Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Search - "legion frontier"
-
A group of Security researchers has officially fucked hardware-level Intel botnet officially branded as "Intel Management Engine" they did so by gathering it all the autism they were able to get from StackOverflow mods... though they officially call it a Buffer Overflow.
On Wednesday, in a presentation at Black Hat Europe, Positive Technologies security researchers Mark Ermolov and Maxim Goryachy plan to explain the firmware flaws they found in Intel Management Engine 11, along with a warning that vendor patches for the vulnerability may not be enough.
Two weeks ago, the pair received thanks from Intel for working with the company to disclose the bugs responsibility. At the time, Chipzilla published 10 vulnerability notices affecting its Management Engine (ME), Server Platform Services (SPS), and Trusted Execution Engine (TXE).
The Intel Management Engine, which resides in the Platform Controller Hub, is a coprocessor that powers the company's vPro administrative features across a variety of chip families. It has its own OS, MINIX 3, a Unix-like operating system that runs at a level below the kernel of the device's main operating system.
It's a computer designed to monitor your computer. In that position, it has access to most of the processes and data on the main CPU. For admins, it can be useful for managing fleets of PCs; it's equally appealing to hackers for what Positive Technologies has dubbed "God mode."
The flaws cited by Intel could let an attacker run arbitrary code on affected hardware that wouldn't be visible to the user or the main operating system. Fears of such an attack led Chipzilla to implement an off switch, to comply with the NSA-developed IT security program called HAP.
But having identified this switch earlier this year, Ermolov and Goryachy contend it fails to protect against the bugs identified in three of the ten disclosures: CVE-2017-5705, CVE-2017-5706, and CVE-2017-5707.
The duo say they found a locally exploitable stack buffer overflow that allows the execution of unsigned code on any device with Intel ME 11, even if the device is turned off or protected by security software.
For more of the complete story go here:
https://blackhat.com/eu-17/...
https://theregister.co.uk/2017/12/...
I post mostly daily news, commentaries and such on my site for anyone that wish to drop by there19 -
We are on a roll here people (side note, if You are joining the site, thank you but if you are using disposable email accounts at least wait for the verification code to arrive to said account):
So our most well know and belowed CMS that brings lots of love and feels to those that have to (still) deal with it, had some interesting going on:
Oh Joy! "Backdoor in Captcha Plugin Affects 300K WordPress Sites", well arent You a really naughty little boy, eh?
https://wordfence.com/blog/2017/...
Remember that "little" miner thingy that some users here has thought about using for their site? Even Yours truly that does make use of Ads Networks (fuck you bandwidth is not free) even I have fully condenmed the Miner type ads for alot of reasons, like your computer being used as a literal node for DDoSing, well... how about your "Antivirus" Android phone apps being literally loaded with miner trojans too?
https://securelist.com/jack-of-all-...
"When You literally stopped giving any resembles of a fuck what people think about Your massive conglomerate since You still literally dominate the market since alot of people give zero fucks of how Orwellian We are becoming at neck-breaking speed" aka Google doesnt want other webbrowsers to get into market, Its happy with having MemeFox as its competitor:
https://theregister.co.uk/2017/12/...
Talking about MemeFox fucking up again:
https://theregister.co.uk/2017/12/...
And of course here at Legion Front we cant make finish a report without our shitting at Amazon news report:
"French gov files €10m complaint: Claims Amazon abused dominance
Probe found unfair contracts for sellers"
More News at:
https://legionfront.me/page/news
And for what you may actually came and not me reporting stuff at Legion's Orwell Hour News™ ... the free games, right?:
Oxenfree is free in GoG, its a good game, I played like 2 months after its release and I think I heard they wanted to make a Live Action movie or some sort of thing after it:
https://www.gog.com/game/oxenfree
Kingdom Classic is also free:
http://store.steampowered.com/app/...
Close Order Steam Key: HWRMI-2V3PQ-ZQX8B
More Free Keys at:
https://legionfront.me/ccgr4 -
So I dont know if this has been brought here already but I was busy lately with an oncoming amount of users of my site... and they found a few bugs, anyway me sucking aside:
To my fellow American DevRant users, how do you guys feel when you are about to get fucked by the posibility of get Net Neutrality in your country? Man what is going there sure is a tragicomedy, uh?24 -
Im not dead yet (dunno about next week), for those that knew me here when I was around, but I really wanted to come to a place I know I could get some comments about it, but what the whole IT/Tech world right now?
Python and its CoC shenanigans
Linus leaving
Mozilla telemetry spying on you https://reddit.com/r/linux/...
And so on and on, the ride isnt over yet, right? (it never is, it only gets more fun from here on baby)question bsd works too linus it you had a change to stop it gentoo richard stallman open source trueos looks cool if you have an nvidia gpu install it had it5 -
Have you heard about the Embrace, Expand and Extinguish idealogy? lets think about it:
Javascript 5 (embrace) -> Typescript and Class syntax to Javascript 6 (extend) -> JS (extinguish) with WebASM.
Atom/Electron (embrace) -> Atom fork named "VSCode" (extend) -> Atom (extinguish) as it was developbed by Github company.
NodeJS (embrace) -> incompatible Node Windows fork with IE/Edge JS engine "Chakra" (extend) -> NodeJS (extinguish soon) with chaos of Typescript, Javascript 6 and Github.
"R" lang (embrace) -> incompatible SQL Server 2016 R lang extension (extend) -> R lang (extinguish soon).
Android -> CyanogenMod (embrace) -> CyanogenMod (extinguish) as M$ "sponsored" Cyanogen Inc to destroy CyanogenMod
Linux (prejudge) -> sponsors RedHat, Debian, SuSE, Alpine and Canonical/Ubuntu (embrace), forces unstable backdoored "systemd" -> Linux (extinguish soon)
Reusing the last image I did because I didnt wanted to make more OC stuff cos the few ++ gained arent worth it5 -
Im back to anyone that may cared a little, so I was offline for 6 days since my ISP Ultra Hilarious to crash my state records of their paying customers and some other stuff that It took 5ever to get back, anything you guys want to share with me that may happen lately here on DevRant? I personally my classic Amazon bashing news and Perhaps giving away some Steam Keys that one Reviewer user of my site give us out to promote the site along side the devs.
For the Amazon News there is:
Amazon in talks to buy cybersecurity startup Sqrrl and also group of New Jersey Amazon Warehouse workers stood in the cold outside an Amazon Books store in Manhattan on Wednesday to remind shoppers that their online purchases are made possible by warehouse employees who often are underpaid and denied normal workplace benefits. More info at: https://legionfront.me/pages/news
No about Free Steam gamuz:
Gravity Island Key: AACA7-CYFVW-N775L
For more free keys drop by:
https://legionfront.me/pages/gaming
https://legionfront.me/ccgr6 -
Hahaha, well would you Imagine my shock?
https://pcmag.com/news/357465/...
But then again people enable this personal hell to happen5 -
Alot of youngster still give absolute Zero fuck though
https://patents.google.com/patent/...
Want to keep up to date with news:
https://legionfront.me/pages/news
https://legion.media15 -
Do you wanna play a game?
Cloud Storage:
GlusterFS
Ceph
HekaFS
LizardFS
OrangeFS
GridFS
XtreemFS
WeedFS (CHMODing into 420 fam)6 -
Ok guys, since what Im using is a laptop with some low specs since Im too broke to even afford a new FM2+ motherboard to repair my desktop pc and have a little more raw power to use and make more fancy stuff, I wish to know if anyone here legit is interested in some Original content images that Im thinking in make just out of spite in the Zerg Rush of users spaming about F. Quantum and if its worth my already highly limited time just to get hopefully more ++ than my last AMD OC that pretty much noone cared about6
-
So... has anyone yet made a comment about now exHead AMD Chief of GPU division Raja Koduri joining Intel?
Now this is awkward after I made this OC image not so long ago :/
https://devrant.com/rants/896872/...
Also in other news can we comment that Systemd has pretty much took over most linux distros? is this the new NSA backdoor? (before someone points out is open source, have anyone been able to properly audit it?)4 -
Yeah, I can see you guys are also commenting (t.memeing) about this so may as well jump in the fun too.
Also Im still alive to anyone that may care an atom about it2 -
Not only dev related but remember to constantly backup your important info of your Hard disk constantly... specially if those disk have not only the lastest code you are have been working on but photos of you and high school friends back in the day when the original Iphone was just released that you havent properly printed yet.
I think that is one of the nearest thing I can think of that I regret lately aside from simple being "my life" in itself1 -
Holy shit! so after my last news report https://devrant.com/rants/1063342/... , I also shared the news in my site where there is a guy that works in a Washington ISP and also offer mail servers and such for the locals... fun and joke time has ended my friends, any SysAdmins here regarding this want to comment on this topic?9
-
*News for the users here that deal with web hosting here*
Hey there anyone that vaguely remembers me, so have been busy with my network lately dont have much time to get back here, I dont know if someone has already reported this new, I found it while I was scooting for news to share on my site (shameless plug: https://legionfront.me/pages/news)
Its about our loved /s and highly used Wordpress and its lovely code /ss
https://thehackernews.com/2018/02/...
Short story short if, there is an exploit (of the many) to DDoS a network of worpress sites that has been present since almost literally forever, the code to fix it is in the articleundefined wordpress shilling ddos end my life immediately news security legion code quality legion frontier8 -
So I was thinking whenever to run a Kanban-Board style ala Trello subdomain for the people on my site that are helping me with bug hunting and such and I came up with this article about this project that got 6k Stars in Github in 5 days https://github.com/thedaviddias/..., what is this project about? " The perfect Front-End Checklist for modern websites and meticulous developers "
Here is the article for those wishing to read more about it https://medium.freecodecamp.org/how...1 -
So I want to know, can I shill at least one of my "working" sites here? I want to do measure some organic/natural traffic on this so original site(/sarcasm)
Also Im want to know if there are people here interested to help me out with my other site if they could ... specially since my finances will perhaps force me soon to take a local (retail) job to afford "normal" living5 -
Hey everyone, need some help/opinions, I quite literally have almost no time anymore for alot of thing specially try share alot of news here (not the Intel mess, I reported some of that stuff before it exploded) I share most of that news in my site though, but I really wanted to ask people here that may work for hostings companies if they know about the retardation of Nvidia in their change of Terms of Services for their GPU usage (https://legionfront.me/posts/1936 ) and also want to know if users here are if they are looking for dedicated servers, mainly GPU servers for their works and what are you look for (specs and such) or rather where
-
I will like to ask my fellow users here if you currently are studying game development or if you are working already in a game to sell and which store you are thinking to publish it?1
-
What Im doing with my life, Hurricane edition.
So Im still working in a site that I have keep saying Im about to launch Soon™, most of it was already working for a while but the notification system was Youtube-levels of ""broken"", I personally didnt wanted to spend time on it fixing it since I really wanted to launch the damn thing already to show the world I havent been wasting my time/shortening my lifespan doing fuck all ... but I remember that your average normie wants eyecandy and all that stuff ... urgh ok fine, will try to fix and that I did ... but in doing so I ended from a ~90% fully working site to a crippled ~50% "working" site.Also some neat info for those prepping for the hurricane https://imgur.com/gallery/tzv0d, also because some stuff going with my life, it makes me aware of all the homeless people out there and hope they have proper shelter and such.2