Re: Does not appear to be (too) malicious ...

From: Mehmet Erol Sanliturk <m.e.sanliturk_at_gmail.com>
Date: Sun, 28 Nov 2021 15:00:48 UTC
On Sun, Nov 28, 2021 at 3:12 PM Marcelo Araujo <araujobsdport@gmail.com>
wrote:

> you all have a lot of free time.
>
>

Actually "no" .
I am retired now and I am not working for anyone , because
(1) health conditions ,
(2) to know too much , no one is liking to see me around her/him with
     fear "He may become boss instead of me" or
            "I may be regarded weak when he work in here" ( <--- These are
experimental results , not assumptions )
<----- This is absolute nonsense
     because I never wanted to be a "boss" or "degrader of the people" ,
but a "scientist" for solving computing   problems encountered by the
people since 1970 having a root since 1965 .


I am still studying very hard up to mostly morning  2.00 to 3.00 .

My most important ( let's say it ) "hobby" is to help to the people to solve
their problems such  ( to prepare software to solve research problems such
data analysis  of PhD theses or more advanced researches , to develop
"knowledge system design and management" software , to try to develop a
"research analysis" software
, ...

Now I will start to develop a new operating system with a permissive
license such as
BSD , etc. , to be able to handle  ( not "Very" , but ) "Large scale
software stacks"
because at present there is no such an operating system .
My multimedia ( data , information , knowledge ) system ( its PhD thesis
name is : A multi-media Information management system ) has hit an internal
limit(s) of both FreeBSD and Linux
and it is not possible to continue to develop it any further because I
could not find why the program is wiped away from the screen without
leaving even a simple message .
Logging is not usable because the last part is completely missing .
Debugging is impossible because a few minute run is using  approximately
entry-exit pairs reaching  at least 500 hundred millions excluding mouse
interrupts , run is based on recursive entries of
a body running correctly with a very large number of re-entries .

To be able to continue , it is necessary to to have a NEW operating system
able to
manage such large systems :

Because :
(1) Used compilation . linking , and execution models are not suitable for
such large systems ,
(2) There is a need to distribute computations over systems . Existing
systems are no more than
 , approximately , NFS .
(3) The present models are not able to find error sources when they occur .
used debugging models can only be used on small systems . They are not able
to detect errors in a large distributed system ,
(4) Present time hardware is designed for a single user , connected with a
network facility .
They are not secure , and it is not possible to generate a very secure
system .
The need is to design a new hardware computing system being able to support
software
running over it .
    .
    .
    .
    .
    .
And many more completely "CRAZY" ideas about " ... software development "
...
    .
    .
    .
    .
    .


It is possible to see that there is NO FREE and WASTABLE TIME  ...

Trying to help people is important for me because I gained my knowledge
solely based on work and help from my predecessors . Now it is the time to
pay back their contributions to newcomers when I am able to do it and have
sufficient ability for it .


The state is this .

With my best wishes for all .



Mehmet Erol Sanliturk








> On Sun, Nov 28, 2021, 18:14 Mehmet Erol Sanliturk <m.e.sanliturk@gmail.com>
> wrote:
>
>> On Sun, Nov 28, 2021 at 12:17 PM Stefan Esser <se@freebsd.org> wrote:
>>
>> > Am 28.11.21 um 02:06 schrieb Mario Lobo:
>> > > On Sat, Nov 27, 2021, 20:27 George Mitchell <george+freebsd@m5p.com>
>> > wrote:
>> > >
>> > >> On 11/27/21 17:40, Obsto Clades via freebsd-hackers wrote:
>> > >>> I hacked on the FreeBSD source code to produce a version of the OS
>> that
>> > >>> cannot be remotely hacked.  Before you tell me that is impossible, I
>> > >>> have an answer to that response on my FAQ page.
>> > >>>
>> > >>> If you are interested in checking out my OS, you can find
>> instructions
>> > >>> on my site's home page:  https://obstoclades.tech/
>> > >>>
>> > >>> I invite you to check it out.
>> > >>>
>> > >>
>> > >> Hmm, my mother told me never to click on links in strange emails ...
>> > >> -- George
>> > >>
>> > >
>> > > curl http://obstoclades.tech
>> > [...]
>> > >        <p class="red">Connection denied by Geolocation Setting.</p>
>> > >        <p><b> Reason: </b> Blocked country: <font color="red">
>> </font>
>> > </p>
>> > >        <p>The connection was denied because this country is blocked in
>> > the
>> > > Geolocation settings.</p>
>> > >        <p>Please contact your administrator for assistance.</p>
>> > >      </div>
>> > >      <div class="band">WatchGuard Technologies, Inc.</div>
>> > >    </div>
>> > >  </body>
>> > > </html>
>> >
>> > $ fetch --no-verify-peer -v -o /tmp/obstoclades.html
>> > https://obstoclades.tech
>> > resolving server address: obstoclades.tech:443
>> > SSL options: 82004854
>> > Verify hostname
>> > TLSv1.3 connection established using TLS_AES_256_GCM_SHA384
>> > Certificate subject: /CN=obstoclades.tech
>> > Certificate issuer: /C=US/O=Let's Encrypt/CN=R3
>> > requesting https://obstoclades.tech/
>> > fetch: https://obstoclades.tech: size of remote file is not known
>> > local size / mtime: 34916 / 1638088913
>> > /tmp/obstoclades.html                             34 kB  181 kBps    00s
>> >
>> > There is actual contents in this file, and it does not seem to contain
>> any
>> > malicious parts. It starts with:
>> >
>> > <!DOCTYPE html>
>> > <!--
>> >       File:  ObstoClades.html
>> >       Copyright (c) 2021 Obsto Clades, LLC
>> >  -->
>> > <html lang="en">
>> >   <head>
>> >     <meta charset="UTF-8">
>> >     <title>Security is a Joke</title>
>> >     <meta name="description"
>> >           content="This demonstrates a modified BSD Operating System
>> > designed
>> > to prevent remote hacking of single-purpose computer systems.">
>> >     <link rel="stylesheet" type="text/css" href="/css/obstoclades.css"/>
>> >     <link rel="icon" type="image/x-icon" href="/favicon.ico"/>
>> >     <script
>> > src="https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
>> > "></script>
>> >     <script src="js/obstoclades.js" defer="defer"></script>
>> >   </head>
>> >
>> > And besides the jquery.min.js dowloaded from ajax.googleapis.com only
>> the
>> > following short and apparently benign script is downloaded as
>> > obstoclades.js:
>> >
>> > /*
>> >  * File:  obstoclades.js
>> >  * Copyright (c) 2017 Obsto Clades, LLC
>> >  */
>> >
>> > $(document).ready(function()
>> > {
>> >     var $content = $(".content").hide();
>> >     $(".img").on("click", function (e)
>> >     {
>> >         $(this).parent().parent().toggleClass("expanded");
>> >         var ttt = $(this).parent().children(".tooltiptext");
>> >         if ($(this).parent().parent().hasClass("expanded"))
>> >         {
>> >                 ttt.replaceWith("<span class=\"tooltiptext\">Click to
>> > close</span>");
>> >         }
>> >         else
>> >         {
>> >                 ttt.replaceWith("<span class=\"tooltiptext\">Click to
>> > open</span>");
>> >         }
>> >         $(this).parent().parent().next().slideToggle();
>> >     });
>> >     var textHeight = $("#left-side-header-text").height();
>> >     $("#old_english_sheepdog").height(textHeight).width(textHeight);
>> >     $("#button").click(function()
>> >     {
>> >         $("#contactus-form").submit();
>> >     })
>> > });
>> >
>> > He invites to attack his server using a SSH login with provided
>> > credentials,
>> > and offers US$1000 for any successful modification of the test server.
>> See
>> > the following video, which shows that root on the consonle and root via
>> su
>> > in the SSH session get quite different environments:
>> >
>> > https://obstoclades.tech/video/demo-video.mp4
>> >
>> > This looks like a setup with lots of restrictions applied, probably
>> noexec
>> > mounts of temporary file systems and the like, possibly jails and/or MAC
>> > restrictions.
>> >
>> > He thinks that an embedded system configured that way could not be
>> > attacked,
>> > but explains that his concept is limited to e.g. IoT use cases (what he
>> > calls "single-purpose computer system").
>> >
>> > Anyway, I could not find any malicious content on the web server.
>> Accessing
>> > with a SSH session (obviously configured to not allow backwards
>> tunneling)
>> > should also not be too dangerous from a dumb terminal (but beware of
>> escape
>> > sequence attacks possible with ANSI terminals, e.g. reprogramming of
>> > function
>> > keys with "ESC[code;string;...p").
>> >
>> > It looks to me like kind of a honeypot setup gathering attack attempts
>> to
>> > see whether a throw-away system can withstand them. All attack attempts
>> are
>> > logged, either to learn how to perform them, or to actually improve the
>> > security of his protection concept in case of a successful break-in.
>> >
>> > Regards, STefan
>> >
>>
>>
>> The message above is really a very good one because of its information
>> content .
>>
>> As a response to my message in the following link
>>
>>
>> https://lists.freebsd.org/archives/freebsd-hackers/2021-November/000515.html
>>
>> Obsto Clades asked me with a private message , approximately ,
>>
>> " I am connecting to the web site ... without any such message .
>>
>> Do you have more information ? " .
>>
>> I replied , "No ."
>>
>>
>> When the following link ( please notice that  it is  http , not https )
>>
>>
>> http://obstoclades.tech/
>>
>>
>> the response of Firefox ( 57.0.1) is the following :
>>
>> --------------------------------------------------------
>>
>> Connection denied by Geolocation Setting.
>>
>> * Reason: * Blocked country:
>>
>> The connection was denied because this country is blocked in the
>> Geolocation settings.
>>
>> Please contact your administrator for assistance.
>> WatchGuard Technologies, Inc.
>>
>>
>> --------------------------------------------------------
>>
>>
>>
>> When the following link ( please notice that  it is  https , not http )
>>
>>
>> https://obstoclades.tech/video/demo-video.mp4
>>
>>
>> the response of Firefox ( 57.0.1) is the following :
>>
>> --------------------------------------------------------
>>
>>
>> Your connection is not secure
>>
>> The owner of obstoclades.tech has configured their website improperly. To
>> protect your information from being stolen, Firefox has not connected to
>> this website.
>>
>> Learn moreā€¦
>>
>> Report errors like this to help Mozilla identify and block malicious sites
>>
>>
>>
>> --------------------------------------------------------
>>
>>
>> In "Learn more ..."
>>
>> the linked page is
>>
>>
>> https://support.mozilla.org/en-US/kb/error-codes-secure-websites?as=u&utm_source=inproduct
>> How to troubleshoot security error codes on secure websites
>>
>>
>> There are 2 knobs not copyable :
>>
>> (1) Go back
>>
>> (2) Advanced
>>
>>
>> When "Advanced" is clicked ( there is no linked page )  ,
>>
>> the following message is displayed :
>>
>>
>>
>>
>> --------------------------------------------------------
>>
>>
>> obstoclades.tech uses an invalid security certificate.
>>
>> The certificate is not trusted because it is self-signed.
>> The certificate is not valid for the name obstoclades.tech.
>>
>> Error code: SEC_ERROR_UNKNOWN_ISSUER
>>
>>
>> --------------------------------------------------------
>>
>>
>>
>> With a knob ( without any linked page ) as follows :
>>
>>
>> "Add Exception ..."
>>
>>
>> with an dialog pane display to add an exception for that page
>>
>> ( which I did not added because  website owner may correct her/his
>> certificate
>>
>> or configuration of the website ) .
>>
>>
>> With my best wishes for all ,
>>
>>
>> Mehmet Erol Sanliturk
>>
>