Weekly IRC Meetings and Wallpaper Contest

It's been awhile since I've posted any news as I've been focused on some back end changes (*cough* new server) as well as VIP content. Things are moving slower than I'd like, but I'm happy that we're still making progress. The point of this news post is mostly to announce that we're moving our weekly IRC meetings from Thursdays at 4pm EST to Wednesdays at 3pm EST. We've had a number of complaints about the later time on Thursdays as well as most of our crew feeling that Wednesdays are the least busy day. This is effective immediately, so we will be having an IRC meeting today.

The other thing I wanted to mention is that we haven't received that many entries for our 2015 Wallpaper Contest. If you have art skills or know anybody that does, please enter our contest with a submission. The number of submissions will influence our decision to create other contests, as there's no point in making contests if the community isn't interested in participating.

SOLDIERX Wallpaper Contest is BACK!

I'm happy to announce that the SOLDIERX Wallpaper Contest has returned after a 3 year hiatus. As many of you know, we've been busy getting VIP releases out left and right - so we wanted to give members of the community who can't afford VIP a chance for (mostly) free access. With that being said, here is the official announcement:

SOLDIERX proudly presents the official 2015 SX Wallpaper Contest. The contest begins now and lasts until 12-31-2015. This year we are doing a two part voting system so that everybody has a fair chance. We are stressing quality over quantity. Please see the contest page for more details. Currently 1st place wins their choice of shirt or poster with their design as well as free VIP access. Good luck to all who enter!

SX at Defcon 23

Thanks to corporate funding, SX will be hosting an event similar to those that we used to host at Defcon when it was at the Alexis Park. The event will take place at a secret location starting Thursday, August 6th, at 18:00 PDT. Confirmed SX Crew are Everest, Amp, Blake and even a surprise visit by cisc0ninja. If you're interested in attending, please contact me. Please put some way for us to contact you, either an email address that you'll be checking during Defcon or a phone number that we can send an SMS number to. If you're not really part of the SX community, please put in the message why I should let you attend our event. We also put up a new shirt design over at RedBubble just for Defcon. I hope everybody has a great time in Las Vegas next week!

HardenedBSD Call For Donations

It takes a lot to run a project like HardenedBSD. We're grateful for SoldierX's sponsorship. In 2014, we asked the community for help in funding a development server. The community responded quickly and our server was fully-funded within a short amount of time. That server is now being put to great use as our package building server. We appreciate all the help everyone has given us to date.

We would like to ask the community today for further donations. Our target is $7,000 USD. The funds will go towards hardware updates, hosting requirements, and potentially setting up a not-for-profit (501(c)(3)) organization so further donations will become tax-deductible.

If you'd like to donate, please donate via PayPal at address [email protected]. We also accept BitCoin at address 1FmbSRvZK4yC1b6ajeZWSvYXV2nmvwdWQq. If you donate and wish your name to be added to the Donors page, please drop an email to [email protected]. Every donation counts and is appreciated, even donations as small as $1.00 USD.

HardenedBSD Completes Its ASLR Implementation

Over the July 4th weekend, we implemented randomization of the VDSO (Virtual Dynamic Shared Object). The VDSO is a spot in memory that is shared between the kernel and userland memory. It contains the signal trampoline and time-related code (like gettimeofday(2)). Even though the amount of code is small in the VDSO, it could still theoretically be used to generate ROP gadgets. Removing that piece of determinism makes generating ROP gadgets based on code in the VDSO more difficult. Randomizing the VDSO was the last piece of the address space to randomize.

Now that VDSO randomization is implemented, our ASLR implementation is now complete. You'll notice a new sysctl(8): hardening.pax.aslr.vdso_len. That controls the amount of entropy applied to the VDSO base. Our version of ASLR is the strongest form ever implemented in any BSD operating system.

Our ASLR implementation features:

  1. Execution base randomization of Position-Independent Executables (PIEs)
  2. Full stack randomization in addition to a random stack gap
  3. RTLD base randomization
  4. mmap randomization
  5. VDSO randomization
  6. Shared object load order randomization

You will still see further improvements. We are looking into making our shared object load order randomization more efficient with help from Michael Zandi. We need to update our aslr(4) manpage. We need to clarify some of the inline comments. These improvements are mostly cosmetic and result in no functionality changes.

HardenedBSD Gains True Stack Randomization

When we first implemented ASLR for FreeBSD, we implemented the stack randomization portion as a random gap. This means that the base address for the stack remained constant, but where applications started utilizing the stack would change randomly. We have now implemented true stack randomization. The base address for the stack is now randomized. We still utilize a random stack gap on top of true stack randomization to provide further entropy and security. This means that we can effectively achieve 42 bits of entropy for the stack. Compare that to OpenBSD, which utilizes only a gap with 14 bits of entropy. This change breaks both ABI and API and we have bumped the HardenedBSD version up to 26 with this change. We will be doing a new package build to ensure packages are up-to-date with this change.

You can find the git commit here. For more details about how the PaX Team recommends doing stack randomization, take a look here.

Syndicate content