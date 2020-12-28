Brave adds support for IPFS distributed P2P websites The Brave browser recently added support for the InterPlanetary File System (IPFS) protocol in its beta release channel (desktop only). IPFS is a peer-to-peer (P2P) protocol that can be used in web browsers to visit websites that are hosted by the website’s visitors instead of a central web server. This is called the distributed web. For the last two decades, the open web has been on a steady course into the hands of a few behemoth multinational companies. The distributed web is a tool that can wrangle back control from the few and hand it back to the many. The distributed web still hasn’t gone mainstream, and Brave’s one percent market share won’t drastically change the web’s architecture overnight. Brave’s adoption of IPFS is notable because it’s the first time an externally developed P2P protocol makes it into a web browser. Previous attempts at a P2P web browser, such as BitTorrent Maelstrom, has always been lead by the developers of the protocol. No P2P protocol has convinced a web browser vendor to integrate their protocol before. Previously, you’ve only been able to use IPFS in web browsers by installing a separate program and a companion extension in your web browser. Brave now comes with native built-in IPFS support. Its support isn’t quite equivalent to HyperText Transfer Protocol (HTTP) yet, but it’s a huge leap forward for IPFS. When you open an IPFS link (ipfs://example/) in Brave, it will open it using a public web-gateway server by default. Gateways are public web servers that proxy content from the IPFS network via a traditional web server. Brave will also prompt you to enable native IPFS support, and warns you about IPFS privacy issues. More on the IPFS privacy issues later. Brave hasn’t developed a new implementation of IPFS. Instead, Brave ships the IPFS reference client and runs it as a helper process. I had wrongly assumed that js-ipfs, an almost fully-featured IPFS client written in JavaScript, would be the foundation of the first browser to ship with IPFS integration. Brave launches the IPFS daemon on demand when you access IPFS content. It doesn’t launch it with the browser when it’s not needed.

Security Leftovers Jo Christian Oterhals: What did we learn from an astronomer’s hacker hunt in the 80's? Apparently, not too much Computer security has seen its share of mind-boggling news lately. None more mind boggling than the news about how alleged Russian hackers installed a backdoor into the IT monitoring product Solarwind Orion. Through this they got got entrance into the computer systems of several US agencies and departments — ironically even into the systems of a cyber security company (Fireeye) and Microsoft itself . The news made me think of my own history with computer security, and down memory lane I went. One particular day in late July or early August 1989 my parents, sister and me were driving home from a short summer vacation. At a short stop in a largish city, I had found a newsstand carrying foreign magazines. There I’d bought a copy of PC/Computing’s September issue (to this day I don’t understand why American magazines are on sale a couple of months before the cover date) so that I had something to make time in the backseat pass faster. [...] But my guess is that the IT department assessed the digital competence of the parliament members and concluded that it was too low for them to handle strong passwords and managing two-factor authentication.

Kali Linux + Mr. Robot ARG Society Many of you may have known about the show Mr Robot and its unique connection to Kali Linux. But there is a little bit more that we have not talked about due to NDAs. But it appears the mystery is over, the red tape has been removed, and we now wanted to take a moment to share it with everyone. We had a relationship with Mr Robot, which started during the filming of the 2nd season. While the 1st season was running, we were approached at BlackHat 2015 to give our permission to use Kali in the show. We worked out the legal parts of things (it’s legal to use Kali in media, we don’t care, but studios want that in writing), and starting in the 2nd season from time to time the production staff would reach out to us to ask us questions, have us provide them graphics, provide them with specific versions of Kali that were public on specific dates, and similar to keep the show accurate. We were very impressed with the efforts to keep the show grounded while still carrying on a strong hacking focused narrative. [...] Any show would be nothing without an audience to watch it. Mr Robot is no exception, and after millions of people watched it, communities started to formed (either online or in person). People would discuss previous episodes, predict theories of where the show was going to go, and have watching parties. Its not un-common for shows to have “Easter eggs” embedded in them (these can be are little gems hidden in plain sight, which may give a “head nod” to something, or a spoiler for a up coming event). They are hunted after by people, and adds another level of excitement to re-watch a show. Mr Robot has plenty of them. But where Mr Robot is unique to any other show out, there is (for the time being) an various online elements which links beautifully back into the show. In a sense, these are mini “spin offs” to the show, allowing for people to go further, get interactive and solve challenges in the Mr Robot universe. One (of a few) domains is “Who Is Mr Robot“, which is where there was a lot of focus to solve its challenge(s). This was made up of a collection of virtual terminals all from the show, which has a series of technical challenges to solve.

AES-NI XTS To See 2~3x Performance Recovery After Regressing Hard From Retpolines It turns out the Intel/AMD AES-NI implementation of XTS regressed hard from the Retpolines functionality merged nearly three years ago for mitigating Spectre... But now the crypto performance with the AES-NI XTS implementation is set to recover from that regression with a huge improvement thanks to a new set of patches. It seems AES-NI XTS performance regressing hard from Retpolines went unnoticed when mitigating Spectre. This happened due to extensive use of indirect calls when processing small quantities of data. But thankfully Ard Biesheuvel investigated it and worked out a backport-friendly fix to address most of the regression. But then for future kernel releases is also a rewritten XTS implementation that is more flexible and avoids the nasty issues that led to the poor performance in the first place under Retpolines.