There's another way to explain the UB: IIRC, any value when stored to a _Bool is supposed to be converted to 0 or 1. The memset() bypasses this rule, boom.
I'm not an expert, but roughly know the numbers. Usually with password-based key derivation, one would increase resource needs (processor time, memory demand) to counter brute forcing. Not an option for a human brain, I guess.
So the key would have to be longer. And random or a lot longer. Over 80 random bits is generally a good idea. That's roughly 24 decimal digits (random!). I guess about 16 alphanumerical characters would do to, again random. Or a very long passphrase.
So either remember long, random strings or doing a lot more math. I think it's doable but really not convenient.
A handful of words is generally more memorizable than the same number of bits as a random alphanumeric string. You wouldn’t need a very long pass phrase for 80 bits as long as you’re using a large dictionary.
I'm confused, is it bare metal or is it an EFI application? (bare metal used to mean that something can run without services, like those that UEFI provides)
That's only true if the markup and JS are also good. If, for sake of argument, the HTML had been badly authored such that the links in that menu were DIVs with click event handlers, rather than real links, then removing CSS would likely make the experience worse rather than better.
I guess that a key point underpinning your comment is that progressive enhancement is still better than assuming all potential users are on the bleeding edge, despite the evergreen update pattern for the most popular 3 or 4 browsers.
Tested with WebKit and Gecko. Apparently the position gets fixed up at runtime if JavaScript is enabled. But why have dynamic elements with CSS if you need JavaScript to fix it?
Ok yeah that's really weird. It uses javascript to unconditionally add the has-sidebar class to <body>. Maybe a limitation of their templating system but that's not really an excuse.
This, having the whole physical memory mapped all the time, reminds me of a another issue that was exploitable in KVM hypervisors [1]. I wonder what is the reason to have it all mapped? Not everybody seems to do it.
Hmmm, it's pretty clear but why the reminder? I read the article hoping to find some enlightenment, something that we can actually do (better) with this information in mind. But I still miss it. Does anybody know?
I got to know UNIX (or rather Linux) about 12 years later. And TBH, I wasn't very impressed. I was like "oh, you have to do all that on the console". That's how green I was :D But then it caught me, and about a month later it was more "WOW, you can really do everything on the conole!"
What eventually helped me to really get into things was Linux From Scratch. If anyone wants to learn how a modern system works under the hood, and like those guys in the article know the very basic, minimal things that keep a system running, I can recommend it very much: https://linuxfromscratch.org/
