[octoberfranklin]

When the web "standards" are so insanely complicated that even Google can't implement them securely, it's time to admit that we have a problem.

When there is only one other complete implementation of these "standards" (with miniscule market share), it's time to panic.

[dclusin]

It feels to me like the entire os security model is broken and leaving security up to applications even well resourced ones like chrome is a fools errand.

Is there anyway we could benefit from starting again and building a secure os from first principles? Isn’t this one of Fuscias goals?

[Sunspark]

You have to start further back than you realize. Almost all computers nowadays ship with a second dedicated CPU and OS that you can't access or shut off. They are network self-aware and it is a backdoor. The most well known one is called the Intel Management Engine.

There is no point having better software if you can't even secure the hardware. Yes, the risk is minimal because even if the key to the ME leaks, it will never be given away or sold because it's too valuable. It is still a sense of disquiet for me that it is there in the first place. It doesn't add to the performance or security of your existing setup. It is there to make things easier for others.

[eternityforest]

I'm fine with the ME, but if it ever did leak, it very well could be sold or dumped on a pastebin.

Hackers are unpredictable. They could throw the plans for a fusion reactor that saves the world in the ocean. They could launch a nuke for the lulz. They can be crazier than wallstreetbets people.

[dclusin]

The server motherboard I just bought has this as well. Thankfully access to it is at least isolated to a separate network port. I'm debating supergluing it closed or maybe physically disconnect the port somehow.

[jacquesm]

You may want to review that very carefully, typically if that separate network port doesn't have a live network on it that issues DHCP addresses the functionality will fall back to the port that is attached.

[dclusin]

Oh fun. Thank you for the tip! Any sugestions on how to go about this? I'm a relative newb in these matters. Switching from MacOS to linux daily driver

[jacquesm]

Keep an eye on ports 16992-16995, 5900, 623, 664, and realize that packets destined for those ports may never become visible to the OS so you'll have to catch them in transit to the board. Another place to look at is what DHCP leases are issued by your DHCP server, conceivably the management engine could request an address for itself.

[schleyreuth]

Also be aware of the sideband interface[1] available to the IPMI by checking the block diagram in your motherboard's manual. For instance, here's AsrockRack's X470D4U diagram[2] showing the IPMI can be accessed directly through its dedicated NIC and also sideband through one of the main NICs.

[1] https://en.wikipedia.org/wiki/NC-SI [2] https://i.ibb.co/dL1tNCq/image.png

[bawolff]

There is no indication yet that this is due to complex web standards. It could be, but we literally dont know what the bug is yet.

[hdjjhhvvhga]

But we do know that it is Javascript-related, so please correct me if I'm wrong but disabling JS for all websites except the ones you really, really trust and need should offer long-term general protection against such 0-days in most cases.

[bawolff]

It certainly reduces attack surface. JIT based js engines do seem like a big attack surface, although certainly not the only one.

I'm not sure i would call js part of "complex new web standards". In its original form it was introduced way back in 1995.

[paxys]

There are lots of 0day exploits outside of the JavaScript engine. Going down this path, it would be safest to not use the web at all, or really just not own a computer.

[TheDong]

My doctor told me I should stop smoking.

There are a lot of ways to die outside of lung cancer though. Going down this path, it would be safest to not drink alcohol, not drive a car, or really just not live life at all.

My point here is that there are some things that have outsized impacts and can be avoided in isolation. Smoking is like that for health.

Javascript, ActiveX, java web applets, flash, any other way of executing arbitrary turing-complete remote code on my local machine directly, those are all vastly more likely to lead to CVEs than HTML parsers, image parsers, and other functionalities of browsers.

It's perfectly possible to identity and eliminate larger attack surfaces without slippery-sloping yourself into not being able to take smaller risks.

[hdjjhhvvhga]

No, I think it's reductio ad absurdum; what I mean is reasonable means of reducing risks for people who don't use that much web apps and consume mostly text such as news etc.

[stjohnswarts]

That does close the window of attack to a much smaller area so yeah that improves your security statistically.

[kerng]

Dont think this has todo with web standards, its probably JIT related. Google should just turn that off, majority of 0 days seem to be because of that.