GotaTun Open-Source Rust WireGuard Implementation Announced By Mullvad
The Swedish VPN service Mullvad announced this week GotaTun, an open-source Rust-based WireGuard implementation that is forked from Cloudflare's BoringTun...
https://www.phoronix.com/news/GotaTun-Rust-WireGuard-OSS
To battle test our #OpenSource routing engine Rotonda, we are in dire need of a bare metal server. Can you help us?
We have several offers for #BGP feeds and in-kind rack space, but no capable server to continually run our tests on.
We realise this is a big ask, because it would have to be quite a beefy server with a lot of RAM (128GB+). If you are decommissioning old servers, or know of any way to help our #NonProfit foundation, please reach out.
Sharing is caring. ๐งก
As an update to the #ShadowBunny thread - WSL is now being abused by a ransomware threat actor.
WSL opens up a whole attack surface on Windows. The Defender EDR integration is crap, and an optional bolt on.. and other EDR providers have basically no visibility. Itโs a mess.
Today Confession : just learned about the --rsyncable option for gzip : "When you synchronize a compressed file between two computers, this option allows rsync to transfer only files that were changed in the archive instead of the entire archive" ..
Pantina 13.0 Released As Rust UEFI Firmware Implementation
Pantina 13.0 is now available as this Rust implementation of UEFI firmware. Pantina has been working to replace the core UEFI firmware components in a pure Rust implementation to avoid the use of C code...
https://www.phoronix.com/news/Pantina-13.0-Rust-UEFI-Firmware
Every weekday, it's lit in a different colour. This deep blue stands for Saturday. We need to go further away, and maybe up? Yeah that's betterโฆ wait no, that's too far! A little closer, aaaaand stop. Perfection!
RE: https://infosec.exchange/@InfoSecSherpa/115273423100137828
Please vote for Tracy! She well deserves the recognition for her support of the security community!
Microsoft agrees to 11th hour Win 10 end of life concessions
Consumer org forces Redmond to expunge list of requirements for free ESU in Euro Economic Area, just need a Microsoft account Microsoft will give consumers in the European Economic Area no-strings extended support for the soon-to be-EOL Windows 10.โฆ
#theregister #IT
https://go.theregister.com/feed/www.theregister.com/2025/09/26/not_in_eu_and_want/
๐ช๐บYES: Germany is not supporting the EU's #ChatControl bill as proposed!
The blocking minority needed to stop this illegal mass surveillance plan seems secured (for now). โ
Opposition now also from LU๐ฑ๐บ & SK๐ธ๐ฐ!
Around ten years ago, one of the FreeBSD developers had an SSH key compromised. This key gave access to the machine with our subversion server on it. And, due to how svn worked, every user had write access to the directory containing the repo.
Subversion does not have any way of doing integrity checks, so the recovery process involved (via a script) checking out each revision in turn, then doing the same with a git mirror, and validating that they were the same.
Audit logs showed that the attacker had logged in, tried running a few Linux commands, got error messages, and logged out. We were incredibly fortunate that they didnโt do anything more serious.
Do you run #FreeBSD 15? The #syslog_ng project needs your help! We could not reproduce in-house, but there might be a bug in syslog-ng 4.9.0 related to #inotify on FreeBSD 15. Could you test it in your environment?
https://www.syslog-ng.com/community/b/blog/posts/installing-syslog-ng-4-9-0-on-freebsd
@nixCraft Default htop is acceptable but not extraordinary. Customized though it is a lot better and far more useful at a glance
#OPNsense 25.7 "Visionary Viper" is now available.
OPNsense 25.7 released
PowerDNS Security Advisory 2025-04
(aka PowerDNS Recursor 5.0.12, 5.1.6 and 5.2.4 released)
https://blog.powerdns.com/powerdns-security-advisory-2025-04
It's easy to bash vulnerabilities with logos but... I couldn't resist, say hello to https://http1mustdie.com/ :)
โLatest Spamhaus DROP listings, from the worst of the worst IP traffic:
๐ SBL681532 https://check.spamhaus.org/results?query=SBL681532
๐ SBL681427 https://check.spamhaus.org/results?query=SBL681427
๐ SBL681418 https://check.spamhaus.org/results?query=SBL681418
๐ SBL681417 https://check.spamhaus.org/results?query=SBL681417
๐ SBL681416 https://check.spamhaus.org/results?query=SBL681416
๐ SBL681409 https://check.spamhaus.org/results?query=SBL681409
๐ SBL681408 https://check.spamhaus.org/results?query=SBL681408
๐ SBL681406 https://check.spamhaus.org/results?query=SBL681406
๐ฅ Did you know Spamhaus provides FREE access to anyone who wants to add this layer of protection? โคต๏ธ
Weekend Reads
* A new RPKI design https://arxiv.org/abs/2507.01465
* Finding New IP KVMs https://www.runzero.com/blog/oob-p1-ip-kvm/
* Burner phone basics https://www.hackerfactor.com/blog/index.php?/archives/1071-Feel-the-Burn.html
* Radio frequency basics https://insights.sei.cmu.edu/blog/radio-frequency-101-can-you-really-hack-a-radio-signal/
* Detecting non-spoofed traffic https://labs.ripe.net/author/petros_gigis/openpenny-developing-an-open-source-tool-for-detecting-non-spoofed-traffic/
The EU wants to decrypt your private data by 2030
L: https://www.techradar.com/vpn/vpn-privacy-security/the-eu-wants-to-decrypt-your-private-data-by-2030
C: https://news.ycombinator.com/item?id=44472794
posted on 2025.07.05 at 09:48:33 (c=1, p=7)
The attempts by law enforcement & governments to subvert end-to-end encryption are ongoing. The European Commission is going to spend a year thinking about their new "Roadmap for law enforcement access to data", and they are (genuinely) asking for people to join their expert group to help. Here I urge you to join that group (also because I can't): https://berthub.eu/articles/posts/possible-end-to-end-to-end-come-help/
go to the cloud they said
it'll be fine they said
https://modzero.com/en/blog/when-backups-open-backdoors-synology-active-backup-m365/
