SUID bit is set and owned by root, I struggle to see how this can result in root privesc.

It'll be interesting to see a reference implementation of this kind of exploit.

>>61005487
They? Kernel.org or what?

>>61005607
https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt :
> To illustrate our findings, we developed the following exploits and proofs-of-concepts: [7 exploits, 6 PoCs]

File: 1483662739969.png (973KB, 801x1500px) Image search: [Google]

973KB, 801x1500px

>>61005634
Cheers

>>61004917
It uses weird nonsensical shit, I migrated AIX -> Linux, and the disk clustering/logical partitioning is retarded, also PowerHA is a joke -- they sell a product that is literally a bunch of korn shell scripts.

>>61005352

t. corporate shill/government

>>61003241
My current stuff either comes from Mouser or eBay, but those are just SBCs and an old workstation. I'm getting the desktop from Lemote.