Re: [9fans] Plan 9 security
I don't think OpenBSD will run on an ESP-32. That is part of the problem with IoT, the nodes are made on the cheap and thus use the cheapest viable network capable device. On Tue, 20 Aug 2019 at 00:54, Ethan Gardener wrote: > On Mon, Aug 19, 2019, at 12:53 PM, Cyber Fonic wrote: > > > > It has been said : "The 'S' in IoT stands for security". If Plan9 can > address that deficiency of the current state of the art for IoT devices, > then it would be a worthwhile exercise. > > Plan 9 may have a decent security model, but it's never been audited. > Auditing a codebase, even one as small as Plan 9's, is a lot of work. Are > you willing to make a start on it? > > If you want something free and already audited, with more security > features, (but perhaps not quite the same convenience,) look into OpenBSD. > > -- > I love that *Open*BSD is so *security*-focused! > >
Re: [9fans] Plan 9 security
Fwiw Plan 9’s code vase has indeed been audited. By me. Several exploitable bugs were found including a kernel exploit due to the env driver. I wrote a working PoC for it which is somewhere on the internet, but it’s quite old. Much of the code hasn’t changed, and, I would suspect, is largely secure. But you’re talking implementation security versus architectural security. In the case of IoT, Plan 9 does exceptional things to close the gaps that embedded systems supply its users, but it is nowhere near complete. Notably, a trusted root environment needs to be added - which Plan 9 only slightly addresses. Best, D > On Aug 20, 2019, at 9:13 AM, Cyber Fonic wrote: > > I don't think OpenBSD will run on an ESP-32. That is part of the problem > with IoT, the nodes are made on the cheap and thus use the cheapest viable > network capable device. > >> On Tue, 20 Aug 2019 at 00:54, Ethan Gardener wrote: >> On Mon, Aug 19, 2019, at 12:53 PM, Cyber Fonic wrote: >> > >> > It has been said : "The 'S' in IoT stands for security". If Plan9 can >> > address that deficiency of the current state of the art for IoT devices, >> > then it would be a worthwhile exercise. >> >> Plan 9 may have a decent security model, but it's never been audited. >> Auditing a codebase, even one as small as Plan 9's, is a lot of work. Are >> you willing to make a start on it? >> >> If you want something free and already audited, with more security features, >> (but perhaps not quite the same convenience,) look into OpenBSD. >> >> -- >> I love that *Open*BSD is so *security*-focused! >>
Re: [9fans] Plan9 on radpberry pi zero ?
> Board with K210 from Kendryte: > https://ru-m.banggood.com/Sipeed-Maix-BIT-RISC-V-Dual-Core-64bit-CPU-With-FPU-AI-Module-Core-Board-Development-Board-Mini-PC-Learning-Board-p-1453873.html?gmcCountry=RU¤cy=RUB&cur_warehouse=CN&createTmp=1&ID=326941415&utm_source=googleshopping&utm_medium=cpc_bgcs&utm_content=lijing&utm_campaign=pla-rug-rm-cart-0802-mb&ad_id=375319756499&gclid=CjwKCAjwkenqBRBgEiwA-bZVtrVYU5BLvdqcXpQs-nT-R8ngDuLXHRGUHfdzpt4ui8G0W8UWQHxc2BoCzm0QAvD_BwE > > пн, 19 авг. 2019 г., 17:45 Ethan Gardener : > >> On Fri, Aug 16, 2019, at 2:26 PM, Олег Бахарев wrote: >>> >>> Do you mean something like BlackIce II (I'm under RV32I)? There is still >>> one interesting board (inexpensive) on the RISC V 64 bit (RV64IMAG) - if >>> you want I will show where to get >> >> Yes please Cleaned up link with trackers removed: https://www.banggood.com/Sipeed-Maix-BIT-RISC-V-Dual-Core-64bit-CPU-With-FPU-AI-Module-Core-Board-Development-Board-Mini-PC-Learning-Board-p-1453873.html
Re: [9fans] Plan9 on radpberry pi zero ?
On 8/20/19, raingloom wrote: >> Board with K210 from Kendryte: For the curious (and I'm going to bookmark this so I can show my colleagues what happens when too much data is shipped to a browser, mindlessly), there are what look like full-sized images reduced to thumbnails that were still downloading when I started this message, on that page. Thank you for the pointer, in any case. Lucio. PS: Those images would probably be still loading...
