🦞🌯 Lobster Roll

Thread

Model-Checking an Entire Linux Distribution for Security Vulnerabilities (2005) (people.eecs.berkeley.edu)
L 1 pts 0 comments by nickpsecurity Feb 27, 2019 formalmethodslinuxpdfsecurity thread
Uses [MOPS](https://people.eecs.berkeley.edu/~daw/mops/).

Stories related to "Model-Checking an Entire Linux Distribution for Security Vulnerabilities (2005)" across the full archive.

Model-Checking an Entire Linux Distribution for Security Vulnerabilities (2005) (people.eecs.berkeley.edu)
L 1 pts 0 comments by nickpsecurity Feb 27, 2019 formalmethodslinuxpdfsecurity Systems / Low-Level / OSProgramming Languages / CS TheorySecurity / Privacy thread
Uses [MOPS](https://people.eecs.berkeley.edu/~daw/mops/).
Memory-Model Recommendations for Rusting the Linux Kernel (paulmck.livejournal.com)
L 11 pts 1 comments by lattera Oct 14, 2021 linuxrustsecurity Systems / Low-Level / OSSecurity / Privacy thread
Data science linux distribution (datasciencelinux.com)
L 3 pts 1 comments by bravura Aug 31, 2012 linux Systems / Low-Level / OSScience / Math / Physics thread
cr0 blog: Introducing Chrome's next-generation Linux sandbox (blog.cr0.org)
L 3 pts 0 comments by syndrowm Sep 7, 2012 linuxsecurity Systems / Low-Level / OSSecurity / PrivacyInternet / Digital Culture thread
Attacking hardened Linux systems with kernel JIT spraying (mainisusuallyafunction.blogspot.com)
L 2 pts 0 comments by jcs Nov 18, 2012 linuxsecurity Systems / Low-Level / OSSecurity / Privacy thread
Full Disclosure: linux rootkit in combination with nginx (seclists.org)
L 6 pts 0 comments by inactive-user Nov 21, 2012 linuxsecurity Systems / Low-Level / OSData / Databases / InfrastructureSecurity / Privacy thread
Linux terminal keylogger in userspace (average-coder.blogspot.com.ar)
L 4 pts 6 comments by inactive-user Dec 17, 2012 linuxsecurity Systems / Low-Level / OSProgramming (General)Security / Privacy thread
Exploiting 64-bit Linux like a boss (scarybeastsecurity.blogspot.se)
L 7 pts 0 comments by inactive-user Feb 4, 2013 androidassemblyclinuxsecurity Systems / Low-Level / OSSecurity / Privacy thread
Forensic Analysis of Tor on Linux (blog.torproject.org)
L 1 pts 0 comments by jcs Apr 13, 2013 linuxreversingsecurity Systems / Low-Level / OSSecurity / Privacy thread
A closer look at a recent privilege escalation bug in Linux (CVE-2013-2094) (timetobleed.com)
L 5 pts 0 comments by jcs May 21, 2013 linuxreversingsecurity Systems / Low-Level / OSSecurity / Privacy thread
Use Google Authenticator For Two-Factor SSH Authentication in Linux (scottlinux.com)
L 2 pts 0 comments by inactive-user Jun 3, 2013 linuxsecurity Systems / Low-Level / OSSecurity / Privacy thread
SELinux's toxic mistake (utcc.utoronto.ca)
L 8 pts 3 comments by jcs Jun 9, 2013 linuxsecurity Systems / Low-Level / OSSecurity / Privacy thread
Linux Back Door Uses Covert Communication Protocol (symantec.com)
L 5 pts 3 comments by inactive-user Dec 1, 2013 linuxsecurity Systems / Low-Level / OSSecurity / Privacy thread
Why you will love nftables (iptables replacement in linux 3.13) (home.regit.org)
L 5 pts 0 comments by henkjan Jan 21, 2014 linuxsecurity Systems / Low-Level / OSSecurity / Privacy thread
Linux 3.4+: arbitrary write with CONFIG_X86_X32 (CVE-2014-0038) (openwall.com)
L 7 pts 0 comments by jcs Jan 31, 2014 linuxsecurity Systems / Low-Level / OSSecurity / Privacy thread
Differences Between ASLR on Windows and Linux (cert.org)
L 2 pts 0 comments by jcs Feb 11, 2014 linuxsecuritywindows Systems / Low-Level / OSSecurity / Privacy thread
10,000 Linux servers hit by malware serving tsunami of spam and exploits (arstechnica.com)
L 5 pts 0 comments by tedu Mar 18, 2014 linuxsecurity Systems / Low-Level / OSSecurity / Privacy thread
That's right, tsunami.
Fishing for Hackers: Analysis of a Linux Server Attack (draios.com)
L 7 pts 1 comments by tobym May 7, 2014 linuxsecurity Systems / Low-Level / OSSecurity / Privacy thread
The Linux Security Circus: On GUI isolation (2011) (theinvisiblethings.blogspot.com.br)
L 3 pts 1 comments by gabeio May 12, 2014 linuxsecurity Systems / Low-Level / OSSecurity / Privacy thread
Libressl's prng is unsafe on linux (agwa.name)
L 16 pts 1 comments by henkjan Jul 15, 2014 linuxsecurity Systems / Low-Level / OSSecurity / Privacy thread
Linux introduces getrandom(2) syscall (helpful for LibreSSL) (lists.openwall.net)
L 23 pts 3 comments by vfoley Jul 17, 2014 linuxsecurity Systems / Low-Level / OSSecurity / Privacy thread
CVE-2014-7284 (NGRO Bug): Lack of randomness in Linux kernel network secrets (webcache.googleusercontent.com)
L 8 pts 3 comments by jcs Oct 2, 2014 linuxsecurity Systems / Low-Level / OSSecurity / Privacy thread
On Linux, 'less' can probably get you owned (seclists.org)
L 11 pts 3 comments by journeysquid Nov 24, 2014 linuxsecurity Systems / Low-Level / OSSecurity / Privacy thread
Offset2lib: bypassing full ASLR on 64bit Linux (cybersecurity.upv.es)
L 9 pts 0 comments by jcs Dec 5, 2014 linuxsecurity Systems / Low-Level / OSSecurity / Privacy thread
Linux kernel: multiple x86_64 vulnerabilities (seclists.org)
L 7 pts 0 comments by breul99 Dec 17, 2014 linuxsecurity Systems / Low-Level / OSSecurity / Privacy thread
The Linux “Grinch” Vulnerability: Separating The Fact From The FUD (blog.threatstack.com)
L 9 pts 1 comments by byoung Dec 18, 2014 linuxsecurity Systems / Low-Level / OSSecurity / Privacy thread
Multi-threaded setxid on Linux (ewontfix.com)
L 7 pts 0 comments by tedu Jan 17, 2015 linuxsecurity Systems / Low-Level / OSSecurity / Privacy thread
Slightly related issue that also provides some context: https://github.com/golang/go/issues/1435
Exploiting “BadIRET” vulnerability (CVE-2014-9322, Linux kernel privilege escalation) (labs.bromium.com)
L 4 pts 0 comments by lattera Feb 3, 2015 linuxsecurity Systems / Low-Level / OSSecurity / Privacy thread
First fully sandboxed Linux desktop app (blogs.gnome.org)
L 9 pts 0 comments by mediremi Feb 17, 2015 linuxsecurity Systems / Low-Level / OSSecurity / Privacy thread
​No reboot patching comes to Linux 4.0 (zdnet.com)
L 7 pts 0 comments by cnst Mar 4, 2015 linuxsecurity Systems / Low-Level / OSSecurity / Privacy thread