out-of-tree (github.com/jollheef/out-of-tre) has been integrated to Linux Kernel Runtime Guard.

Now you can use the upstream repository (github.com/openwall/lkrg) for [[preload]] section in .out-of-tree.toml to check exploits against it.

Aside from exploitation, now you can build an LKRG module for the target system without pain :)

Today is snow in Côte d'Azur

Low ISO shot with the use of the lightning strike as a flash (caught by using interval timer shooting)

A good way to memorize anything for people with a goldfish-level memory as I have:
1. Record something that needs to be memorized on the dictaphone.
2. Listen on repeat.
3. ???

I've stopped procrastinating and started to actually learn French.

/* just to remember the exact date */

Font rendering comparison for macOS between default scaling and 2x, and ThinkPad P1 with NixOS GNU/Linux (default font rendering settings) as an example from some other world.

All photos shot from the same distance. Don't pay attention to moiré patterns.

All the time when I'm installing NixOS on the server machine and forget to add swap.

Here are results of testing exploits from github.com/jollheef/lpe with the LKRG by Openwall (openwall.com/lkrg/)

For unprepared (no code to bypass LKRG) exploits it actually works well. Only CVE-2016-5195 (aka Dirty COW) still works.

Show thread

out-of-tree v1.4.0 has been released: github.com/jollheef/out-of-tre

Added ability to preload any supported kernel module just by a URL. It can be used to develop new mitigations and test existing exploits against them.

Checkout example of usage with LKRG here: github.com/jollheef/out-of-tre

Show older

lor.sh is yet another mastodon instance.