Openwall
@Openwall
Followers
7K
Following
0
Media
1
Statuses
378
Infosec focused free software, research, publications, community activities @oss_security. Tweets are announcements. Please direct questions to @solardiz.
Joined June 2010
Linux Kernel Runtime Guard @lkrg_org 1.0.0 by @Adam_pi3 @solardiz @kerneltoast et al. is out, adds support for Linux 6.13+ (tested to 6.17-rc4), forward-edge CFI (Intel CET IBT, KCFI), ..., reduces performance overhead, shrinks the codebase by ~2500 lines.
Heading to Nullcon Berlin 2025? @solardiz will share his LKRG expertise by taking an in-depth look at kernel hardening challenges and what it takes to protect systems in the real world. https://t.co/QSiQzQyrK6
#NullconBerlin2025 #LinuxSecurity #RLC_H
0
8
18
At #NullconBerlin2025, @solardiz will walk us through the journey from LKRG’s edgy debut to its 1.0 release – complete with real-world attacks, trade-offs, nasty bugs, & some honest truths about kernel hardening. Know More: https://t.co/zApTl1QVhx
#LKRG #LinuxSecurity
1
6
13
End of an era: our CVSweb service turned 21 today, and was promptly retired. Our anoncvs was similarly shut down at the age of 21 two years ago, quietly.
All of our projects previously maintained in CVS are now in Git (yes, older ones with commit histories for ~20 years) and under the Openwall organization on GitHub. There are a total of 22 Git repositories now. https://t.co/wlAWzBrE2G
0
3
12
🔒 Enhancing LKRG: A Step Toward Stronger Security. CIQ's own Sultan Alsawaf recently contributed impactful updates to the LKRG project, fixing longstanding bugs & making it stronger & more stable than ever. Learn more here 🔗 https://t.co/M7XYMUqLEh
#HPC #IT #LKRG #OpenSource
0
6
7
I'm happy to build upon and extend the ideas and approaches we had tested and proven, and expertise gained building @Openwall's security enhanced Linux distribution, now for @CtrlIQ's wider audience and in a modern context.
📣 Exciting news from CIQ! 📣 Announcing Rocky Linux from CIQ - Hardened! Read the press release: https://t.co/7c0UicklQz
#RLCHardened #RLC #RockyLinux #CIQ #SysAdmin #ProductLaunch
1
7
18
Linux Kernel Runtime Guard @lkrg_org 0.9.9 by @Adam_pi3 et al. is out, adds support for Linux 6.11+, 6.10.10+, 5.10.220+, CentOS Stream 9 (upcoming RHEL 9.5). https://t.co/EoLLUSgHYO Updated packages for Rocky Linux 9.4 and 8.10 being released https://t.co/65yCiBdt1S
@rocky_linux
1
5
22
We sponsored the porting of the yescrypt Linux password hash algorithm to Go as an open source project. Read more below. This is now part of our agentless password auditor feature on Linux as well.
Announcing yescrypt-go, our pure Go reimplementation of yescrypt key derivation function (KDF) and password hashing scheme. Builds upon @dchest's Go scrypt, with yescrypt support added by @solardiz. Sponsored by @SandflySecurity. https://t.co/ATOv8KMSKl
https://t.co/glYvhP3se6
1
3
11
Announcing yescrypt-go, our pure Go reimplementation of yescrypt key derivation function (KDF) and password hashing scheme. Builds upon @dchest's Go scrypt, with yescrypt support added by @solardiz. Sponsored by @SandflySecurity. https://t.co/ATOv8KMSKl
https://t.co/glYvhP3se6
Sandfly 5.1.1 features yescrypt support for our agentless Linux password auditor, new detection modules for debugger activity, and an important performance fix for the database. Read more about these new features below: https://t.co/BDfPmydrgN
0
6
12
Updated my @offensive_con keynote talk slides page to include links to our other related presentations https://t.co/PPRzSPS0YT
Just published slides of @solardiz's @offensive_con keynote talk "Password cracking: past, present, future"
1
23
60
Just published slides of @solardiz's @offensive_con keynote talk "Password cracking: past, present, future"
0
14
39
Is Open Source focused threat intelligence - Tactics, Techniques, and Procedures (TTPs), Indicators of Compromise (IOCs), exploits/rootkits/backdoors in the wild - a desirable topic for oss-security or for a separate mailing list? If separate, where to draw the line (reply)?
1
3
5
CVE-2024-31497: PuTTY: Secret Key Recovery of NIST P-521 Private Keys Through Biased ECDSA Nonces https://t.co/uVOkwMX3Aw Affected Products - PuTTY 0.68 - 0.80 - FileZilla 3.24.1 - 3.66.5 - WinSCP 5.9.5 - 6.3.2 - TortoiseGit 2.4.0.2 - 2.15.0 - TortoiseSVN 1.10.0 - 1.14.6
1
49
118
@solardiz @Adam_pi3 @lkrg_org
https://t.co/uQpq1nmB8q (with the kernel_path fixed) gives me a root shell on a fully patched Debian 12. But with LKRG loaded I see
1
6
9
Backdoor in upstream xz/liblzma leading to ssh server compromise
7
281
473
Thank you @binarly_io for sponsoring the remote logging research and implementation, @CtrlIQ @Rocky_Linux for encouraging this release and talk, @chompie1337 for the reliable exploit, and @BSidesZagreb organizers, sponsors, speakers for such a great event.
Photos: @BSidesZagreb 2024 - https://t.co/qHE0ynxe7B - @bojanz @infigois @advocatemack @GitGuardian @solardiz @k0st @Divertosecurity @mdecrevoisier @cocomelonckz @SrceHr #BSides #BSidesZagreb #cybersecurity #conferences #EU
1
1
10
Slides of @solardiz's talk "Linux kernel remote logging: approaches, challenges, implementation" from @BSidesZagreb
https://t.co/fyCqj4f2zU The talk also included live demo of LKRG @lkrg_org catching @chompie1337's CVE-2021-3490 exploit and logging this event on another continent
1
9
19
Linux Kernel Runtime Guard (LKRG) 0.9.8 by @Adam_pi3 et al. is out, adding a remote kernel message logging capability sponsored by @binarly_io. https://t.co/CIByuR6sJ8 This update is already packaged for Rocky Enterprise Linux 8.9 and 9.3 @rocky_linux.
1
12
26
oss-security and (linux-)distros infrastructure migrated to the Netherlands. Statistics for all of 2023.
0
2
2