June 2018 - Admin - Freifunk Nordwest

srv who is who - key fingerprint
by picard 20 Jan '24

20 Jan '24

moin, beim login auf den srv01 passierte heute # ssh srv01 @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! Someone could be eavesdropping on you right now (man-in-the-middle attack)! It is also possible that a host key has just been changed. The fingerprint for the RSA key sent by the remote host is SHA256:LX0xpviTs3pSYWtibqspcjoqDDxrkzA1kw0F+4ZmXps. Please contact your system administrator. was ist hier los? The authenticity of host 'srv01.ffnw.de (37.120.176.207)' can't be established. RSA key fingerprint is SHA256:LX0xpviTs3pSYWtibqspcjoqDDxrkzA1kw0F+4ZmXps. RSA key fingerprint is MD5:97:7f:f3:b0:7f:57:04:d1:96:15:7f:eb:bc:de:17:6e. es macht sinn das man weiss das man sich auf den richtigen srv verbindet, wieso hat sich was am key geändert? wo stehen die fingerprints zum vergleichen? -- Freifunk Gruß pic Www: https://fr32k.de Xmpp: picard(a)fr32k.de & picard(a)ffnw.de Keybase: https://keybase.io/picard -- Gruß pic Xmpp: picard(a)ffnw.de & picard(a)fr32k.de @ME https://wiki.nordwest.freifunk.net/picard

5 6

Re: warning domainDnsCheck freifunk-ol.de [Ticket#982224]
by Vorstand Freifunk Nordwest e.V. 30 Jun '18

30 Jun '18

FYI ---Begin forwarded message:--- > Für die von Ihnen benannte Domain > > [1] FREIFUNK-OL.DE > > konnten die von Ihnen benannten Nameserver nicht eingetragen werden. > > Falls die Domain neu registriert wurde haben wir vorübergehend Nameserver eingetragen. > Um eine Löschung durch die Registry zu vermeiden. Bei einem Transfer bleiben die > Nameserver, die vor dem Transfer eingetragen waren, erhalten. > > Das System wird periodisch versuchen die durch Sie benannten Nameserver einzutragen. > Falls Sie eigene Nameserver verwenden: Bitte prüfen Sie, dass die Domain > in diesen korrekt eingerichtet wurde. > > Sollten Sie andere Nameserver als die im Partnersystem hinterlegten eintragen wollen > können Sie per Update über das Partnersystem Änderungen vornehmen. > > Bitte beachten Sie folgende Informationen die bei der Verarbeitung aufgetreten sind: > The nameserver validation by supplier failed: ERROR: 901 Unexpected RCODE (target, entity, RCODE) ([2] ns3.hosting.de./2a03:2902:3:1:0:0:0:2:53, [3] freifunk-ol.de, REFUSED) > The nameserver validation by supplier failed: ERROR: 901 Unexpected RCODE (target, entity, RCODE) ([4] ns3.hosting.de./194.126.196.2:53, [5] freifunk-ol.de, REFUSED) > > -!-!-!-!-!-!-!-!-!-!-!-!-!-!-!-!-!-!-!-!-!-!-!-!-!-!-!- > > { > "domainNameAce": "[6] freifunk-ol.de", > "domainNameUnicode": "[7] freifunk-ol.de", > "errors": [ > ], > "handle": null, > "metadata": { > "clientTransactionId": "", > "customer": "180623345909096", > "owner": "180623345909096", > "serverTransactionId": "20180625212516572-domainrobot-robots1-12268-0" > }, > "pollId": 1878141, > "status": "warning", > "type": "domainDnsCheck", > "warnings": [ > { > "code": 34007, > "context": "[8] freifunk-ol.de", > "details": [ > { > "key": "originalError", > "value": "ERROR: 901 Unexpected RCODE (target, entity, RCODE) ([9] ns3.hosting.de./2a03:2902:3:1:0:0:0:2:53, [10] freifunk-ol.de, REFUSED)" > } > ], > "text": "The nameserver validation by supplier failed: ERROR: 901 Unexpected RCODE (target, entity, RCODE) ([11] ns3.hosting.de./2a03:2902:3:1:0:0:0:2:53, [12] freifunk-ol.de, REFUSED)" > }, > { > "code": 34007, > "context": "[13] freifunk-ol.de", > "details": [ > { > "key": "originalError", > "value": "ERROR: 901 Unexpected RCODE (target, entity, RCODE) ([14] ns3.hosting.de./194.126.196.2:53, [15] freifunk-ol.de, REFUSED)" > } > ], > "text": "The nameserver validation by supplier failed: ERROR: 901 Unexpected RCODE (target, entity, RCODE) ([16] ns3.hosting.de./194.126.196.2:53, [17] freifunk-ol.de, REFUSED)" > } > ] > } [1] http://FREIFUNK-OL.DE [2] http://ns3.hosting.de [3] http://freifunk-ol.de [4] http://ns3.hosting.de [5] http://freifunk-ol.de [6] http://freifunk-ol.de [7] http://freifunk-ol.de [8] http://freifunk-ol.de [9] http://ns3.hosting.de [10] http://freifunk-ol.de [11] http://ns3.hosting.de [12] http://freifunk-ol.de [13] http://freifunk-ol.de [14] http://ns3.hosting.de [15] http://freifunk-ol.de [16] http://ns3.hosting.de [17] http://freifunk-ol.de

1 0

Victory in Carpenter
by EFFector List 28 Jun '18

28 Jun '18

_______ _______ _______ (_______)(_______)(_______) _ _____ _____ _____ _____ ____ _| |_ ___ ____ | ___) | ___) | ___)| ___ | / ___)(_ _)/ _ \ / ___) | |_____ | | | | | ____|( (___ | |_| |_| || | |_______)|_| |_| |_____) \____) \__)\___/ |_| EFFector Vol. 31, No. 10 Thursday, June 28, 2018 editor(a)eff.org A Publication of the Electronic Frontier Foundation ISSN 1062-9424 effector: n, Computer Sci. A device for producing a desired change. : . : . : . : . : . : . : . : . : . : . : . : . : . : . : In our 736th issue: * Victory! Supreme Court Says Fourth Amendment Applies to Cell Phone Tracking The Supreme Court handed down a landmark opinion [1] in Carpenter v. United States last week, ruling 5-4 that the Fourth Amendment protects cell phone location information. In an opinion by Chief Justice Roberts, the court recognized that location information—collected by cell providers like Sprint, AT&T, and Verizon—creates a "detailed chronicle of a person's physical presence compiled every day, every moment over years." As a result, police must now get a warrant before obtaining this data. Perhaps the most significant part of the ruling is its explicit recognition that individuals can maintain an expectation of privacy in information that they provide to third parties. The court termed that a "rare" case, but it’s clear that other invasive surveillance technologies, particularly those that can track individuals through physical space, are now ripe for challenge in light of Carpenter. Expect to see much more litigation on this subject from EFF and our friends. [1] https://www.eff.org/document/carpenter-v-united-states-supreme-court-opinion Read more: https://www.eff.org/deeplinks/2018/06/victory-supreme-court-says-fourth-ame… * Announcing STARTTLS Everywhere: Securing Hop-to-Hop Email Delivery We're announcing the launch of STARTTLS Everywhere [1], EFF's initiative to improve the security of the email ecosystem. Thanks to previous EFF efforts like Let's Encrypt [2], and Certbot [3], as well as help from the major web browsers, we've seen significant [4] wins [5] in encrypting the web [6]. Now we want to do for email what we've done for web browsing: make it simple and easy for everyone to help ensure their communications aren't vulnerable to mass surveillance. STARTTLS is an addition to SMTP, which allows one email server to say to the other, "I want to deliver this email to you over an encrypted communications channel." The recipient email server can then say "Sure! Let’s negotiate an encrypted communications channel." The two servers then set up the channel and the email is delivered securely, so that anybody listening in on their traffic only sees encrypted data. In other words, network observers gobbling up worldwide information from Internet backbone access points (like the NSA or other governments) won't be able to see the contents of messages while they're in transit, and will need to use more targeted, low-volume methods. STARTTLS Everywhere provides software that a sysadmin can run on an email server to automatically get a valid certificate from Let's Encrypt [7]. This software can also configure their email server software so that it uses STARTTLS, and presents the valid certificate to other email servers. Finally, STARTTLS Everywhere includes a "preload list" of email servers that have promised to support STARTTLS, which can help detect downgrade attacks. The net result: more secure email, and less mass surveillance. [1] https://starttls-everywhere.org [2] https://letsencrypt.org/ [3] https://certbot.eff.org/ [4] https://www.eff.org/deeplinks/2018/02/lets-encrypt-hits-50-million-active-c… [5] https://www.eff.org/deeplinks/2017/12/tipping-scales-https [6] https://www.eff.org/encrypt-the-web [7] https://letsencrypt.org/ Read more: https://www.eff.org/deeplinks/2018/06/announcing-starttls-everywhere-securi… : . : . : . : . : . : . : . : . : . : . : . : . : . : . : EFF Updates * After More Than a Decade of Litigation, the Dancing Baby Has Done His Part to Strengthen Fair Use for Everyone It all started when Stephanie Lenz posted a YouTube video of her then-toddler-aged son dancing while Prince's song "Let's Go Crazy" played in the background, and Universal used copyright claims to get the link disabled. We brought the case hoping to get some clarity from the courts on a simple but important issue: can a rightsholder use the Digital Millennium Copyright Act to take down an obvious fair use, without consequence? The U.S. Court of Appeals for the Ninth Circuit held that the DMCA requires a rightsholder to consider whether the uses she targets in a DMCA notice are actually lawful under the fair use doctrine. However, the court also held that a rightsholder's determination on that question passes muster as long as she subjectively believes it to be true. This leads to a virtually incoherent result: a rightsholder must consider fair use, but has no incentive to actually learn what such a consideration should entail. After all, if she doesn't know what the fair use factors are, she can't be held liable for not applying them thoughtfully. Thanks to the Lenz decision, courts will be more likely to think of fair use, correctly, as a crucial vehicle for achieving the real purpose of copyright law: to promote the public interest in creativity and innovation. And rightsholders are on notice: they must at least consider fair use before sending a takedown notice. After the Supreme Court denied petitions to consider the Ninth Circuit's ruling, the case returned to the district court for trial on the question of whether Universal's takedown was a misrepresentation under the Ninth Circuit's subjective standard. Rather than go to trial, the parties have agreed to a settlement. https://www.eff.org/deeplinks/2018/06/after-more-decade-litigation-dancing-… * Volkswagen Claims Ownership of an Entire Group of Insects Using word searches to find infringement is a bad way to go about things. It is likely why Volkswagen filed three takedown requests on art of beetles. Not Beetles with four wheels and headlights. Beetles with six legs and hard, shiny carapaces. For the record, Volkswagen holds no rights to literal bugs. https://kittens.eff.org/takedowns/volkswagen-claims-ownership-entire-group-… * Happy Birthday Alice: Four Years Busting Software Patents This year marks the fourth anniversary of the Supreme Court's decision in Alice v. CLS Bank [1]. In Alice, the court ruled [2] that an abstract idea does not become eligible for a patent simply by being implemented on a generic computer. Now that four years have passed, we know the case's impact: bad patents went down, and software innovation went up. Lower courts have applied /Alice /to throw out a rogues' gallery of abstract software patents. Counting both federal courts and the Patent Trial and Appeal Board, there are more than 400 decisions [3] finding patent claims invalid under /Alice/. These include rulings invalidating patents on playing bingo [4] on a computer, computerized meal plans [5], updating games [6], and many more. Some of these patents had been asserted by patent trolls dozens [7] or even hundreds [8] of times. A single ruling threw out 168 cases [9] where a troll claimed that companies infringed a patent on the idea of storing and labeling information. [1] https://www.eff.org/alice [2] https://www.eff.org/deeplinks/2014/06/bad-day-bad-patents-supreme-court-una… [3] https://www.fenwick.com/pages/post-alice.aspx [4] https://www.bitlaw.com/source/cases/patent/Planet_Bingo.html [5] https://scholar.google.com/scholar_case?case=9253138216371985141 [6] https://www.eff.org/document/white-knuckle-v-ea-dismissal-order [7] https://www.eff.org/alice/startup-runs-patent-picture-menus [8] https://www.eff.org/alice/bike-gear-company-nearly-run-over-patent-troll [9] https://arstechnica.com/tech-policy/2015/10/east-texas-judge-throws-out-168… https://www.eff.org/deeplinks/2018/06/happy-birthday-alice-four-years-busti… * The GDPR and Browser Fingerprinting: How It Changes the Game for the Sneakiest Web Trackers **Browser fingerprinting is on a collision course with privacy regulations. Compared to more well-known tracking “cookies,” browser fingerprinting is trickier for users and browser extensions to combat: websites can do it without detection, and it's very difficult to modify browsers so that they are less vulnerable to it. As cookies have become more visible and easier to block, companies have been increasingly tempted to turn to sneakier fingerprinting techniques. But companies also have to obey the law. And for residents of the European Union, the General Data Protection Regulation (GDPR), which entered into force on May 25th, is intended to cover exactly this kind of covert data collection. The EU has also begun the process of updating its ePrivacy Directive, best known for its mandate that websites must warn you about any cookies they are using. If you've ever seen a message asking you to approve a site's cookie use, that's likely based on this earlier Europe-wide law. This leads to a key question: Will the GDPR require companies to make fingerprinting as visible to users as the original ePrivacy Directive required them to make cookies? The answer, in short, is yes. Where the purpose of fingerprinting is tracking people, it will constitute “personal data processing” and will be covered by the GDPR. https://www.eff.org/deeplinks/2018/06/gdpr-and-browser-fingerprinting-how-i… * Border Spy Tech Shouldn't Be a Requirement for a Path to Citizenship The Border Security and Immigration Reform Act (H.R. 6136 [1]), introduced before Congress last week, would offer immigrants a new path to citizenship in exchange for increased high tech government surveillance of citizens and immigrants alike. The bill calls for increased DNA and other biometric screening, updated automatic license plate readers, and expanded social media snooping. It also asks for 24 hours-a-day, five-days-a-week drone surveillance along the southern U.S. border. This bill would give the U.S. Department of Homeland Security broad authority to spy on millions of individuals who live and work as far as 100 miles away from a U.S. border. It would enforce invasive biometric scans on innocent travelers, regardless of their citizenship or immigration status. As Congress weighs different factors in the ongoing immigration debate, we urge them to look closely at the expanded high-tech surveillance provisions in this proposed package. This bill would undermine the privacy of countless law-abiding Americans and visitors, regardless of citizenship. [1] https://www.congress.gov/bill/115th-congress/house-bill/6136/text https://www.eff.org/deeplinks/2018/06/border-spy-tech-shouldnt-be-requireme… * EFF Pressure Results in Increased Disclosure of Abuse of California's Law Enforcement Databases EFF's efforts to fix holes in oversight of the California Law Enforcement Telecommunications System (CLETS) are paying off. New data and records released by California Department of Justice (CADOJ) show a steep increase in the number of agencies disclosing cases of abuse of the state's network of law enforcement databases—a major victory for transparency and law enforcement accountability. https://www.eff.org/deeplinks/2016/03/eff-pressure-results-increased-disclo… : . : . : . : . : . : . : . : . : . : . : . : . : . : . : Announcements * hack.summit("blockchain") EFF has been selected as one of the exclusive non-profit partners of hack.summit() which made history for running the largest virtual developer conference of all time. As a non-profit partner, we will be receiving funds generated by ticket sales & sponsorships from the event. This year's event, hack.summit("blockchain"), focuses on spreading and democratizing knowledge about blockchain and cryptocurrencies to attendees around the world. https://www.eff.org/event/hacksummitblockchain * EFF at The Circle of HOPE: A Hacker's Dozen HOPE (Hackers on Planet Earth) returns to the Hotel Pennsylvania for its twelfth iteration this year, hosted by our friends at 2600. The biennial conference is one of the foremost hacker events, chock full of projects, talks, workshops, and more. We'll have a table in the vendor area, where you can stop by and become a member at a discount, and pick up our latest swag. We are gearing up to announce a New York area meetup and EFF talks as the event gets closer. More information is available here [1]. We'll see you there! [1] https://hope.net/index.html https://www.eff.org/event/eff-circle-hope-hackers-dozen * The Digital Townsquare: Silicon Valley and the Regulation of Online Speech Join representatives from EFF, Mozilla, Twitter, and more on July 17th in San Francisco for a townhall on the future of free speech, now that tech giants police communications on the Internet. https://www.eff.org/event/digital-townsquare-silicon-valley-and-regulation-… * EFF Is Now on Instagram! Learn more about the people defending your digital rights and why we're inspired to fight to protect them. https://www.instagram.com/EFForg/ : . : . : . : . : . : . : . : . : . : . : . : . : . : . : Job Openings * Legal Intake Coordinator EFF is seeking an organized, empathetic, and analytical person with excellent communication skills to join EFF as its Intake Coordinator. The Intake Coordinator is the first point of access for legal assistance and general information about EFF for the public. You will be performing a variety of tasks from giving information about our work to referring people to both EFF staff attorneys and outside attorneys for legal assistance. https://www.eff.org/opportunities/jobs/legal-intake-coordinator * Legislative Activist The legislative activist will focus on EFF's work advocating for state laws that protect people's right to privacy, free expression, and innovation, as well as advocating against laws that would undercut those rights. EFF intervenes in state legislation nationwide with a particular emphasis on the California legislature. This person will also work in other areas as needed including national campaigns and non-legislative work. https://www.eff.org/opportunities/jobs/legislative-activist * Staff Technologist – JavaScript Developer EFF is seeking a full-time Staff Technologist to work with our Browser Extensions team as the lead developer for [1]HTTPS Everywhere [2]. [1] https://www.eff.org/https-everywhere [2] https://www.eff.org/https-everywhere https://www.eff.org/opportunities/jobs/staff-technologist-javascript-develo… * Civil Liberties Staff Attorney EFF is looking to hire an experienced litigator with an unshakeable sense of justice and Fourth Amendment expertise to join our civil liberties team. https://www.eff.org/opportunities/jobs/civil-liberties-staff-attorney : . : . : . : . : . : . : . : . : . : . : . : . : . : . : MiniLinks - For $179 and a Biometric Scan of Your Face, You Can Skip the Line at Sea-Tac Airport Concerned about the privacy policies of services that claim to streamline airport screening? "The biometric data concern is one tip of a very big iceberg," said EFF's Shahid Buttar. (KUOW) http://kuow.org/post/179-and-biometric-scan-your-face-you-can-skip-line-sea… - Whistleblower Reality Winner, Charged Under the Espionage Act for Helping to Inform Public of Russian Election Meddling, Pleads Guilty "Painted into a corner by an unjust law," that was never intended to be applied to whistleblowers, Reality Winner has pleaded guilty to charges under the Espionage Act. (The Intercept) https://theintercept.com/2018/06/26/reality-winner-plea-deal/ - How to Read a Privacy Policy You might want to bookmark this: EFF Senior Staff Attorney Nate Cardozo explains how you can read a privacy policy like a lawyer. (The Verge) https://www.theverge.com/2018/6/25/17488376/gdpr-privacy-policy-how-to-read - Europe's New Link Tax Will Enshrine Big Tech's Stranglehold Over the Internet The EU's proposed Article 11 is a copyright rule that would take away Europeans' right to freely link to their own news sites—unless they use a giant, probably American, service to do so. (Motherboard) https://motherboard.vice.com/en_us/article/9k8vd5/europe-link-tax-copyright… - Proposed EU Copyright Law Could Cause Problems For Fan Content In Games The EU's proposed Article 13 wouldn't just mean upload filters for websites. Your favorite game could be next. (Kotaku) https://kotaku.com/proposed-eu-copyright-law-could-cause-problems-for-fan-1… - Encrypted Messaging Isn't Magic You should use encrypted messaging apps, says Lily Hat Newman. You should also be careful about how you use them. (Wired) https://www.wired.com/story/encrypted-messaging-isnt-magic/ : . : . : . : . : . : . : . : . : . : . : . : . : . : . : -------- SUPPORTED BY DONORS ------------------------------------------------- Our members make it possible for EFF to bring legal and technological expertise into crucial battles about online rights. Whether defending free speech online or challenging unconstitutional surveillance, your participation makes a difference. Every donation gives technology users who value freedom online a stronger voice and more formidable advocate. If you aren't already, please consider becoming an EFF member today. https://supporters.eff.org/join/effector : . : . : . : . : . : . : . : . : . : . : . : . : . : . : * Administrivia Editor: Katharine Trendacosta, Policy Analyst editor(a)eff.org EFFector is published by: The Electronic Frontier Foundation https://www.eff.org/ Membership & donation queries: membership(a)eff.org General EFF, legal, policy, or online resources queries: info(a)eff.org Reproduction of this publication in electronic media is encouraged. MiniLinks do not necessarily represent the views of EFF. Back issues of EFFector are available via the Web at: https://www.eff.org/effector/ Unsubscribe from future mailings or change your email preferences: https://supporters.eff.org/update-your-preferences?cid1=2061725&cs=f126ee44… Opt out of all EFF email: https://supporters.eff.org/civicrm/mailing/optout?reset=1&jid=61053&qid=858… 815 Eddy Street San Francisco, CA 94109-7701 United States

1 0

Uncaught bounce notification
by admin＠ffnw.de 28 Jun '18

28 Jun '18

The attached message was received as a bounce, but either the bounce format was not recognized, or no member addresses could be extracted from it. This mailing list has been configured to send all unrecognized bounce messages to the list administrator(s).

1 0

Einschränkungen Website und Wiki
by Stefan 25 Jun '18

25 Jun '18

Hallo zusammen, momentan gibt es ein Routing Problem zur Website VM. Bjo und ich sind schon dran :) VG Stefan

2 1

Dringender Kredit für Geschäft und Projekt
by Cabot Financial Ltd 25 Jun '18

25 Jun '18

-- Guten Tag, Herr / Frau. Benötigen Sie einen dringenden Kredit für Ihr persönliches oder Firmengeschäft? Möchten Sie Ihr Unternehmensprojekt erweitern? Wie Gebäude oder Unternehmensentwicklung und vieles mehr. Wenn ja, können Sie Ihr Darlehen von (Cabot Financial Ltd) innerhalb von 3 Arbeitstagen mit Ihrer schnellen und herzlichen Zusammenarbeit mit unserem Service erhalten. Und unser Angebot Zinssatz beträgt 1,1% pro Jahr. Bewerben Sie sich jetzt, indem Sie die nachstehenden Informationen ausfüllen, da Ihnen beim Erhalt Ihrer Bewerbungsdetails weitere Informationen zugesandt werden. Vollständiger Name:...................... Darlehensbetrag: ...................... Der Grund für den Kredit:...................... Darlehensdauer: ...................... Telefon:...................... Wir warten auf Ihre Antwort und Zusammenarbeit mit unserem Service. Freundliche Grüße. Bill Roland Financial Consultant 1 Kings Hill Ave, Kings Hill, West Malling ME19 4UA, UK

1 0

ffnw repo batman-adv-dkms und batctl Paket update
by Jan-Tarek Butt 20 Jun '18

20 Jun '18

Hi zusammen, Ich habe gerade mal das batman-adv-dkms und batctl Paket geupgradet: batman-adv-dkms von v2017.3 auf v2018.1: Changelog: support latest kernels (3.2 - 4.17) coding style cleanups and refactoring documentation cleanup mark licenses clearer, change UAPI netlink header from ISC to MIT add DAT cache and multicast flags netlink support avoid redundant multicast TT entries bugs squashed: avoid spurious warnings from bat_v neigh_cmp implementation fix check of gateway availability in B.A.T.M.A.N. V fix locking for bidirectional TQ check counters remove leak of stack bits in fragmentation header priority fix packet checksum handling in receive path fix handling of large number of interfaces fix netlink dumping of gateways and BLA claims+backbones update data pointers after skb_cow() fix header size check in batadv_dbg_arp() fix skbuff rcsum on packet reroute fix multicast-via-unicast transmission with AP isolation fix packet loss for broadcasted DHCP packets to a server fix multicast packet loss with a single WANT_ALL_IPV4/6 flag batctl von v2017.3 auf v2018.1: Changelog: synchronization of batman-adv netlink and packet headers coding style cleanups and refactoring documentation cleanup mark licenses clearer, change batman-adv UAPI header from ISC to MIT add DAT cache and multicast flags netlink support disable translation support for non-unicast mac addresses bugs squashed: improve error handling for libnl related errors add checks for various allocation errors Schöne grüße Tarek

1 0

Fwd: OpenBSD disables Intel's hyperthreading due to security concern [openbsd]
by Jan-Tarek Butt 20 Jun '18

20 Jun '18

FYI Via: https://www.mail-archive.com/source-changes@openbsd.org/msg99141.html CVSROOT: /cvs Module name: src Changes by: kette...(a)cvs.openbsd.org 2018/06/19 13:29:52 Modified files: sys/arch/amd64/amd64: cpu.c sys/arch/amd64/include: cpu.h sys/kern : kern_sched.c kern_sysctl.c sys/sys : sched.h sysctl.h Log message: SMT (Simultanious Multi Threading) implementations typically share TLBs and L1 caches between threads. This can make cache timing attacks a lot easier and we strongly suspect that this will make several spectre-class bugs exploitable. Especially on Intel's SMT implementation which is better known as Hypter-threading. We really should not run different security domains on different processor threads of the same core. Unfortunately changing our scheduler to take this into account is far from trivial. Since many modern machines no longer provide the ability to disable Hyper-threading in the BIOS setup, provide a way to disable the use of additional processor threads in our scheduler. And since we suspect there are serious risks, we disable them by default. This can be controlled through a new hw.smt sysctl. For now this only works on Intel CPUs when running OpenBSD/amd64. But we're planning to extend this feature to CPUs from other vendors and other hardware architectures. Note that SMT doesn't necessarily have a posive effect on performance; it highly depends on the workload. In all likelyhood it will actually slow down most workloads if you have a CPU with more than two cores. ok deraadt@

1 0

Let's Encrypt certificate expiration notice for domain "git.ffnw.de" (and 1 more)
by Let's Encrypt Expiry Bot 20 Jun '18

20 Jun '18

Hello, Your certificate (or certificates) for the names listed below will expire in 20 days (on 10 Jul 18 04:54 +0000). Please make sure to renew your certificate before then, or visitors to your website will encounter errors. git.ffnw.de git.nordwest.freifunk.net For any questions or support, please visit https://community.letsencrypt.org/. Unfortunately, we can't provide support by email. For details about when we send these emails, please visit https://letsencrypt.org/docs/expiration-emails/. In particular, note that this reminder email is still sent if you've obtained a slightly different certificate by adding or removing names. If you've replaced this certificate with a newer one that covers more or fewer names than the list above, you may be able to ignore this message. If you want to stop receiving all email from this address, click http://mandrillapp.com/track/unsub.php?u=30850198&id=fb8e2d2e161c40fc8ef439… (Warning: this is a one-click action that cannot be undone) Regards, The Let's Encrypt Team

2 1

admin@lists.ffnw.de post from tarek@ring0.de requires approval
by admin-owner＠lists.ffnw.de 19 Jun '18

19 Jun '18

As list administrator, your authorization is requested for the following mailing list posting: List: admin(a)lists.ffnw.de From: tarek(a)ring0.de Subject: confirm 7354f3156d10eaa287981690a90f98237e4fb936 The message is being held because: Message contains administrivia At your convenience, visit your dashboard to approve or deny the request.

1 0