Read more of this story at Slashdot.

Read more of this story at Slashdot.

Read more of this story at Slashdot.

Read more of this story at Slashdot.

Read more of this story at Slashdot.

Read more of this story at Slashdot.

Read more of this story at Slashdot.

Read more of this story at Slashdot.

Theo (deraadt@) has just committed the crank to 6.8-beta to CVS

From: Theo de Raadt
Date: Mon, 31 Aug 2020 10:08:28 -0600 (MDT)
To: source-changes@openbsd.org
Subject: CVS: cvs.openbsd.org: src

CVSROOT:        /cvs
Module name:    src
Changes by:     deraadt@cvs.openbsd.org 2020/08/31 10:08:28

Modified files:
        sys/conf       : newvers.sh 
        sys/sys        : param.h 
        usr.bin/signify: signify.1 
        etc/root       : root.mail 
        share/mk       : sys.mk 
        sys/arch/macppc/stand/tbxidata: bsd.tbxi 

Log message:
crank to 6.8-beta

You know what this means: time to test snapshots and report any issues you find, both in the base systems as in the supplied packages, so that the upcoming 6.8 release will not surprise you in unfortunate ways!

More than six years ago, LibreSSL was forked from OpenSSL, and almost two years ago, i explained the status of LibreSSL documentation during EuroBSDCon 2018 in Bucuresti. So it seems providing an update might be in order.

Read more…

With this commit and several more, Patrick Wildt (patrick@) upgraded -current to version 10.0.0 of LLVM:

CVSROOT:	/cvs
Module name:	src
Changes by:	patrick@cvs.openbsd.org	2020/08/03 08:30:27

Log message:
    Import LLVM 10.0.0 release including clang, lld and lldb.
    
    ok hackroom
    tested by plenty
    
    Status:
    
    Vendor Tag:	LLVM
    Release Tags:	LLVM_10_0_0
[…]

In this commit, Paul Irofti (pirofti@) added support for reading timecounters in userland without making a syscall.

Read more…

Since we reported the first bits of powerpc64 support going into the tree on 16 May, work has progressed at a steady pace, resulting in snapshots now being available for this platform.

So, if you have a POWER9 system idling around, go to your nearest mirror and fetch this snapshot. Keep in mind that as this is still very early days, very little handholding is available - you are basically on your own.

Read more…

In the following commit (and a bunch of others), David Gwynne (dlg@) imported most of the code submitted recently by Jason A. Donenfeld and Matt Dunwoodie to allow you to use WireGuard natively on OpenBSD:

Read more…

Wesley Mouedine Assaby who runs the OpenBSD Jumpstart webpage with hints and tips for beginners about OpenBSD in general has produced a visualization of how PCs boot into OpenBSD.

Read more…

There is no way to do Groklaw without email. Therein lies the conundrum.

What to do?

What's it about? Didn't they just have a case management hearing in April? Why yes. Yes, they did, but there have been "progress and changes" since, according to the parties' Joint Case Management Statement [PDF], which fills us in on the details. Both parties would like some changes since the last case management hearing. Here's the last joint case management statement, back in April. And the judge's order on April 30 was to go forward immediately with the damages trial, unless certain things happened in the USPTO reexaminations of Apple's patents at issue. Some of those things have almost happened, and there are other quirks, so some changes are being requested.

The real core issue is Samsung's '381 motion, asking for a new trial on Apple's '381 patent based on newly discovered evidence or for entry of judgment on liability. Apple Opposes with a capital O. It now wants another chance to file a sur-reply [PDF], which Samsung opposes [PDF], claiming that "Apple identifies no 'new' arguments Samsung raised in its reply that were not responsive to arguments in Apple's opposition." The parties have been told that this motion wasn't on the calendar yet, but that they should be prepared to argue it on August 21. There is also the fact that the USPTO has found all relevant claims in the '915 patent invalid in a final office action. There can be more to come on that, but how does it impact the damages trial is the question?

And that is why we really should be there to hear it, if any of you can arrange your affairs to get there and be our eyes and ears. Samsung is telling the court that "Apple is attempting to 'sandbag' Samsung and obtain an unfair tactical advantage" by various proposals on how to go forward and by refusing to seriously meet and confer with Samsung. For example, Apple wants the judge to restrict the parties to the same exhibits used at the first trial. But that's not really fair in Samsung's eyes, because since that first trial, Apple has said things to the USPTO that conflict with what they said about the '381 and '915 patents at that trial:

Samsung does not believe the Court should limit the parties to the same exhibits disclosed prior to the first trial. For example, Apple has made numerous admissions to the USPTO subsequent to the first trial that directly contradict its arguments concerning the scope of the '381 and '915 patents. Apple should not be permitted to tell the Patent Office one thing and the new jury another. Samsung should be able to put this new evidence before the jury. Doing so would raise no issues concerning inconsistent appellate records because liability issues are not being retried and this damages trial will have its own separate record. Rather, the trial should be held based on an evidentiary record as it exists at the time of the new trial.

He has ruled that seeking an injunction over a FRAND patent can be proper and is not necessarily a breach of the FRAND commitment:

Additionally, as explained above, material issues of fact exist regarding whether the October offer letters violated the duty of good faith. In addition to the rate contained in the offer letters, the jury will consider language of the letters, the circumstances surrounding the letters, the industry custom and practice, and Motorola's intent in sending the letters. Motorola has presented evidence that the letters were sent in good faith, and the jury will make the final determination....

As discussed above, in certain circumstances seeking injunctive relief may constitute a breach of the RAND commitment, whereas in other circumstances such conduct may be proper. The timing of when a party seeks injunctive relief in a separate forum relative to a pending action is germane to whether that party acted in bad faith in seeking such relief. In other words, it may very well be the case that seeking injunctive relief absent a pending lawsuit is good faith, whereas seeking the same relief during the pendency of litigation over a RAND rate is bad faith.

Look at page 97. It's redacted so the identity of the woman is kept confidential, but it appears from the notation that a woman was in contact with authorities and informing them of conversations between her and Swartz.

The notation on that page reads:

[Redacted] said that she also spoke with Swartz after the search of his residence. [Redacted] said that Swartz told her that agents came into his house and took part of his book. [Redacted] said that Swartx also said that agents came into the Safra Center and took his controller for Rock Band. [Redacted] said that Swartz told her that the agents were frustrated and that they did not find what they were looking for. [Redacted] said that Swartz told her that the agents took his phones....[Redacted] said that Swartz started a Google Group called Guerilla Open Access.

Judge asks when duty of good faith bargaining begins and ends. Motorola says it is ongoing. But each breach complaint is pinned to a specific date -- not tied to the progress of the litigations. Mentions FTC order re Google acquisition of Motorola. FTC did not say that *prior* injunctive relief requests had to be dropped.

The German action was filed July 2011, MS didn't say they would accept a RAND offer until Sept 2011, and as such breach can't be a moving target. MS is stuck with the facts at the time of the complaint. Robart seemed skeptical of this, "Do you have authority for that?" answer about getting back with more briefing "I think you're wrong, but I'll be happy to read your brief." Sullivan says they have an ongoing duty, but a new breach action would be required, and the litigation in this case can't be included in this current breach action.

On Microsoft's side, it naturally immediately filed the USTR's letter [PDF] blocking the injunction against Apple by Samsung, although its cover letter is misleading as to what the USTR said. You knew they would do that. And they are in quite a tizzy [PDF] over the fact that Motorola continues to proceed in the German case, where it already got an injunction against Microsoft, which this Seattle judge purports to have the authority to block. However, Microsoft had already made a financial offer of royalties to Motorola in that case, and Motorola, to Microsoft's horror, accepted them. The rate is higher than what this Seattle judge set, so Microsoft has smoke coming out of its ears about how unfair it is that Motorola accepted its original offer. So Microsoft is asking [PDF] the court to "to renew and expand its anti-suit injunction to curtail Motorola's ongoing efforts in Germany to undercut the jurisdiction of this Court and to attempt to procure inconsistent rulings."

As for the judge, he's maybe starting to realize that some of his assumptions about FRAND requirements conflict with what the experts are now telling him. He expresses a measure of confusion about it in an order [PDF] on what the experts for both sides can tell the jury. Here's what he won't allow Motorola's experts to tell them: that being willing to negotiate is sufficient to meet a FRAND obligation. That contradicts what this judge has already ruled in this crazy case, so he doesn't like that, I suppose. The "reason" they can't say that to the jury is, he says, because he gets to decide what is or isn't a fulfillment of a RAND obligation, in that he's Da Law on Microsoft's obligations under Washington state law which he believes the world must go along with, Germany included. Experts can't opine on legal conclusions. However, Motorola has now informed him via this route that he's been getting some things seriously wrong on what FRAND obligations are and what good faith requires. Perhaps it will influence him. He says that the Motorola experts can input how the jury instructions read. I wouldn't put much faith in that if I were Motorola, and I gather they don't. This German prong is getting interesting, I must say.

Apple appeals from the final decision of the International Trade Commission (ITC) that the asserted claims of U.S. Patent No. 7,663,607 ('607 patent) are invalid and that Motorola does not infringe the asserted claims of U.S. Patent No. 7,812,828 ('828 patent). Apple challenges the ITC's claim construction and its determinations of obviousness, anticipation, and noninfringement. For the following reasons, we affirm-in-part, reverse-in-part, and vacate-in-part the ITC's decision and remand for further proceedings.

We remand so the ITC can consider that evidence in conjunc- tion with the evidence of secondary considerations and determine in the first instance whether claim 10 would have been obvious to one of skill in the art at the time of the invention....

We thus vacate the ITC's decision that Motorola does not infringe the '828 patent claims and remand the case to allow the ITC to consider in the first instance whether the accused products infringe under the correct construction of "mathematically fitting an ellipse."

The pardon, therefore, couldn't have been due to concern about patent hold-up, as was stated [PDF], since the ITC specifically found that Samsung had negotiated with Apple in good faith, had already licensed the '348 patent to over 30 companies, and that it was, in fact, Apple that illustrated the danger of reverse hold-up. Further, the opinion stated, Apple not only failed to prove that Samsung violated any FRAND obligation, it failed to establish even what they are. Further, Apple conceded in its ITC briefing that FRAND patent holders are not barred from seeking injunctions, and in fact since Apple argued to the ITC that the '348 patent was not really essential, this would mean that Samsung had no FRAND obligations, due to the wording of the ETSI terms.

So, it was a bit like the papal special dispensations of history, where the law said X, but you are let off the hook from having to keep it. That makes Apple's reported public response particularly offensive, when it said, "Samsung was wrong to abuse the patent system in this way." Samsung didn't abuse the patent system. It was, as you will see, exactly the opposite, according to the ITC Opinion. And while the President can do whatever he wishes regarding public policy, the ITC followed the statute, since it has no policy powers. In short, one unavoidably must conclude that if Samsung had been the US company and Apple the Korean one, there would have been no pardon. That's the bottom line, I'm afraid. As Jamie Love tweeted, "What Froman and USTR will now have to explain is why India and other countries can't also consider public interest in patent cases." As I'll show you, one of the things the ITC considered was public comments warning that changing the terms for FRAND patent owners would make sweeping changes to trade laws, and Korea has already registered its concerns. I'm all for reforming the patent system, as you know, but if you want to reform it, how about making it *more* fair, not less? Playing favorites based on country of origin doesn't aim for that noble goal. It's indisputable that this has harmed Samsung, and since the ITC, which examined the facts in detail, found it was the innocent party in this picture, what can be the justification for Apple's comment?

Release Notes: Initial public release.

Release Tags: Major, Alpha

Tags: jdbc, Java, Database development

Licenses: LGPL

Release Notes: The efl_class_retrunszero bundle now uses json input. The csvtojson utility was improved.

Tags: CFEngine, Configuration Management, System Administration, devops

Licenses: GPLv3

Release Notes: Initial Freecode announcement

Tags: file splitter, split, merge

Licenses: GNU General Public License version 3.0 (GPLv3)

Release Notes: Code is now formatted in the GNU "artistic" style. Multiple bugs were fixed. Sagan is much more efficient with memory. New "meta_content" and "meta_nocase" options were provided for multi-searching in a single rule. The "track_clients" processor was fixed and improved. Flowbit tracking 'by_src', 'by_dst', 'both', and 'none' were added for multiple line log support.

Tags: Syslog, windows events, snmp-trap

Licenses: GPLv2

Release Notes: A Ping command is now used rather than using the isReachable() method.

Tags: Networking, Monitoring

Licenses: Apache 2.0

Release Notes: Suriwire now uses the EVE file format created by Suricata 2.x instead of using the pcapinfo file. This allows you to add information about alerts and events coming from protocol decoding. For example, you can now get packets corresponding to a TLS where the certificate subject contains a substring.

Release Tags: Major

Tags: Security Analysis, wireshark, suricata

Licenses: GPLv3

Release Notes: Dynamic sortable, searchable grids were added. SQL can now be passed to the reportico engine without having to create a report. Bootstrap look and feel is now supported both in standalone mode and when embedded in bootstrap enabled Web pages. The NVD3 charting library was added. A new SQL command criteria option allows users to type in SQL. Dropdown menu and static menu arrays can be passed to the reportico engine to create configurable report menus. UI elements can now be configured for use as report control checkboxes, output buttons, etc. Various security updates were applied.

Tags: Reports, Database

Licenses: GPLv3

Release Notes: Evaluators now permit chaining of backoff algorithms. There are now annotators that allow for disambiguating the complete text collectively. There is now a weighted MFS baseline. The sense cluster evaluator now computes McNemar's test. The sense cluster evaluator now handles the case where there are multiple gold-standard senses, and includes undisambiguated instances in the confusion matrix. Bugs were fixed.

Tags: NLP, computational linguistics, word sense disambiguation, WSD

Licenses: GPLv3, Apache 2.0

Impressive remote ,a href="http://www.pcworld.com/article/3121999/security/researchers-demonstrate-remote-attack-against-tesla-model-s.html">hack of the Tesla Model S.

Details. Video.

The vulnerability is fixed.

Remember, a modern car isn't an automobile with a computer in it. It's a computer with four wheels and an engine. Actually, it's a distributed 20-400-computer system with four wheels and an engine.

Both are worth reading.

This is an interesting back-and-forth: initial post by Dave Aitel and Matt Tait, a reply by Mailyn Filder, a short reply by Aitel, and a reply to the reply by Filder.

"Periscope skimmers" are the most sophisticated kind of ATM skimmers. They are entirely inside the ATM, meaning they're impossible to notice.

They're been found in the US.

I got this video from PZ Myers's blog. I know absolutely nothing about it.

As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered.

Interesting:

Roughly three weeks later, there is a operation program available to crack ACBL hand records.

• Given three consecutive boards, all the remaining boards for that session can be determined.
• The program can be easily parallelized. This analysis can be finished while sessions are still running

this would permit the following type of attack:

• A confederate watch boards 1-3 of the USBF team trials on vugraph
• The confederate uses Amazon web services to crack all the rest of the boards for that session
• The confederate texts the hands to a players smart phone
• The player hits the head, whips out his smart phone, and ...

Research paper: "Security and Privacy Vulnerabilities of In-Car Wireless Networks: A Tire Pressure Monitoring System Case Study," by Ishtiaq Rouf, Rob Miller, Hossen Mustafa, Travis Taylor, Sangho Oh, Wenyuan Xu, Marco Gruteser, Wade Trapper, Ivan Seskar:

Abstract: Wireless networks are being integrated into the modern automobile. The security and privacy implications of such in-car networks, however, have are not well understood as their transmissions propagate beyond the confines of a car's body. To understand the risks associated with these wireless systems, this paper presents a privacy and security evaluation of wireless Tire Pressure Monitoring Systems using both laboratory experiments with isolated tire pressure sensor modules and experiments with a complete vehicle system. We show that eavesdropping is easily possible at a distance of roughly 40m from a passing vehicle. Further, reverse-engineering of the underlying protocols revealed static 32 bit identifiers and that messages can be easily triggered remotely, which raises privacy concerns as vehicles can be tracked through these identifiers. Further, current protocols do not employ authentication and vehicle implementations do not perform basic input validation, thereby allowing for remote spoofing of sensor messages. We validated this experimentally by triggering tire pressure warning messages in a moving vehicle from a customized software radio attack platform located in a nearby vehicle. Finally, the paper concludes with a set of recommendations for improving the privacy and security of tire pressure monitoring systems and other forthcoming in-car wireless sensor networks.

Remember the San Bernardino killer's iPhone, and how the FBI maintained that they couldn't get the encryption key without Apple providing them with a universal backdoor? Many of us computer-security experts said that they were wrong, and there were several possible techniques they could use. One of them was manually removing the flash chip from the phone, extracting the memory, and then running a brute-force attack without worrying about the phone deleting the key.

The FBI said it was impossible. We all said they were wrong. Now, Sergei Skorobogatov has proved them wrong. Here's his paper:

Abstract: This paper is a short summary of a real world mirroring attack on the Apple iPhone 5c passcode retry counter under iOS 9. This was achieved by desoldering the NAND Flash chip of a sample phone in order to physically access its connection to the SoC and partially reverse engineering its proprietary bus protocol. The process does not require any expensive and sophisticated equipment. All needed parts are low cost and were obtained from local electronics distributors. By using the described and successful hardware mirroring process it was possible to bypass the limit on passcode retry attempts. This is the first public demonstration of the working prototype and the real hardware mirroring process for iPhone 5c. Although the process can be improved, it is still a successful proof-of-concept project. Knowledge of the possibility of mirroring will definitely help in designing systems with better protection. Also some reliability issues related to the NAND memory allocation in iPhone 5c are revealed. Some future research directions are outlined in this paper and several possible countermeasures are suggested. We show that claims that iPhone 5c NAND mirroring was infeasible were ill-advised.

Susan Landau explains why this is important:

The moral of the story? It's not, as the FBI has been requesting, a bill to make it easier to access encrypted communications, as in the proposed revised Burr-Feinstein bill. Such "solutions" would make us less secure, not more so. Instead we need to increase law enforcement's capabilities to handle encrypted communications and devices. This will also take more funding as well as redirection of efforts. Increased security of our devices and simultaneous increased capabilities of law enforcement are the only sensible approach to a world where securing the bits, whether of health data, financial information, or private emails, has become of paramount importance.

Or: The FBI needs computer-security expertise, not backdoors.

Patrick Ball writes about the dangers of backdoors.