[Info-vax] Some of what I'm reading...
Stephen Hoffman
seaohveh at hoffmanlabs.invalid
Mon Mar 4 13:26:41 EST 2019
Practical Enclave Malware with Intel SGX; how to hide some malware in a
hard-to-access spot...
https://arxiv.org/abs/1902.03256
https://github.com/sgxrop/sgxrop
Message Layer Security (IETF working group, draft)
https://messaginglayersecurity.rocks
"Firecracker is an open source virtualization technology that is
purpose-built for creating and managing secure, multi-tenant container
and function-based services."
https://firecracker-microvm.github.io
"Attack of the week: searchable encryption and the ever-expanding
leakage function"
https://blog.cryptographyengineering.com/2019/02/11/attack-of-the-week-searchable-encryption-and-the-ever-expanding-leakage-function/
A technical history of IPsec
https://www.cs.columbia.edu/~smb/talks/why-ipsec.pdf
List of pointers to C and C++ standards:
https://stackoverflow.com/a/83763/94997
Mesh: Compacting Memory Management for C/C++ Applications (good speed
and lower memory usage)
https://arxiv.org/abs/1902.04738
clang & rust UEFI binaries, for when you need to write UEFI application code...
https://dvdhrm.github.io/2019/01/31/goodbye-gnuefi/
https://github.com/rust-osdev/uefi-rs
https://github.com/r-util/r-efi
https://c-util.github.io/c-efi/
(Yes, you could bury some code here, even on OpenVMS.)
About Wasm overhead; "Analyzing the Performance of WebAssembly vs.
Native Code".
https://arxiv.org/pdf/1901.09056.pdf
For those of you using macOS:
https://github.com/Netflix-Skunkworks/stethoscope-app
Computer (Hardware) Architecture class, caches and cache coherence,
DRAM, flash & SSDs, etc
https://safari.ethz.ch/architecture/fall2018/doku.php?id=schedule
GPU SQL:
https://blog.blazingdb.com/blazingsql-the-gpu-sql-engine-now-runs-over-20x-faster-than-apache-spark-1b0bffc990a9
More on eBPF:
https://sysdig.com/blog/sysdig-and-falco-now-powered-by-ebpf/
https://sysdig.com/blog/the-art-of-writing-ebpf-programs-a-primer/
"Millions of Binaries Later: a Look Into Linux Hardening in the Wild"
https://capsule8.com/blog/millions-of-binaries-later-a-look-into-linux-hardening-in-the-wild/
ps: "Is the number of CVEs per distribution indicative of the fact that
one distribution might be more vulnerable than another? The answer is
no."
Any NTLM password of 8 and fewer characters can now be brute-forced in
a few hours, and for $75 or less using AWS. And there are better and
faster options to using an AWS Tesla for this.
--
Pure Personal Opinion | HoffmanLabs LLC
More information about the Info-vax
mailing list