Harry Sintonen
Infosec consultant @WithSecure - Coding, Research + various other interests
- 14 Posts
- 16 Comments
“#Nordnet admits that it was possible to trade in other people’s depots during the IT breakdown”
Nordnet has a lot of technical issues to sort out. If the malfunction allowed unauthorized parties to operate the accounts it will be quite messy to sort out.
Among with technical part, they will have to deal with the regulatory issues, in particular the Financial Supervisory Authority. They will demand answers.
I still occasionally write some m68k code and apps. These are from 2024:
- Execute code in #amiga color registers: https://sintonen.fi/src/colexec/colexec.asm
- RXS-M-XS 32bit->32bit Permuted Congruential Generator: https://sintonen.fi/src/misc/pcg/_rand.asm
- Minimal modplayer (protracker music player): https://sintonen.fi/src/minimod/ (the replayer routine is mostly from Frank Wille however)
I also participated in very useless size/speedcoding competitions - some of them are still accessible from this old web page: https://amycoders.org/compo/
Note that some of the HTML is a bit broken, for example https://amycoders.org/compo/circlecompo.html - you can view source to see the full routine
#m68k #assembly #sizecoding #speedcoding
@SatyrSack@feddit.org Curl will likely address this eventually even though they don’t consider it a vulnerability. See https://github.com/curl/curl/issues/16197
The latest curl version 8.12.0 (released today) is affected.
The details of the #AMD Microcode Signature Verification #Vulnerability are out:
- https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3019.html
- https://github.com/google/security-research/security/advisories/GHSA-4xq7-4mgh-gp6w
#infosec #infosecurity #cybersecurity
So what could you do if the microcode signature verification can be bypassed? While not directly applicable, this #defcon presentation “DEF CON 31 - Backdoor in the Core - Altering Intel x86 Instruction Set at Runtime - Krog, Skovsende” gives some ideas: https://www.youtube.com/watch?v=Zda7yMbbW7s
@gabrielesvelto Yeah, information for that vulnerability is non-existent as well. In all the vulnerability management doesn’t seem to be going great here.
Update: The “PeCoffLoader memory overflow issue for security” likely is CVE-2024-38796: https://nvd.nist.gov/vuln/detail/cve-2024-38796
I had actually forgotten I still had Docker installed on this system. I’ve now fixed this issue by uninstalling the malicious app. I’m using #podman elsewhere already, just had this install lingering still. Apple: Thanks for the warning!
@g@irrelephant.co Oof, that’s not good at all.
@screaminggoat@infosec.exchange Yep, that’s the one.
@jgrg Oops, it’s u-z. Corrected the post now, thanks for pointing that out.
Some random notes after glancing over the G15D programmer’s reference manual:
- Bendix G-15 doesn’t use hex, but sex: The notation is 0-9 u-z (sexadecimal).
- Section 3.2.3 goes into details on how to optimize performance: You need to carefully plan the order of instructions and data on the drums for optimal speed. The most optimal code will overlay computation and memory accesses. This reminds me of “the story of Mel”. The optimization tricks done don’t differ much from handcrafting optimal assembly code on more modern systems where external memory accesses are very expensive vs computation within registers.
- The addressing notation directly addresses line on the drum and offset of the word on that line. There are 20 lines with 108 29-bit words on each. Arithmetic operations operate on a separate short “register” lines that circulate much faster than the actual memory (27x speed vs memory drum).
- Considering how slow it’s to process individual memory loads / stores, it makes perfect sense that the system has block copy instructions.
- Each instruction has offset within the line to the next instructions to execute. That is, there’s always an explicit jump encoded in each instruction. Conditional code execution occurs by suppressing the jump when condition is met, in which case the jump is not taken and next instruction is executed instead. In modern architectures you generally execute next instructions address and there are dedicated branch instructions.
- Code execution can happen from 7 long lines (0, 1, 2, 3, 4, 5, 19) and one short line (23). Some lines have reserved roles and offsets, at least when using the libraries provided by Bendix.
- As there is no built-in stack register or stack a return address for subroutine calls must be handled manually. This is reminiscent to link register on some later platforms (such as PowerPC). It of course is entirely possible to manually maintain a stack on some line, dedicating some fixed address as stack pointer. All code must then agree on this decided calling convention.
- Punched (paper) tape and magnetic tape is available for input, as well as typewriter (console). Output can be (IBM) punch cards, magnetic tape or typewriter (console). The typewriter also has some switches for control.
If this trend continues, we will be losing the ability to use secure means of communication with UK friends and colleagues. For example, #signalapp will rather get out of the UK than add backdoors: https://www.bbc.com/news/technology-64584001