Alternative router firmware distribution OpenWRT is seeing a vulnerability allowing its package manager to be MITM'd publicized (archived). OpenWRT's fork of opkg, used as a package manager and running as root, fails to check checksums when parsing package lists. Successful use of the MITM to place a payload opens the rest of the doors to ownership. Routing remains a live battleground.
Category Archives: Shitware
USG, Lacking Options, Puts In A Small Order For More F-15 Jets
The USG is beginning to order new F-15 jets after Boeing last fulfilled F-15 orders for them in 2004 (archived). The export market has kept F-15 production going, unlike the F-22 which was USG forbid from export leading to the loss of production capability after Hussein Bahamas went all in on the F-35, an aircraft which has yet to work for anyone other than the Israelis. Continue reading
"Must Fix" Problems Plaguing F-35 Moneypit Continues To Be Blocking
$428 Billion US taxpayer dollars were shown to be hard at work in the annual report for the F-35 program annual report. U.S. "Defense" Department director of operational test and evaluation Robert Behler listed a number of serious flaws with the planes in his report, including guns that don't shoot straight failing to accurately engage ground targets, cracked gun housings, and at least 873 software flaws. The laundry list of issues were described as "must-fix" items before the F-35's upcoming $22 billion Block 4 "upgrade" phase can begin. (archived)
Drama Laden altcoin Forked Off Bitcoin Sees Hash Drop Leaving Long Wait For Blocks
A sudden 50% drop in hashpower on the BCH network this morning caused it to go 5.5 hours without producing a block (archived). Users likely didn't notice as the next block, 620026, contained only 2.3MB in transactions. The anomaly occurred just days after BCH communist party leaders announced, then seem to have rescinded, a plan to tax miners 12.5% of block rewards.
Entire Argentine Judiciary Paralyzed As Computers Stop Working For Them
Argentina's courts are paralyzed after the Lex100 system they use for everything stopped working six days ago (archived). This is not the first time the system has gone down (archived), but it is the longest time Argentina's courts have been without this one system they built everything they do around. This makes the pretense of Argentina having a legal profession still more laughable than it already was. Continue reading
Some altcoin Forked Off Of Bitcoin Forking Again To Implement Developer Tax On Block Rewards
Roger Ver (WoT:nonperson) and Jihan Wu (WoT:nonperson), have announced a 6 month plan to implement a 12.5% tax on block rewards in order to fund development on their ailing forkcoin project. The developer tax will fuck the altcoin's protocol layer to orphan blocks by miners refusing to participate in the redistribution of wealth towards an entity known only as the "Hong Kong corporation" at press time. Details regarding who will receive funding and how supposedly remains under discussion. Some BCH miners have expressed displeasure with the tax, though BTC.TOP mining pool founder Jiang Zhuoer (WoT:nonperson) claims the issue isn't up for debate, going so far as to quote former Chinese communist party leader Deng Xiaoping in defense of the move:
Non-debate theory is my invention. Non-debate, is to gain time to work hard. When you debate, everything becomes more complicated and it wastes time. Nothing can be done. Don’t debate, and just try. Be brave and experiment.
Plans are for the mandatory tax to become effective on May 15 when their biannual hard fork "update" is scheduled.
Power Rangers Pushing "Taproot" Into Their Bitcoin Network Client Fork
In his continuing mission to wreck Bitcoin, Pieter Wuille (WoT:sipa) has submitted a final proposal for 3 new "BIPs" and a pull request to the "Bitcoin Core" Shithub that will introduce Schnorr signatures and a new mEthereum-like addition called taproot via a "soft fork" to the protocol. Schnorr signature schemes were discussed in #trilema as far back as 2017, and determined to be attractive to PRB users because they are a match made in heaven for individuals using Segwit, multisig, or other "anyone can spend" schemes. Taproot was proposed in January of last year by Greg Maxwell (WoT:gmaxwell) and is an attempt to add "smart contract" functionality to Bitcoin, supporters having quickly forgotten about the SFYL that occurs when one consciously chooses to huff "smart contract" Jenkem. As always, users of actual Bitcoin will not be affected.
Grave Authentication Vulnerability In Cisco Firewall Management Tool
USG spyware vendor Cisco has announced a vulnerability affecting their "Firepower Management Center" allowing unauthenticated control via specially crafted http requests (archived). No workaround to mitigate the vulnerability is being offered, only mandatory patches. Cisco claims no knowledge of the flaw being exploited in the wild despite it having the appearance of a bespoke USG NOBUS hole.
GNUMake 4.3 Breaking Backwards Compatibility
The wreckers marketing "GNU Make" announced substantial breaks in backwards compatibility with their new 4.3 release (archived). Notably the behavior of the '+=' operator has been changed in a move that will incur substantial pain. The handling of prerequisites, suffixes, and pattern rules are also being changed to maximally inconvenience all.
Oracle Appears To Join Microsoft In Re-Keying NSA Backdoors With 334 "Security" Patches In Dump
Oracle has released security 334 patches across 93 products to deal with a variety of issues, and many of the things being patched against are exploitable remotely (archived). Earlier this week Microsoft hyped their release of USG.NSA endorsed changes to crypt32.dll with great urgency.