told you so
apparently blacklotus is making its rounds. totally bypasses secure
boot, by abusing buggy signed software into granting full access.
exactly what I was talking about in a rant .plan a few months ago
(Security theater round 2) - userspace needs a lot of hardening.
but they are not focusing on that, because actually being secure is not
their priority and vendors only want control. systems like pledge(2)
and unveil(2) are actually technologies that will benefit users way
more than the security theater performed by big corpo. a signed boot
process is utterly meaningless right now.
anyway, today I worked on some prep for op4 ctf in freegearbox:
item_ctfflag.qc item_ctfbase.qc info_ctfspawn.qc info_ctfdetect.qc
item_ctflongjump.qc item_ctfportablehev.qc item_ctfregeneration.qc
item_ctfaccelerator.qc item_ctfbackpack.qc info_ctfspawn_powerup.qc
trigger_ctfgeneric.qc
set up a fresh copy of op4 but had to install a patch for it separately
as half-life 1.1.1.0 does not come with the ctf data... wth?