1 pointIntroducing Mattbox2 Written by myself, @Tustin and CyberNomadic, Mattbox2 is a chatbox application that just works. Chatting on a website should not be a difficult or slow task; it should be fast, and most importantly it should do what it is supposed to. Mattbox2 is written on the Laravel 5.6 framework, features a usergroup/permissions system, an easily-expanded commandset with infinite arguments, and an easy to use invite system. We have numerous new features coming soon including an enhanced editor and more in-chat support for automatic parsing of content/media. I'd like to take this chance to thank Tustin and CyberNomadic for all their help with the project. You can check out the source code over in our github repo.
1 pointKnock Knock, it's Spectre! Yet again, security researchers from Microsoft and Google's Project Zero have found a fourth variant of the Meltdown-Spectre security flaws that impacted almost all modern CPUs. This new variant is dubbed Spectre-Next Generation or more simply as Variant 4 (CVE-2018-3639). Just like Variant 1 & 2, Variant 4 takes advantage of speculative execution to potentially expose sensitive data through a side channel. TheHackerNews tells us more about Speculative execution below: This is good for general computers, since the CPU is constantly having different things thrown at it. The bad thing is that the design on this feature can be exploited to trick the CPU into revealing sensitive information. This can be anything ranging from passwords to encryption keys stored for disk encryption. Unfortunately, since speculative execution is a feature in almost every modern processor, it can affect Intel, AMD and even ARM -- and it doesn't even stop there! IBM's Power 8, Power 9 and System z CPUs are also affected by this. To get a grasp on what and how this exploit can work, Red Hat Linux has provided us with a video: Moreover, Intel has classified Variant 4 as "medium risk" since many of the exploits that Speculative Store Bypass attack would exploit were fixed by browsers like Safari, Edge, and Chrome during the last craze. From Intel: And we haven't even gotten to the really bad news yet. According to some tests performed by Intel, you can expect a performance hit ranging from 2 to 8 percent. To keep as much performance as possible however, this new Variant 4 mitigation will be disabled by default, giving the users the unworldly "choice" of whether they want it on or not. Sources: https://thehackernews.com/2018/05/fourth-critical-spectre-cpu-flaw.html https://thehackernews.com/2018/05/intel-spectre-vulnerability.html https://www.intel.com/content/www/us/en/architecture-and-technology/facts-about-side-channel-analysis-and-intel-products.html https://www.theverge.com/2018/5/21/17377994/google-microsoft-cpu-vulnerability-speculative-store-bypass-variant-4