Update Readme with Little Flocker info. #128
Conversation
Added information on JZdziarski's little flocker to protect file system writes. This software is still beta though so it might not be the best fit for the guide. Thoughts?
|
Thanks for bringing this issue to attention, @pwnsdx. It is a troubling read, indeed. I do admire Jonathan Zdziarski's work very much and sincerely trust his good intentions. But you are correct the software is not (yet?) of sufficient quality to make as a default recommendation, at least not without a caveat; I would like to still keep it in the guide - his work needs more scrutiny and feedback - but will make a note to check this conversation for curious minds. Is that satisfactory? |
|
Hello, Sure, thanks you but I think running softwares like Little Flocker or BlockBlock lower the security of Common Sense 2016 by letting believe the user he can run anything including unsigned stuff and he will se it if there is something strange. Regards, |
|
@drduh Little Flocker is still in alpha, but is stable enough for general use. I'll be releasing a beta soon. @pwnsdx seems to think generating a false negative is a "critical vulnerability" or a 0day; that's like saying sending local network traffic with Little Snitch is a 0day. I think we all have better things to do with our time. |
|
I am looking forward to trying the beta product and putting this matter to bed. Agreed the bickering is unproductive; I think we all have the same goals in mind. I'm sure when Little Flocker and similar software reach full maturity, they will be of great benefit to us all. |
|
Funny to see @jzdziarski trying to discredit me in a way that is so lame. Have you counted the ways I've found to bypass partially/entirely your tool? https://gist.github.com/pwnsdx/1afa3f5bd62e661438976ab3c78bd507 Yeah there are a lot. Thanks to me I've reported the majority until you treated me like shit. And FYI, a 0day (https://en.wikipedia.org/wiki/Zero-day_(computing) in case you want to hear about) is an undisclosed vulnerability. These things, I have 5-10 regarding your tool and as I said I won't report them anymore as you treat people like shit. Low or high severity. I really hope they will be fixed before the stable release but for now, people are running on a insecure software so this is why I came up here to ask @drduh if he could fix the text. For my part, even as a "beta", I won't recommend it to be featured on this repo like a trusted tool. The current text is nice and please let it this way until the stable release comes out and a full audit has been made by a trusted third-party. You may be surprised by the ways to bypass LF. Regards, |
|
False negatives are not critical, or even serious, vulnerabilities, nor should anyone consider your findings 0days. The few other bugs you've cited were reported by someone else who was code reviewing the project and have long been fixed. Please stop spamming everybody with your drama. That is all. |
|
Ah, I see what you are trying to do and I'm going to play to that game: And this one is a false negative? https://gist.github.com/pwnsdx/634bf6b8a737b4a512c95ee8c2ea808d |
|
And if you'd have filed that before you were blocked for harassment, this -bug- (but not really a vulnerability, for a number of reasons) would've gotten addressed. Incidentally, what you are doing on this thread is harassment also. I've made it clear I don't want to hear from you. I won't reply to this thread again. My apologies @drduh for letting this drama find its way into your issue. |
|
Said the guy who mentioned me on a topic that is 10 days old. |
|
I don't like it when mommy and daddy fight. |
Added information on JZdziarski's little flocker to protect file system writes. This software is still beta though so it might not be the best fit for the guide. Thoughts?