| --- Log opened Tue Aug 14 00:00:17 2018 |
| 00:44 | | Derakon_ is now known as Derakon |
| 00:44 | | mode/#code [+ao Derakon Derakon] by ChanServ |
| 00:45 | | celticminstrel [celticminst@Nightstar-v1qb0r.dsl.bell.ca] has joined #code |
| 00:45 | | mode/#code [+o celticminstrel] by ChanServ |
| 01:24 | | Degi [Degi@Nightstar-k1ui9r.dyn.telefonica.de] has quit [Connection closed] |
| 01:36 | | Vornicus [Vorn@ServerAdministrator.Nightstar.Net] has quit [Ping timeout: 121 seconds] |
| 01:40 | | mac [macdjord@Nightstar-grpbnp.mc.videotron.ca] has joined #code |
| 01:40 | | mode/#code [+o mac] by ChanServ |
| 01:43 | | macdjord|slep [macdjord@Nightstar-grpbnp.mc.videotron.ca] has quit [Ping timeout: 121 seconds] |
| 02:27 | <&McMartin> | https://twitter.com/willkirkby/status/1028682822956007427 |
| 02:27 | <&McMartin> | Checks out |
| 03:58 | | macdjord|slep [macdjord@Nightstar-grpbnp.mc.videotron.ca] has joined #code |
| 03:58 | | mode/#code [+o macdjord|slep] by ChanServ |
| 04:01 | | mac [macdjord@Nightstar-grpbnp.mc.videotron.ca] has quit [Ping timeout: 121 seconds] |
| 04:42 | | celticminstrel [celticminst@Nightstar-v1qb0r.dsl.bell.ca] has quit [[NS] Quit: And lo! The computer falls into a deep sleep, to awake again some other day!] |
| 04:44 | | celticminstrel [celticminst@Nightstar-v1qb0r.dsl.bell.ca] has joined #code |
| 04:44 | | mode/#code [+o celticminstrel] by ChanServ |
| 04:46 | | celticminstrel [celticminst@Nightstar-v1qb0r.dsl.bell.ca] has quit [[NS] Quit: And lo! The computer falls into a deep sleep, to awake again some other day!] |
| 04:52 | <&Derakon> | Kickstarter update from Jeff Vogel, of Spiderweb Software: "On the technical side, we spent a while porting our code to a new, powerful game engine called SDL." |
| 04:52 | | * Derakon cries quietly. |
| 04:52 | <&Derakon> | I wrote a game using SDL in 2003. |
| 04:55 | < Mahal> | ....... |
| 04:55 | < Mahal> | I hope he was being ironic |
| 04:55 | < Mahal> | but |
| 04:56 | <&Derakon> | From what I've seen when he pulls back the veil, he's really not interested in learning more about software development if he doesn't have to. |
| 04:56 | <&Derakon> | He got his degree in the early 90's IIRC and is quite happy to continue writing C code for the rest of his life. |
| 05:03 | | Derakon is now known as Derakon[AFK] |
| 05:12 | <&McMartin> | ... I wonder if that's SDL2 |
| 05:12 | <&McMartin> | Which is of more recent vintage |
| 05:12 | <&McMartin> | And also actually qualifies as "powerful" by modern standards~ |
| 05:20 | <&McMartin> | ... oh nice |
| 05:21 | | * McMartin fiddles with Atari 2600 playfields, manages to get a Really Quite Acceptable board display out of it. |
| 05:21 | <&McMartin> | That's better than I could have hoped for, tbh |
| 06:40 | | Vornicus [Vorn@Nightstar-sjaki9.res.rr.com] has joined #code |
| 06:40 | | mode/#code [+qo Vornicus Vornicus] by ChanServ |
| 07:11 | | Vornicus [Vorn@Nightstar-sjaki9.res.rr.com] has quit [Ping timeout: 121 seconds] |
| 07:18 | | Vornicus [Vorn@Nightstar-sjaki9.res.rr.com] has joined #code |
| 07:18 | | mode/#code [+qo Vornicus Vornicus] by ChanServ |
| 07:23 | | Vornicus [Vorn@Nightstar-sjaki9.res.rr.com] has quit [Ping timeout: 121 seconds] |
| 07:29 | | Vorntastic [uid293981@Nightstar-6br85t.irccloud.com] has joined #code |
| 07:29 | | mode/#code [+qo Vorntastic Vorntastic] by ChanServ |
| 07:37 | | himi [sjjf@Nightstar-1drtbs.anu.edu.au] has quit [Ping timeout: 121 seconds] |
| 09:44 | | Degi [Degi@Nightstar-hltc4r.dyn.telefonica.de] has joined #code |
| 10:00 | | Degi [Degi@Nightstar-hltc4r.dyn.telefonica.de] has quit [Connection closed] |
| 11:03 | | Kindamoody[zZz] is now known as Kindamoody |
| 12:08 | | Vornicus [Vorn@ServerAdministrator.Nightstar.Net] has joined #code |
| 12:08 | | mode/#code [+qo Vornicus Vornicus] by ChanServ |
| 12:13 | | * TheWatcher ughs, goes through ALL THE TEMPLATES switching them over from Float grid to XY Grid |
| 14:29 | | Degi [Degi@Nightstar-hltc4r.dyn.telefonica.de] has joined #code |
| 14:37 | <&ToxicFrog> | I also wouldn't really call SDL (1 or 2) a "game engine", although it's something you can write a game engine with. |
| 15:47 | | Vornicus [Vorn@ServerAdministrator.Nightstar.Net] has quit [Ping timeout: 121 seconds] |
| 16:29 | | Kindamoody is now known as Kindamoody|afk |
| 16:29 | | mac [macdjord@Nightstar-grpbnp.mc.videotron.ca] has joined #code |
| 16:29 | | mode/#code [+o mac] by ChanServ |
| 16:31 | | Vorntastic [uid293981@Nightstar-6br85t.irccloud.com] has quit [[NS] Quit: Connection closed for inactivity] |
| 16:32 | | macdjord|slep [macdjord@Nightstar-grpbnp.mc.videotron.ca] has quit [Ping timeout: 121 seconds] |
| 19:14 | <&McMartin> | Ah, we've got our next major security bug, albeit only in Intel chips so new none of the machines I own even have the features in them |
| 19:14 | <&McMartin> | https://foreshadowattack.eu/ |
| 19:15 | <&McMartin> | ToxicFrog: Given the level from which Spiderweb seems to operate, I daresay SDL *will* count as a game engine to him |
| 19:16 | <&ToxicFrog> | Fair |
| 19:19 | <&McMartin> | And given how up-to-speed he is on things I have a sinking feeling it *might* be SDL1.x |
| 19:22 | <&ToxicFrog> | So basically I can look forward to another generation of Spiderweb games that don't work right on modern displays~ |
| 19:22 | <&McMartin> | That is precisely the sinking feeling, yes~ |
| 19:31 | <&McMartin> | Laughing harder than I should at https://github.com/xoreaxeaxeax/REpsych |
| 19:37 | <&ToxicFrog> | there's too many eaxes in that handle |
| 19:40 | <&McMartin> | I believe some assemblers let you pretend to three-address code if it's secretly two-address. |
| 19:42 | <&ToxicFrog> | Ok, finished reading the presentation. That's pretty great. |
| 19:42 | <&ToxicFrog> | I now see that that's the same person who wrote movfuscator, which surprises me not at all |
| 19:44 | <&McMartin> | Yeah, he's on my list to check in on every so often to see what he got up to |
| 19:44 | <&McMartin> | He has a bunch of similar *fuscators now, and also found an undoc instruction in some Via x86 clones that just apparently puts you in kernel mode no questions asked |
| 19:45 | <&McMartin> | DEFCON week is always a bit harrowing |
| 19:53 | | Vornicus [Vorn@ServerAdministrator.Nightstar.Net] has joined #code |
| 19:53 | | mode/#code [+qo Vornicus Vornicus] by ChanServ |
| 20:02 | <&ToxicFrog> | it what |
| 20:03 | <&McMartin> | https://media.defcon.org/DEF%20CON%2026/DEF%20CON%2026%20presentations/Christopher%20Domas/DEFCON-26-Christopher-Domas-GOD-MODE-%20UNLOCKED-hardware-backdoors-in-x86-CPUs.pdf apparently |
| 20:05 | <&ToxicFrog> | Wait what the FUCK |
| 20:05 | <&ToxicFrog> | Am I reading slide 10 properly? |
| 20:05 | <&ToxicFrog> | Is this a excerpt from a patent filing that basically says "yes, there are hardware backdoors that completely violate the processor's security model, but we haven't documented them so it's cool"? |
| 20:05 | <&McMartin> | That this was published in patent documents for that company's implementation of the IA32 arch/ |
| 20:06 | <&McMartin> | Yes |
| 20:06 | <&McMartin> | That's Via, I think, not Intel, mind you |
| 20:06 | <&McMartin> | The "we haven't documented them so that's cool" is "the fact that we aren't publishing it shouldn't be a reason to not grant the patent", where "patent" as you may recall is "because you publish all the details' |
| 20:07 | <&ToxicFrog> | Right, I got that bit |
| 20:07 | <&ToxicFrog> | I'm just baffled that the developers of the processor in question thought that was a good idea |
| 20:07 | <&ToxicFrog> | Because the presence of that text means they know what they did |
| 20:09 | <&McMartin> | Yes |
| 20:10 | <&McMartin> | Though I get the impression that hardware designers will take that in the same stried as "Intel knew what it did when it designed in Spectre 30 years ago", but that may be me making high assumptions on tunnel vision |
| 20:11 | <&ToxicFrog> | AIUI Spectre was an unforseen side effect of a common optimization while this is literally "we put the key under the mat" |
| 20:17 | <&McMartin> | There's something more to this than that, I think |
| 20:17 | <&McMartin> | I'm at slide 55 now and he's talking about switching ISAs |
| 20:18 | <&ToxicFrog> | Finished the presentation. For this specific case, it's not as bad as it sounds at first glance; not all processors in this family have GOD_MODE set by default, and if it's not set you need ring0 to enable it in the first place. And this family is aimed at embedded systems, so you need some kind of RCE/ACE attack that lets you get code on them in the first place. |
| 20:18 | <&ToxicFrog> | The tl;dr is that this processor has a RISC coprocessor with full read/write access to the x86 registers and no security checks, and if the GOD_MODE MSR bit is set a new x86 instruction becomes available for "send this code to the RISC core and execute it there" |
| 20:19 | <&ToxicFrog> | And the instruction in question is available in ring3 |
| 20:20 | <&ToxicFrog> | So it then becomes trivial to write a payload that contains a bit of shellcode and runs code on the RISC processor to point EIP at it. |
| 20:22 | <&McMartin> | Also am i reading this correctly that this chip will run x86, x86_64, and ARM32 binaries |
| 20:28 | | Kindamoody|afk is now known as Kindamoody |
| 20:30 | | Vash [Vash@Nightstar-sjaki9.res.rr.com] has joined #code |
| 21:41 | | Vash [Vash@Nightstar-sjaki9.res.rr.com] has quit [[NS] Quit: Quit] |
| 22:25 | <&[R]> | Gotta freaking love hidden settings |
| 22:26 | <&[R]> | Windows has one where no matter what after 2 minutes it'll go to sleep if you don't do anything |
| 22:26 | <&[R]> | Which kills any active connections (like file transfers) |
| 22:26 | <&[R]> | I've had it do that while I was reading something on screen |
| 22:27 | <&[R]> | Then it's 15 seconds + a login to actually use the computer again |
| 22:27 | <&[R]> | Had to edit the registry to make the option appear |
| 22:35 | | Derakon[AFK] is now known as Derakon |
| 22:48 | < Mahal> | IME that only applies if you're on battery on certain win10 devices. |
| 22:48 | < Mahal> | if you're on power it shouldn't happen. |
| 23:35 | | himi [sjjf@Nightstar-1drtbs.anu.edu.au] has joined #code |
| 23:35 | | mode/#code [+o himi] by ChanServ |
| 23:49 | | Kindamoody is now known as Kindamoody[zZz] |
| --- Log closed Wed Aug 15 00:00:18 2018 |