Infosec focused free software, research, publications, community activities
@oss_security
. Tweets are announcements. Please direct questions to
@solardiz
.
Linux Kernel Runtime Guard (LKRG) now has its own website and Twitter account
@lkrg_org
. Version 0.9.2 by
@Adam_pi3
et al. adds support for new Linux kernels (5.14 to 5.16-rc* and hopefully beyond).
Juho Junnila's Master's Thesis "Effectiveness of Linux Rootkit Detection Tools" shows our LKRG as by far the most effective kernel rootkit detector (of those tested), even though that wasn't our primary focus: h/t
@Adam_pi3
Linux Kernel Runtime Guard (LKRG) 0.9.8 by
@Adam_pi3
et al. is out, adding a remote kernel message logging capability sponsored by
@binarly_io
.
This update is already packaged for Rocky Enterprise Linux 8.9 and 9.3
@rocky_linux
.
Linux Kernel Runtime Guard (LKRG) 0.7 by
@Adam_pi3
adds experimental support for ARM64 (AArch64) and grsecurity, support for Linux 5.1 and 5.2+, greater SMEP enforcement, and much more:
Slides of
@solardiz
's talk "Linux kernel remote logging: approaches, challenges, implementation" from
@BSidesZagreb
The talk also included live demo of LKRG
@lkrg_org
catching
@chompie1337
's CVE-2021-3490 exploit and logging this event on another continent
yescrypt is now the default password hashing scheme on Debian 11 (released recently) and Fedora 35 (released today). Perhaps Ubuntu and RHEL next? Updated the per-distro references at
passwdqc 1.4.0, a new version of our password/passphrase strength checking and enforcement tool set, is out. This version adds optional non-English messages, Linux-PAM audit support, and includes portability and documentation fixes:
Linux Kernel Runtime Guard (LKRG) 0.9.7 by
@Adam_pi3
et al. is out, adding support for Linux 6.4 to 6.5.x and hopefully beyond, as well as for new RHEL 9.1 and 9.2 kernels.
Linux Kernel Runtime Guard (LKRG) 0.9.0 by
@Adam_pi3
et al. is out, adding support for new Linux kernels, optionally building LKRG in-tree, Continuous Integration (boot tests in VMs, including with Ubuntu's daily updated mainline kernels), and much more:
Linux Kernel Runtime Guard (LKRG) 0.8 by
@Adam_pi3
adds support for latest kernels, 32-bit ARM (already had 64), Raspberry Pi 3 & 4, better scalability, performance, and tradeoffs, the notion of profiles, new documentation,
@Phoronix
benchmarks, and more:
All of our projects previously maintained in CVS are now in Git (yes, older ones with commit histories for ~20 years) and under the Openwall organization on GitHub. There are a total of 22 Git repositories now.
Linux Kernel Runtime Guard (LKRG) in a nutshell,
@Adam_pi3
's slides presented a few days ago at
@OSTconf
(online; formerly Linux Piter): (announcement: )
We've just launched Openwall Password Recovery and Password Security Auditing Bundle in
@awsmarketplace
. Start your password recovery or audit in
#AWS
cloud in minutes, complete it within our 5-day free trial or support our Open Source project afterwards.
Linux Kernel Runtime Guard (LKRG) 0.8.1 by
@Adam_pi3
is a bug fix release to address a user-triggerable Oops (read via a near-NULL pointer) on 64-bit Linux 4.17+ first reported by
@zx2c4
:
We've just launched Openwall Password Recovery and Password Security Auditing Bundle in
@awsmarketplace
. Start your password recovery or audit in
#AWS
cloud in minutes, complete it within our 5-day free trial or support our Open Source project afterwards.
John the Ripper "in the cloud" update:
Updated JtR, Amazon Linux 2, NVIDIA GPU driver. Enabled new AWS instance types. Benchmarks for new largest Intel 128x AVX-512 and AMD 192x AVX2 instances. Spot instance friendliness and updated launch instructions.
passwdqc 2.0.3 releases for Unix-like and Windows systems are out, with many minor additions and changes. Leaked password filter files updated to HIBP v8, encoding the 847+ million unique passwords (from billions of accounts) in a 3.5 GB file.
yescrypt KDF and password hashing scheme updated to 1.1.0 and included in Fedora 29+ and ALT Linux via libxcrypt:
yespower PoW scheme updated to 1.0.1:
John the Ripper "in the cloud" update:
Updated JtR, sample files. No free trial. More supported instance types. Benchmarks for p3.2xlarge (NVIDIA Tesla V100), c5.24xlarge (Intel Xeon, AVX-512), and c5a.24xlarge (AMD EPYC, AVX2). Spot instance instructions.
passwdqc 2.0.0 is out, adding support for external wordlist, denylist, and binary filter files. The latter are improved cuckoo filters, for which the added pwqfilter program includes reusable grep-like functionality. HIBP v7 613M+ passwords fit in 2.3 GiB.
After 10 years since the previous release, we've just released version 1.2 of tcb, implementation of our alternative password shadowing scheme. Changes include libxcrypt and new glibc support, non-English messages support, and dropping of NIS/NIS+ support.