> y'all use a security focused memory allocator on your servers?
Sapotaceae, what's the point?
Sapotaceae
They can directly mitigate many forms of double free, use after free, write after free, and invalid free which are common vulnerabilities
kbt100has joined
moparisthebest
That's a strange way to write "RiiR"
Maranda[x]has left
nuegia.net
Sapotaceae, can yoou explain why those are problems?
nuegia.net
if i understand it correctly, this is memory leaking confidential data due to not zeroing before use correct?
nuegia.net
isn't it the program's fault for not deallocating memory after it's done with it not the memory allocator?
nuegia.net
any real world benefit from say, running prosody with glibc malloc vs ottomalloc?
wahxidizerhas left
snowhas left
nuegia.net
I tried changing the default malloc system-wide before
nuegia.net
on a linux system
nuegia.net
ended up with weird segmentation faults
nuegia.net
but most programs did accept a new malloc, and some had noticable performance improvements from sqitching say, qbittorrent from glibc malloc to jemalloc
nuegia.net
i know that openbsd uses ottomalloc system wide
nuegia.net
are there any security focused mallocs in the debian repositories?
nuegia.net
freebsd repositories?
karlhas left
croaxhas left
belonghas joined
Julianhas left
Julianhas joined
barlashas left
barlashas joined
antranigvhas left
nuegia.nethas left
nuegia.nethas joined
Calvinhas left
Calvinhas joined
kryptoshas left
nuegia.nethas left
nuegia.nethas joined
Calvinhas left
Ingolfhas left
Ingolfhas joined
earthlinghas joined
earthlinghas left
nuegia.nethas left
nuegia.nethas joined
dinosaurdynastyhas left
nuegia.nethas left
nuegia.nethas joined
nuegia.nethas left
dinosaurdynastyhas joined
karlhas joined
quantumwingshas left
quantumwingshas joined
nuegia.nethas joined
emushas joined
karlos_18has joined
jakobhas left
croaxhas joined
waelhas joined
Apfelstrudelhas joined
virāgahas joined
Chris Machas left
podhas joined
Chris Machas joined
croaxhas left
croaxhas joined
Apfelstrudelhas left
nicocohas joined
karlos_18has left
ernst.on.tourhas left
ernst.on.tourhas joined
p55shas left
p55shas joined
mhhas joined
John has left
Trunghas joined
Licaon_Kterhas left
Licaon_Kterhas joined
riau.snihas left
belonghas left
raverhas joined
John has joined
earthlinghas joined
earthlinghas left
SouLhas joined
ernst.on.tourhas left
ibikkhas joined
John has left
kikuchiyohas left
Menelhas left
Menelhas joined
ernst.on.tourhas joined
catchyhas joined
virāgahas left
nuegia.net
libhardenedmallouc has little effect on increasing prosody's memory usage
nuegia.net
my guess is that's probably because prosody doesn't make a bunch of small allocations
nuegia.net
but on other things like gettys it brings the resident usage from less than 1mb to 2-3 mb
nuegia.net
also interesting is that every process hardenedmalloc is used with reports a 12T virtual memory usage
kikuchiyohas joined
mhhas left
Apfelstrudelhas joined
mhhas joined
Ian Blashas left
marc0shas left
marc0shas joined
Ian Blashas joined
test1has joined
test1has left
test1has joined
albertohas joined
riau.snihas joined
writer77has joined
mhhas left
mhhas joined
p42ityhas joined
mhhas left
waelhas left
waelhas joined
mhhas joined
virāgahas joined
Ian Blashas left
marc0shas left
Ian Blashas joined
marc0shas joined
dominionhas joined
homebeachhas left
homebeachhas joined
xsohas left
savagepeanuthas left
xihas left
nuegia.nethas left
schäfchen726has joined
Ian Blashas left
nuegia.nethas joined
Ian Blashas joined
barlashas left
riau.snihas left
savagepeanuthas joined
msavoritiashas joined
jakobhas joined
froghas joined
karimhas left
karimhas joined
حمزه عمرhas joined
froghas left
froghas joined
neoxhas joined
riau.snihas joined
test1has left
wahxidizerhas joined
marc0shas left
marc0shas joined
miruxhas joined
karimhas left
barlashas joined
jchas joined
Sapotaceaehas left
albertohas left
Sapotaceaehas joined
karimhas joined
karimhas left
karimhas joined
marc0shas left
marc0shas joined
karimhas left
karimhas joined
karimhas left
karimhas joined
riau.snihas left
greyhas left
greyhas joined
test1has joined
eevvoorhas joined
huxxerhas joined
*IM*has joined
marc0shas left
marc0shas joined
marc0shas left
belonghas joined
marc0shas joined
fireburnerhas left
fireburnerhas joined
marc0shas left
marc0shas joined
albertohas joined
marc0shas left
marc0shas joined
catchyhas left
catchyhas joined
hotaruhas left
hotaruhas joined
marc0shas left
marc0shas joined
barlashas left
marc0shas left
marc0shas joined
belonghas left
riau.snihas joined
catchyhas left
catchyhas joined
karimhas left
marc0shas left
marc0shas joined
karimhas joined
ilmaisin_has joined
karimhas left
karimhas joined
barlashas joined
belonghas joined
karimhas left
karimhas joined
marc0shas left
marc0shas joined
karimhas left
karimhas joined
test1has left
Apfelstrudelhas left
test1has joined
heartyhas left
Link Mauve
moparisthebest, weird segmentation faults are exactly the goal, when a (C) program is not using the allocated memory correctly, instead of silently continuing operations in a corrupted state or potentially leaking data, it will crash properly.
karimhas left
test1has left
test1has joined
karimhas joined
kapadhas joined
Link Mauve
nuegia.net, *
nuegia.net
I understand
karimhas left
Alberthas joined
nuegia.net
thankyou
riau.snihas left
nicocohas left
nicocohas joined
karimhas joined
Link Mauve
Of course, once you get a segfault, you should investigate into it, debug out why it happens and in which situation, and then report it or even fix it.
wurstsalathas joined
Link Mauve
Similar to asan, ubsan, valgrind, etc., it can be a tool which helps make fewer C mistakes.
Ian Blashas left
marc0shas left
marc0shas joined
homebeachhas left
homebeachhas joined
heartyhas joined
حمزه عمرhas left
mhhas left
karimhas left
karimhas joined
Ian Blashas joined
schäfchen726has left
schäfchen726has joined
p42ityhas left
karimhas left
karimhas joined
karimhas left
karimhas joined
nuegia.net
I'll be testing libhardened_malloc with prosody and biboumi
nuegia.net
If anybody is interested in the results let me know
karmehas joined
balabol.imhas joined
Link Mauve
The devs of these two projects most likely.
froghas left
*IM*has left
miruxhas left
miruxhas joined
karimhas left
karimhas joined
wurstsalathas left
wurstsalathas joined
riau.snihas joined
SJMhas joined
p42ityhas joined
catchyhas left
catchyhas joined
musaab22has joined
musaab22
A
musaab22
N
musaab22has left
Ian Blashas left
Ian Blashas joined
xsohas joined
catchyhas left
catchyhas joined
Menel
That was informative 🙂
(well not the last two posts)
marc0shas left
marc0shas joined
marc0shas left
marc0shas joined
p42ityhas left
opensourcedhas left
riau.snihas left
opensourcedhas joined
Alberthas left
marc0shas left
marc0shas joined
Mario Sabatinohas joined
riau.snihas joined
marc0shas left
Ian Blashas left
marc0shas joined
schäfchen726has left
marc0shas left
marc0shas joined
schäfchen726has joined
marc0shas left
marc0shas joined
mightyBroccolihas joined
Ian Blashas joined
miruxhas left
miruxhas joined
mhhas joined
karlos_18has joined
froghas joined
mhhas left
mhhas joined
jl4has joined
p42ityhas joined
schäfchen726has left
schäfchen726has joined
opensourcedhas left
opensourcedhas joined
Guushas joined
Guus
Have others noticed a recent uptake in spam?
karlos_18has left
briesthas left
briesthas joined
MattJ
No, what kind of spam?
Guus
short messages that appear to poll for activity
MattJ
I had one message recently asking if I was free for a chat. It wasn't clearly spam, but it wasn't clearly not, so I just ignored it
Guus
from accounts on xmpp.jp, jabber.de, im.apinc.org, yourdata.forsale, 0day.im, for a cursory look.
MattJ
Haven't received anything else
schäfchen726has left
schäfchen726has joined
Guus
The spam run very clearly started on October 20
Guus
is jabber.de operated by someone that we know in the community?
Link Mauve
Guus, im.apinc.org is handled by us, could you give me (in private perhaps) the list of JIDs that have been spamming you?
ricciohas left
opensourcedhas left
Link Mauve
Now and in the future, any spam message originating from our domains is an instant ban.
Guus
will do, tx
ricciohas joined
opensourcedhas joined
Ge0rGchecks server logs for spam
nuegia.net
i've not had that spam but I have had russian bots asking for a job
nuegia.net
and just repeating the same sentence in russian over and over again in mucs
msavoritias
Happened in some of mu mucs here too. And still happening as of this morning
nuegia.net
msavoritias, what domain is it coming from?
JonNJhas left
JonNJhas joined
Alberthas joined
Silvio Titzmannhas left
Silvio Titzmannhas joined
virāgahas left
msavoritias
The one from a few days ago conversations.im
Not sure about the one today. Not a mod there
Ge0rG
My #1 ingress spam domain is chinwag.im but it's got the most messages per flagged account
Ge0rG
exploit.im has the most bots, with 1 message each
Ge0rG
but it doesn't look like more spam than earlier, total 13k spam messages in the last 2 weeks
JonNJhas left
JonNJhas joined
p42ityhas left
nuegia.net
I wonder if the people spamming realize how much time it takes out of all of us and how visible they are
nuegia.net
when we have these 'waves' to deal with
Guus
chinwag is on my list too.
gooyahas joined
emus
The admin has been contacted? hes from australia and should be reachable
nuegia.net
the emus are currently fighing over him between the spiders
emus
^^
emus
neat
Guus
emus, can you send me his contact details?
nuegia.net
Never underestimate an Emu. You Will Lose. https://en.wikipedia.org/wiki/Emu_War
mhhas left
Ian Blashas left
Ian Blashas joined
emus
Done!
belonghas left
mhhas joined
Ge0rG
nuegia.net: that's called an "externality" in economic theory.
nuegia.net
XD
Guus
This is a list of domains that I received spam from, for which I don't have admin contacts. If anyone recognizes a domain as their own (or knows how to get in contact with an admin), I appreciate a message. https://pastebin.com/Y0XjUW9a
mikehas joined
JonNJhas left
emus
blabber.im should be offline
mhhas left
Licaon_Kter
Guus: 404.city admin was here yesterday, as usual to complain on something that was not "perfect"
creep.im admin was around, I can try and ping them if you PM me some accounts that spammed
mike
Hey folks, this is weird I've been showing as connected to operators but seen no messages since October 28. If anyone's got a list of Chinwag accounts dropping spam please mail it to admin@chinwag.im and I'll nuke them immediately
Licaon_Kterhas left
Guus
mike, I just sent you a subscription request
mike
I had a few that I spotted a while back that activated and started spamming, they were all registered back in 2018. I figured someone was burning old reserves and had run out
Licaon_Kterhas joined
emus
Guus: possibly wrong ID
msavoritias
404 also says this email for abuse support@404.city
msavoritias
5 of july is this info@5july.org
mhhas joined
mike
My published abuse contact info should show mailto:admin@chinwag.im I do monitor that.
Licaon_Kterhas left
Licaon_Kterhas joined
xutaxkamayhas joined
p42ityhas joined
schäfchen726has left
schäfchen726has joined
kbt100has left
msavoritias
Interesting that there is even the CCC xmpp server in there
p42ityhas left
emus
msavoritias: but the ccc server is a probllem for years alreaady
Alberthas left
msavoritias
Ah wasnt aware 😅
riau.snihas left
Guus
Oh, I messed up a timestamp when generating that list of offending domains. The still have accounts that spam, but I didn't limit that to the last 2 weeks or so.
Guus
This is the list of domains that had accounts that _recently_ spammed: https://pastebin.com/Wc8S6iFD
mike
Yeah confirmed at least one more reactivated that's been dormant since 2018. This spammer is very patient.
p42ityhas joined
Alberthas joined
Guus
I'm guessing that there are lists of credentials for accounts-to-be-used-for-spam floating around.
Link Mauve
For sure.
mhhas left
riau.snihas joined
Licaon_Kter
mike: no yearly cleanup of inactive accounts?
marc0shas left
marc0shas joined
mike
Not if they have ever been used. I only sweep registered but never logged into.
mike
If someone only has something to say every ten years, that's fine. Given there's rarely any way to contact out of band and warn of upcoming deletion I'm very adverse to it.
MattJ
Actually deleting accounts is problematic anyway, better to lock or tombstone them