Skip to content
I T S S
  • Welcome
  • Hardware
  • Internet
  • Networking
  • Security
  • Data Recovery
  • Support
  • Contact
  • Webmail

pfSense / Wireguard / Bad Code / Close Call

By itss | 26/03/2021
0 Comment

A nice write-up of how a whole bunch of bad code very nearly ended up in FreeBSD 13 due to several bad calls on the part of pfSense. https://arstechnica.com/gadgets/2021/03/buffer-overruns-license-violations-and-bad-code-freebsd-13s-close-call/

Category: Technology
Post navigation
← Apple Continues Its Trip To The Dark Side With The Release of MacOS 17 (Big Sur) A Nice Little Cryptography Primer →

Recent Posts

  • Hardware Exploits?
  • Why Quake3 was so fast : Fast Inverse Square Root
  • A Nice Little Cryptography Primer
  • pfSense / Wireguard / Bad Code / Close Call
  • Apple Continues Its Trip To The Dark Side With The Release of MacOS 17 (Big Sur)

Slashdot

News for nerds

  • NASA Craft To Face Heat-Shield Test on Its First Astronaut Flight Next Year
    by msmash on 31/12/2025 at 8:30 pm

    An anonymous reader shares a report: Getting to space is hard. In many ways, getting back is even harder. NASA soon aims to pull off the kind of re-entry it last conducted more than 50 years ago: safely returning astronauts to Earth after they fly to the moon and back. The mission is a big moment for NASA, which will put a crew on its Orion ship for the first time. The flight will test the spacecraft's heat shield, designed to protect the astronauts on board. Re-entries of vehicles from orbit remain one of the high-stakes parts of any human spaceflight, given the stress they put on spacecraft. In 2003, NASA's Columbia Space Shuttle broke apart as it came back from low-Earth orbit due to a breach on the vehicle that occurred during launch. All seven astronauts on board were killed. Orion will be coming back to Earth from much further away than low-Earth orbit, where all recent human spaceflights have been conducted. That means its velocity and the energy it needs to disperse will be greater, putting even more stress on the heat shield. During a test flight in 2022 that didn't include astronauts, Orion's heat shield didn't perform as expected. That sparked worries about crew safety on future missions, prompting NASA to investigate and address what happened. NASA will launch Orion with the astronauts on board as soon as February. [...] When the vehicle initially re-enters the Earth's atmosphere, it will be traveling around 25,000 miles an hour and face temperatures of 5,000 degrees as it slows down. The Orion craft, developed by Lockheed Martin for NASA, has a shield that is almost 17 feet in diameter. Installed on the vehicle's underside, the shield is covered in what is called an "ablative" material, which is designed to shift heat away from the craft during re-entry by burning off in a controlled manner. Read more of this story at Slashdot.

  • JPMorgan Says Javice Firms Billed Millions Just for 'Attendance'
    by msmash on 31/12/2025 at 7:51 pm

    JPMorgan Chase is now fighting to avoid paying $10.2 million in disputed legal charges racked up by Charlie Javice, the convicted founder of student-finance startup Frank, after court filings revealed her defense team billed more than $5 million simply for attending her fraud trial -- including on days when court wasn't even in session. A previously sealed Delaware court filing [PDF] released Monday showed that Javice's total legal tab has reached $74 million, far exceeding the $30 million Elizabeth Holmes spent defending herself in the Theranos case. JPMorgan claims the five law firms representing Javice operated under the mindset that "someone else is paying her bills." The bank's filing focused on Quinn Emanuel and Mintz Levin, the two largest firms on Javice's defense. JPMorgan said Javice had between 16 and 29 lawyers and legal staff present every day of her six-week trial, billing an average of $360,000 daily. No more than four lawyers had speaking roles. Among the 2,377 pages of receipts submitted for March: a Cookie Monster toddler's toy, lavender and jasmine sachets, 57 hotel room upgrades at $300 per night, and a $900 meal at Koloman, a highly rated New York restaurant. A New York jury found Javice guilty in March of misleading JPMorgan into acquiring Frank for $175 million by fabricating millions of fake users. She was sentenced in September to seven years in prison but remains free on bail pending her appeal. Read more of this story at Slashdot.

  • Net Neutrality Was Back, Until It Wasn't
    by msmash on 31/12/2025 at 7:10 pm

    The fight over net neutrality saw another turbulent year in 2025, as federal protections that seemed poised for a comeback in 2024 were first struck down by a court and then preemptively removed by the Trump administration's FCC without a chance for public comment. The removal, The Verge summarizes in a report, was part of Chairman Brendan Carr's "Delete, Delete, Delete" initiative targeting what the agency deems unnecessary regulations. Federal net neutrality rules have now been on and off for 15 years, passing under Obama in 2010, returning in 2015, getting overturned in 2017, and briefly revived in 2024 before courts struck them down again. Matt Wood, vice president of policy and general counsel at nonprofit Free Press, told The Verge that ISPs often feel little financial impact from these rules. "A lot of their complaints about the supposed 'burdens' from these rules are really just ideological in nature," Wood said. States have filled the void. California's 2018 law remains the nation's gold standard, and Maine passed a bipartisan bill in June. John Bergmayer, legal director at Public Knowledge, said state-level laws and the threat of new ones "has kept some of the worst outcomes in check." The National Telecommunications and Information Administration is now pressuring states to exempt ISPs from net neutrality laws to remain eligible for broadband infrastructure funding. Chao Jun Liu of the Electronic Frontier Foundation summed up the year's pattern: "ISPs just want to do whatever they want to do with no limits and nobody telling them how to do it." Read more of this story at Slashdot.

  • Poor Sleep Quality Accelerates Brain Aging
    by msmash on 31/12/2025 at 6:30 pm

    A large-scale study tracking more than 27,500 middle-aged and elderly people over roughly nine years has found that poor sleep quality is associated with accelerated brain aging, and chronic inflammation appears to be one of the key mechanisms driving this effect. Researchers at Sweden's Karolinska Institute assessed participants' sleep across five dimensions -- chronotype, duration, insomnia, snoring and daytime sleepiness -- and later scanned their brains using MRI to estimate biological brain age through machine learning models. The results? For every point decrease in healthy sleep score, the gap between brain age and chronological age widened by approximately six months. Those in the poorest sleep category had brains that appeared roughly one year older than their actual age. Night-owl tendencies, sleep duration outside the 7-8 hour sweet spot and snoring were particularly strongly linked to brain aging. The researchers measured low-grade inflammation using biomarkers including C-reactive protein levels and white blood cell counts. Inflammation accounted for more than 10% of the association between poor sleep patterns and brain aging. The glymphatic system, which clears waste from the brain primarily during sleep, may also play a role, the research added. Read more of this story at Slashdot.

  • Slashdot Asks: Your Favorite 2025 Movies, TV Shows and Books?
    by msmash on 31/12/2025 at 5:00 pm

    Another year wraps up, and with it comes the annual ritual of taking stock. What were the movies, TV shows and books from this year that stood out to you? Not necessarily the ones that dominated conversation or topped charts, but the ones you found yourself recommending to friends, or returning to for a second watch or read. Share your picks and, if you're inclined, a line or two on what made them stick. Read more of this story at Slashdot.

  • Can Colossal's Genetically Engineered Animals Ever Be the Real Thing?
    by msmash on 31/12/2025 at 4:40 pm

    Colossal Biosciences, the Texas-based startup now valued at more than $10 billion that has attracted investments from Paris Hilton, Peter Jackson and Tom Brady, claimed earlier this year to have resurrected the dire wolf -- an animal that disappeared at the end of the last ice age -- but a group of leading canid experts concluded the company had done no such thing. The scientists found that Colossal had made 20 edits to the DNA of grey wolves and the resulting animals did not substantially differ from wolves currently roaming North America. Beth Shapiro, Colossal's own chief scientist, acknowledged to New Scientist: "It's not possible to bring something back that is identical to a species that used to be alive. Our animals are grey wolves with 20 edits that are cloned." Nic Rawlence, director of the palaeogenetics laboratory at the University of Otago in New Zealand, added: "Rather than true de-extinction, Colossal's attempts are genetically engineered poor copies at best, passed off as the real deal." The company has nevertheless pressed forward. It has launched projects to revive the Tasmanian tiger, the dodo, and the moa and plans to unveil its interpretation of the woolly mammoth -- a genetically modified Asian elephant adapted to survive at -40C -- in the coming years. The Trump administration cited the dire wolf announcement while making efforts to cut the US endangered species list, calling de-extinction technology a potential "bedrock for modern species conservation." Read more of this story at Slashdot.

Archives

  • September 2022
  • November 2021
  • June 2021
  • March 2021
  • November 2020
  • October 2020
  • September 2020
  • February 2020
  • January 2020
  • October 2019
  • August 2018
  • July 2018
  • April 2018
  • February 2018
  • January 2018
  • December 2017
  • October 2017
  • September 2017
  • August 2016
  • July 2016
  • March 2016
  • February 2016
  • August 2015
  • May 2015

Categories

  • Innovation
  • Security
  • Software
  • Technology

Tags

backdoor cisco coding json laziness patterns public information announcement security vulnerability
© 2017 IT Sales & Services Ltd
Quality IT solutions in Tanzania since 2010
Iconic One Theme | Powered by Wordpress