by Thomas Lackey | Jan 22, 2021 | General, Uncategorized
Most of the time, adding a library or package as a dependency to a JavaScript project using yarn (or its ancestor npm) is as simple as typing yarn add the-pkg-i-want to get the latest version. But this article is not about that. This article...
by Bozemanpass Staff | Oct 5, 2018 | General
Big news for those of us who like to go off-piste with our cloud hosted machines: until now “value” cloud provider Digital Ocean only allowed machines to be created from their curated set of OS images (although with some trickery and effort you could...
by David Boreham | Jul 27, 2018 | Security
I noticed some amazing work published earlier this week by researches from EUROCOM, and to be presented at ACM CCS 2018. They were able to recover encryption keys from an IoT type SoC from noise leaked onto the chip’s Bluetooth radio’s RF output. This...
by Thomas Lackey | Mar 21, 2018 | Performance, Programming
In the early days of an application, deploying new features and functionality are at the top of the list. As the number of users grows and the traffic increases, other issues make their way to the forefront. Whether because of complaints from users, monitoring...
by Bozemanpass Staff | Feb 26, 2018 | Security
In our Cyber Security Consulting Practice we get deep into the authentication weeds helping clients ensure their authentication systems are up to date with the latest best practices. So it was with interest that we saw this recent post by Ian Maddox on that very...
by Bozemanpass Staff | Feb 2, 2018 | General
Bozeman Pass engineers were heavily involved with the development of what was once known as Netscape Directory Server, aka iPlanet Directory, aka SunDS, aka Fedora DS, and officially known today as 389 Directory Server. To save some typing and confusion we’ll...
by Bozemanpass Staff | Jan 18, 2018 | Performance
Navin Shenoy from Intel has published results for the performance affects seen after deploying their recent microcode mitigation measures for Spectre and Meltdown vulnerabilities. Unfortunately it seems from another Intel article that those microcode updates may not...
by David Boreham | Jan 18, 2018 | Security
One of those “war stories to tell your grandkids”. David Wragg details his investigation into seemingly random segmentation faults on the Cloudflare Blog. These amazingly enough turned out to be due to a microcode bug in a specific Intel CPU design....
by David Boreham | Jan 11, 2018 | Performance, Security
When the Meltdown and Spectre vulnerabilities were first rumored last year I wondered about something: we’re familiar here with the CPU’s hardware performance counters through our work on software performance analysis and optimization. Briefly, these...
by Bozemanpass Staff | Jan 11, 2018 | Security
Raphael S. Carvalho, a.k.a. utroz has written a nice article showing step by step with ‘C’ source code how an exploit for the Meltdown speculative execution vulnerability would work. has also written a Meltdown vulnerability checker works by attempting to...
Recent Comments