new Linux feature makes hacking IMPOSSIBLE

Best Yubikey ad yet

what's your source, I want to read the blog myself

I have one and I actually love them for gpg

Please do a longer video where you show the many applications of yubikeys! That's the kind of add that I would LOVE!

Now we're learning about pen caps? How low we going? I'm going to start a Limbo code channel. It'll just be a reaction channel. :) Have a great day!

@@Liberty4Ever LMFAO

❤😂😂😂😂

Even that is just scratching the surface

real

@@Liberty4Ever 🤣🤣🤣

Yea that chromium statement is not nice

I'm using Firefox based Zen Browser and loving it. 😃

@@ContemplativeCat same lol, its pretty nice

But realistically though, firefox has a smaller share of browser users then linux has of desktop OS users

Right, me and most of my family is using Firefox for over 20 years now. Well my family essentially had not really a choice as I have setup most of their PCs :) Though it's not like they care or know anything about what a browser actually is. It's "the internet". The only cases where I use chrome was on my old Nexus tablet and my smartphone. Though I do have FF on them as well. But chrome runs a bit faster on those weak devices :P Though whenever I need actual customization, I switch to FF. My FF in my phone also has an altered User-Agent to pretend to be a PC and not a mobile device. Can be really handy in many cases. Websites nowaday are really great in messing up themselfs in an attempt to "adjust" to your device.

its 90% there

Yeah, good thing we also have Microsoft edge, opera, brave, Vivaldi...

@@echoptic775 Firefox?

​@@echoptic775this is joke right?

yeah the insane competition of 3 browser engines

@@hatacoyama1246 Inconceivable!

Nooooooo!!!!

what is that

he never had tried to balance a pen tower on the palm of his hand, having to dodge the projectiles on their in evitable way down.

Not everyone has twenty of these. Now we have two, and one is dead.

fr 😭

Doesn't this also vary by specific type of marker? For example, his is the type where the cap has a "peg" that inserts into the top of the barrel, which allows you to chain several markers together, but I've also seen markers where the cap stores the other way around, and does not chain? Visual example below.
Marker with nesting caps: (barrel -> cap)
===>- |>| capped
|>|===>- uncapped
Marker with non-nesting caps:
===>- |>| capped
|- uncapped

@@smitcher you should do some research on the big boy words you're trying to use there, buddypal
(hint: look up the words "we", "nerd" and if you're feeling super brave with your homework: "mansplain")

I'm not convinced this guy has ever used a marker ever

If you used scotch tape to make the joints more robust as a kid, you gain +10% xp gain for mechanical engineering as an adult.

Reported. Dude. Not okay.

@@robnobert ??????????

@@robnobertlmaooooo

I don’t know what happened to you that early in life, but I’m sorry bruh.

What's with these replies? There's nothing wrong with OP's comment.

I could imagine ways to use this even if the spawned child process seals all it's allocations and then runs out of memory. The child process would just fail and the main process would create a new one with more memory. Given how file reading code for old formats also lack much attention this could be useful for more than just browsers.

At least _in userspace_ ... (hint: the kernel can screw with those flags all it wants.)

@@jfbeam but when the userspace is so tightly locked down, it makes it much harder for an attacker to get kernel level privilege. once he has that, there's really not much you can do. at least not with software

@@not_kode_kun Writing the kernel in Ada would make it very hard. Harder than on a CHERI system. Though I guess the point of CHERI is meant to be that it is easier to port Linux to CHERI than to re-write it. Though I'm not sure if it completely supports OS functionality or not. I think CHERI does.

Just an iceberg away.

Like Forth?

I was thinking the same, but of course that won't protect against someone flipping the NX bit on the stack via mprotect (or any other rw memory pages)

Or a hardware implemented shadow stack. Of course that's gonna put hard limits on the level of recursion supported and how's that work with with each process needing its own stack. You might need a way to read the hardware stack for debuggers but there should be no need to modify it. I haven't seen any modern architectures use this but I think some older architectures did it.

​@@vk3fbab shadow stack is a hardware level protection by definition

​@@treyquattro but trying to return to the stack would make the program crash, because the address on top of the stack wouldn't match with the one on top of the shadow stack.

@@MissMyMusicAddiction or somewhere else 😏😏

@@AL-eu4ey yee i usually put it in mi butt when im done

lmao

@@AL-eu4ey Sharpie

Reported.

for you to call someone a beta is funny AF. Nice stache sweetie

I think the beta was referring to software versions. Like the beta version of the marker cap technology 😂

@@blankexpression2u @voltairesarmy6702 more so 'beta' used in climbing terminology to mean techniques used. also thanks, i grew it myself

@@blankexpression2u lol dude, beta as in the climbing term which means technique or instructions. also thanks i grew it myself

@@rechallington It's probably a bot.

how is that title clickbait?

@ It’s a very editorialized title, there’s nothing that makes hacking impossible and any security researcher worth their salt will tell you that. The title is nonspecific and leads you to click on it via the draw of grandiose claims. It’s not a BuzzFeed headline but I don’t think it has to be that bad to be clickbait

Clickbait, given the ultimate meaning of hacking...

@@tommyandersen4004 lol 😂 there's no such thing as a secure code.

Honestly, declaring something impossible is just a challenge to try

@@HimitsuYami 🤣🤣🤣 wait till the any% speedrun guys come to crack that

@@bogganalseryd2324 exactly, and like overflow is the only thing hackers ever use .. kinda silly

The main purpose of this is to be used by the kernel itself, to protect the stack and other shared areas. Not sure if there's of any use on userland (Or even if it can be used there)

the person who sponsored this change works with the V8 engine. Will I see the chromium browsers eat more memory on Linux now and require periodic restarts for simple garbage collection? worrying, but also, restarts are how updates are done so, idk if it is a problem for that specific use.

@@framegrace1 I was under the impression the V8 engine will use this new feature to strengthen the chromium browser security

In the case of V8, the user heap is already sandboxed in order to limit the ability to exploit the software via memory corruption. However, if someone manages to escape the sandbox, nothing prevents it from remapping it executable, then jumping to the payload stored there (since the heap is, by design under user control and relatively big, we must consider it tainted).
The stack size being relatively limited and already partially protected via canaries, it's way harder to store a full payload on it, so protecting the sandboxed heap against being remapped already does a lot

Used on OpenBSD for over a decade without ballooning issues AFAIK but probably does require a slower/more secure free() implementation to complement it. Which the Linux kernel has also had for years.

yup... there was some dude(s) who would go through intel architecture for fun and......... spectre.

@@PoseidonDiver God Bless Them.

What

Its like trying to make an unpickable lock.

OpenBSD uses methods like this and no major CVE since 2006

brings me back to school.

Sounds like an epic place to work in

Cringe

DeArrow is a great extension for exactly this reason! it’s by the same guy who made sponsorblock. it even works in mobile safari

No

Sorry but vague titles are proven to get more clicks. TH-cam lets you do A\B testing with different titles and thumbnails

Welcome to TH-cam.

@@b33thr33kay he started explaining the method before the first minute of video my man

Numerous examples on TH-cam if you search. FT did a good DNS RCE where they pretty much explain the steps they took to overflow the buffer and the stack return address and then built a ROP chain to execute the code that they sent th-cam.com/video/YCOoc1U7kPA/w-d-xo.htmlsi=XE6DQFjG94BZJ7G5&t=430

That would require skill.

@@anreoil not really... finding the vulnerability vector is the most difficult part

I'm sure you'd love that

Oh that's nest, I suppose that's why if you leave expo on for too long it becomes permanent lol

That's what I said! If you can call mprotect you could probably call mmap and create a new page entirely

wine gecko:

Well, IE is a deadend, but Safari and others are running Webkit, not Blink (Chromium)

WebKit dusting in the corner

Ladybird: vibing in the corner

netscape navigator: rotting away

no one said that it was, chromium is just the world's most popular engine

​@@s4ytoHe literally does at 0:57. I don't think you can use the "like" as an excuse, given how that word is used these days, just as a filler word.

​@@bloody_albatross but that is precisely the meaning of "like" as an adverb in such a sentence structure. Taken from Merriam Webster: "Nearly, approximately; used interjectionally in informal speech with expressions of measurement". So not only it is a valid excuse, it is the most likely meaning of the sentence.

@@bloody_albatross that's how you properly use "like" in English. Look up the definition. It's not just a brainrot filler word.

@@木原篤郎-b4m
Using like is disingenious though if there's still another large browser, Especially since Firefox is still the default browser on a lot of Linux flavours. And also especially since Firefox uses Rust, which also solves most use-after-free category bugs by not being 1970s technology.

Only as kids, right @djsmeguk?

Yep I came here just to say 'but OpenBSD has done this for like two decades'

Curious, but why no mention of NetBSD? Just installed it on a side rig to tinker with, so am curious why it's not mentioned.

​@@𩛗 Important aspects in which way? Feel free to explain at length if you feel you must to get the jist of things across. I'll read it.

@@ManuFortis I don’t know much about NetBSD so I didn’t wanna comment, but hey, looking at the charts now, I guess one day Linux can catch up with NetBSD, when it comes to portability, aye? :D

@@AntranigVartanian Fair enough. I'm mostly interested in it for its ability to be put onto basically anything. Which I think is going to come in really handy for my intended use.
Also, some of the most successful companies use BSD for their systems, and it seems NetBSD is probably the original basis or is closest to the original basis for most if not all of them. Nintendo uses their own version of BSD as I understand, as has Sony many times, especially for the PS3. Apple, well, MacOS is based on Darwin, which is an offshoot of yet another BSD OS.
Sometimes the best way to copy success, is to copy the methods, right?
Making my own game, and I'm thinking at this point my own console too to support a proper gaming platform that respects the right to own property properly; well those are going to need an OS that has a proven track record already.
So BSD it is, I guess. I decided to start with NetBSD, because why not, since it has the best compatbility with whatever I end up making my proof of concept/prototype rig hosting whatever fork of NetBSD I end up creating in due time. (Probably going to be a nanoBSD version of NetBSD altered to favor gaming and communications. Nothing too fancy, just enough to do the job.)
That portability you mention is where that comes in. The smaller the OS can be made, the more resources are left over for the actual game being played.
Can do that with Linux, but there is too much chaos in the Linux community as of late for my liking. And certainly doesn't make sense to do it with Windows.
I did ponder the possibility of using an offshoot of MikeOS, the assembly based OS; but it's 32 bit only. So BareMetalOS would be the next to look at for that. But that's still a work in progress really. Kind of too early to be used for something that requires dedicated stable reliability as I see it. As in it will do exactly what you expect every time bar only the more extreme circumstances which it cannot be expected to withstand, etc.
Side note: I personally think gaming and computing needs to have a return to its roots in some regards, and not just in the playing retro games side of things either. Consoles have become computers in their own right, which is great in some ways, but terrible due to others. IMHO, game consoles should do one thing mostly, really well, with whatever else added on being made to exemplify the main function; not degrade it. That one thing being their main function. Everything else, can take a second seat at the very least, or not be included at all if it can't meet those standards.
We have tablets, laptops and desktops for the things consoles don't need to be doing. And likewise, consoles should be doing the things that the others don't really make sense to include for. Like physical media for instance, with games. Nintendo does this right, even if they aren't everyones favourite right now. They include physical media in a day and age when it would probably make more sense economically for them to stop doing that.
Meanwhile the others are trying to do away with it, all because digital licensing offers bigger profit margins. I can't begrudge them of that too much, since they do need to make a profit. I just wish they would be smarter about it in a way that isn't anti-consumerist.
What era of graphics would this target?
I'm thinking something in the realm of PS1 era graphics in regards to the RPG's aesthetics of the day, but upgraded as much as the console can handle to allow for larger games while not reducing graphical aesthetic quality more than necessary.
I figure this should give plenty of indie devs a stable starting point for their own games, where they don't want to have to compete with AAA's pretending to be Indies on places like Steam.
Anyways. This is getting longer than necessary, so I'll end it there for now.

They still are.

I perfectly agree, the only advantage to this is that it doesn't need hardware support, but you can achieve this kind of protection with seccomp rules

Very true.

Does AMD have an equivalent?

@@WeisenbergTKMrWhite Yes! All Zen3 processors have shadow stack protection

no it isnt lol

@@Deltaract it was partially a joke, but there certainly a strong correlation, though not mutually exclusive either.

Yes, self modifying code was also used by some programs as an elaborate anti-copying technique
I seem to remember something called 'Magic Pencil' but it was a long time ago and my memory is probably wrong

We shouldn't protect ourselves so as to disable some ways of coding. Self modifying code could be a good idea too sometimes. Issue is actually having functions that are not checked for external input - otherwise you would not be able to exploit this out of the program.

Honestly the 2 things I'll levy at whoever is in charge of C's specification at this point is why do header files exist in 2024, and a hard deprecation of use of pointers as arrays never happened. An array should be pointer + length. Then bounds checks can be done.

​@@chainingsolid Dramatically changing the C spec is essentially not going to happen, it has to retain legacy computability. That said, newer languages obviously dont need headers anymore and some (like Rust and Zig) implement slices that are as you say pointers + length

​@@chainingsolidwhat's wrong with header files?

@@futuza Typing stuff twice. And being forced to predeclare anything before you can use it. They have a great use in supplying an API, but normally are just duplicate information.

@@steffennilsen2132 I agree backwards compact is super important. I'm not implying they should stop compiling old code. They should be making an easy to use replacement for pointers pretending to be arrays that can be used for future code.

the yubikey has cryptography hardware to encrypt your ssh key and do the authentication of the public key with the key never leaving the yubi key itself. A normal USB drive would have to copy the private key to the computer's RAM, thus exposing it.

​@@monad_tcp but he says that it downloads the ssh key locally

@@godofpotatos4691 yes, but only if you want to download it locally (i.e. if you manually execute that command from the video). Normally you don't do that, since it's considered insecure.
You want to let the Yubi key do its own thing

I misspoke here, you don't actually get the key, you get a derived Private Key that associates to the credential in the Yubikey.

His implementation is even worse than storing the key temporarily in RAM. He's storing it to disk each time he wants to use it, nullifying the reason to even have a Yubikey or smart-card in the first place.
At the very least, if a security program, service, or framework supported the Yubikey/smart-card, it could store the key in protected RAM and securely communicate with the Yubikey/smart-card in a way that doesn't require the program programmers or user that needs it to be an expert in cryptography, in order to prevent side-channel attacks. But, the way he does it is terrible.

It's the basis of all browsers that people actually use

I've used Chromium browsers for years but have grown tired of poor integration with my desktop. I recently discovered Zen Browser, and I'm actually quite enjoying it. I'm also watching the development of Ladybird browser with great interest. We need more diversity and competition back in the browser market.

Nerds don't realize that an astonishing percent of people use whatever is default. 90+% of all Android traffic is through stock browser aka chromium. As in, 90+% of Android users never install any other browser. At all. Ever.

It's most, I think the second non-Chromium based browser is Safari.

Can't trust this video based on that alone. Been looking through the comments for the tldr but can't find it

pepperoni

Idk if you legit don't understand the marker command but it's hilarious six people liked the comment without replying with an explanation
Edit: mark that seven

no, what you found is proof of the average IQ of the average social media comment section. Not many know what the mseal will do, but many more know what a marker sword is. which one do you think people will be able to talk about? the one with least resistance and confidently know enough to post about as if there are not other 100s of comments letting the youtuber and other viewers know about the markers they know so well. I on the other hand can't deny that I will miss the days I use mprotect to gain code execution. V8 is already strong in protections and require so much to get close to a working POC. most of the time relying on old versions of chromium to have fun with as the more recent ones are too complex to enjoy that quick satisfaction that one gets from solving a challenge. Even CVEs dont offer enough info, which is fine as I doubt many want their systems to be easily broken into. I sometimes do miss the days before AMD64 for which in a x86 environment would allow you to just load all the ROPs and the needed arguments in the stack instead of worrying about having to find gadgets to ROP the arguments into the registers. sometimes I am lazy, and want to find enjoyment in something that is getting progressively harder in the modern age. RIP
tbh, if anyone did care about ROP security, we would be using shadow stacks that are separate from our modifiable variables to hold the return addresses. its been a solved problem for a long time, but its definitely slowing down execution a little. I wonder if mseal is truly going to solve it without the loss of performance.

Not a memory leak, go back to the beginning of the video. You read the comments while the audio is background noise and missed the part where he didn't know how that you can put the cap on the marker in the back of the marker and that's why people are talking about marker swords

You really weren’t paying attention to this amazing presentation about markers?

Dudes chill, I was joking. I got the marker reference and was as equally surprised as everyone else that he didn't know that OP feature. I just saw a perfect opportunity to make the joke ;)

yeah, I liked the way it was incorporated into the rest of the content with examples too!

And for those who already have them, I learned a new feature!

@@tony-does-stuff technically yes but generally that’s a lower risk than sending ssh keys other ways. Any attacker that has physical access to steal your yubikey can just use a good ol’ fashioned crowbar attack and get whatever they want from you anyway.

@@tony-does-stuff
If I recall correctly, you set a password during onboarding, and only after verification a key may be extracted.

Not a mechanical keyboard

@@ItsRaelx yeah right whats stopping me from just storing it on a normal USB drive

The private key still lives on the Yubikey. You can never “extract” the private key from the Yubikey.
He mis-spoke there. The command he ran just tells your SSH Client that it needs to ask the Yubikey for the secret. You still need to physically have the key (+ pin/touch optionally) every single time you try to authenticate.
This is exactly how “Passkeys” work but in theory is more secure because it’s a hardware token.

@@pratheekrebala well setting pass phrase on ssh key would do the same thing and you can store it on cheap usb drive

@@jonathaningram8157 came to the comments to find out which keyboard it is, no luck though. Does anyone know?

Its not unhackable, but if i understood the feature correctly, then it will be a pain in the ass for hackers to get around if it becomes widely used. Also the thing is, we cant really fight against social engineering. People will always keep clicking on links and will always post everything they can about their life online, so we cant do much about that. I would guess aside from social engineering, memory corruption has got to be one of the top 3 at least

If most hacks are done with social engineering, then wouldn't that make Windows just as secure as Linux?

​@@SergeantExtremeno for a few reasons
- microsoft goes out of its way to make its users tech-illiterate
- windows loves showing dialogs all the time that people will learn to click away without reading (nothing to do with linux vs dos, but the de and the culture should be considered too)
- windows encourages running as admin, which most linux distros don't
- windows comes with lots of juicy telemetry data ready for the successful attacker (recall is a particularly egregious example), which most linux distros don't collect

Linux is just as easy to leave a port open, windows automatically handles a lot of measures automatically whereas with Linux you have the sole responsibility of securing and ensuring good security practices

@@yjlom 1. I could argue the same about Linux. A great example is the push to force users to download and install software only from "stores". When I complained about this in the distro forums, I was told that installing software from outside of stores was a "power user" move, and it's something a regular person shouldn't be doing. You can't get more tech illiterate than that.
2. Windows doesn't encourage running as admin with the exception of highly specialized software such as anti-virus, data recovery software, and driver software.
3. I don't necessarily agree that Windows shows a lot of dialogs. For the most part, pop ups only occur if something goes wrong. This is especially true in this day and age.
4. Although, I do agree with your point on telemetry.

I'm sceptical as well. I want to know the definition of 'Hacks' being used.

I was told the nr. 1 vulnerability was always social engineering related.

Well drivers are the primary way to get a rootkit functioning with these complex A/V system. The main way to enable this is attach to a firmware level driver and overflow and break the services associated then move on from there.

It's not that 70% of hacks are caused by memory corruption, but 70% of CVEs are a consequence of it.

@@user-fje4ztx46no86 You were told wrong. The data on ransomware intial access is in from Mandiant (which is def a representative sample), and the no. 1 cause of hacks is unpatched systems getting exploited (and those exploits actually are 70%) memory corruption. Second place was weak, leaked and default credentials.

INTERCAL is the work of genius

why does the V8 need so much sandboxing ? why can't them fix their JIT compiler not to generate insecure code like the JVM does ?

@@monad_tcp probably because no one runs actively malicious code on the jvm? v8 needs to be protected against everything

​​@@monad_tcpJVM is not secure at all. Remember log4j? It is not used as much as V8 not even close.

Early web days of arbitrary code injection and execuction from pc to pc is the reason

lol gotta make sure those XmlHttpRequests you arbitrarily let any domain make are secure

BSD had a first version this from 2022. Linux made its own version in 2023 with some extra features. After a year, changes on both systems end up being very similar solutions.
(THat's not 14 years)

@@framegrace1 OpenBSD introduced write-or-execute (W^X) about 2002. procmap -a will show what flags a process has on what regions.

It's not *exactly* what has been in OpenBSD for yonks, but I'd bet the idea comes from OpenBSD's work, it was implemented there first. What is really galling is the Power architecture has stuff like access ordering (PROT_SAO) since kernel 2.6 that Intel/AMD world still without AFAIK.

crashing is bad, it should only occur when something impossible for the computer to do or continue doing. low level control allows you to do almost anything with memory. Security is tricky because the computer can't guess what you expect to happen. that is why you setup the rules yourself when dealing with low level code. otherwise use something like rust for the attempts at automating the rules for you as most use cases don't need to be that free with how to handle memory.

I think you need to learn more about cyber security and Penetration testing

@@ijames-bond007 lol

@cybertrojan especially considering that his mother knows a lot about penetration testing already.