This time a year ago, I was averaging around 600 unique visitors per month. Now I'm averaging several thousand. I've outgrown this little VPS. It can't handle keeping the site online while running OS upgrades. Some of you probably noticed a bit of downtime yesterday. That was due to running critical updates. During this next week, I'm planning on migrating some services over to different boxes. You will notice a little more downtime. Hopefully this transition will go smoothly.
I've been following the web comic Loading Artist for a while. I thought the character depicted in Man Enough was a perfect fit for 0xfeedface. I contacted Gregor, the author of the web comic, and asked him to see if I could use the character. You can tell that by my using the character, he said it was okay. Anyways, I just thought I'd give a special shout out to him since I like his work and he's awesome for allowing me to use his character. Props to him!
Around the world, many people are pushing for so-called NSA-proof services. Believing that any service can be resilient to spying or wiretapping from the NSA is naive. No such service can exist. Those who are funding services like ProtoNet are wasting their money and are believing the lies sold to them by profiteers. Read on to find out why.
Late last night, I finished up a nifty new feature for our ASLR implementation on FreeBSD. This feature allows you to administer on a per-user, per-group, per-jail, and per-binary basis how ASLR is applied. I don't know of any other ASLR implementation that provides this sort of flexibility. This post will show you how to use FreeBSD's filesystem firewall in conjunction with ASLR.
Due to high volume on my site and a huge amount of spam recently, I'm temporarily disabling adding new comments. I'll probably put in place some sort of stupid socially-interactive commenting system. I'm not sure just yet.
I've been quite silent on here lately. That's because I've been hard at work. I've been working closely with a few developers and users to get this ASLR work rock solid. I've implemented execbase randomization for position-independent executables (PIEs). I've added support for building PIEs in FreeBSD's base. Oliver Pinter, who was the person whose patches I based my work off of, has been extremely active as well. We've teamed up together to fix some bugs in the PIE implementation. He did some amazing work in adding support for ASLR for all architectures FreeBSD supports.
Sorry for the downtime. Some updates failed to install and I ended up taking the opportunity to upgrade to FreeBSD 11-CURRENT on this server. The good news is that I'm now running this server with my ASLR+PIE patches.
I have the privilege of publicly representing SoldierX by speaking at BSDCan, a BSD-centric conference held every year in Ottawa, Canada, this year about the work I did in behalf of SoldierX of porting grsec's/PaX's ASLR to FreeBSD (credit where credit is due: I enhanced and finished already-existing, but unfinished, patches provided by other awesome developers). The BSDCan people are finalizing the scheduling.
I've been quite vocal in the local meetups (the local Linux User's Group and the local hackerspace) about how awesome FreeBSD is. A number of people have asked me to write a blog post about the setup of my development environment. I'm able to spin up new instances of FreeBSD in less than one second, based on ZFS and jails. Now that I have nightly builds of FreeBSD 11-CURRENT and my own pkgng repo, setting up new systems (or jails) is a breeze.