I really wonder wtf Github is doing. Cache poisoning issues like this are so easily solved at the platform level by ensuring that pull_request_target caches live can only write cache changes to a different namespace that cannot be read from normal workflows. Furthermore, the fact that the cache actions can write caches even though the workflow only has read permissions is just bad security design.
Another worry that I've had recently is that anybody who is able to get Github push access, can push new releases with malicious assets. Even if you have branch protection and environments, it doesn't do anything: the attacker can simply create a new workflow, push to a branch (which runs that workflow), and then the workflow creates a new release. No merge to main needed, pull request reviews bypassed. I want a policy that says "only this environment can create releases" (and "this environment can only be triggered by this workflow from this branch") but that's not possible.
1. shells support the notion of privileged commands, that can't be overridden with PATH manipulations, aliases or functions.
2. Sudo (or PAM actually) can authenticate with your identity provider (like Entra ID) instead of a local password. Then there is nothing to sniff and you can also use 2FA or passkeys.
Neither would actually help in this case though. Malware could manipulate both of those as an unprivileged user to run malicious code the next time you elevate privileges.
Remember that malware can replace or modify your shell
No? The shell must be listed in /etc/shells, it can't be an arbitrary command. And after elevating privileges you have to run the malware (which could only be written to home or tmp) for it to work, but sudo already scrubs the environment.
So the main danger is that you're not running the real sudo.
I have an idea that I hope to implement one day to make sudo actually secure:
1. Authenticate with passkeys (webauthn) instead of passwords.
2. Sudo can only run an interactive root shell, not arbitrary commands. The session is time-bound, and the TTY output is recorded for auditing purposes.
This combination makes intercepting sudo largely useless. Passkey authentication cannot be replayed or relayed. The fact that sudo can only open an interactive shell makes it impossible for a sudo wrapper to pass a malicious to sudo. This way we're not dependent on whether the unprivileged shell is secured properly. It also solves approval fatigue (compared to running sudo separately for every command).
----
EDIT: now that I think about it: an attacker can still edit .bash_profile and reexec the shell in a malicious terminal emulator. Then when the user gets a sudo root shell, the malicious terminal emulator can inject malicious commands.
Looks like the only good way is to get a root privileges via a separate user account that doesn't have malware, and that also can't easily install malware (e.g. accidentally running npm, forgetting that that's not safe).
Heck China has been in this exact predicament for decades. They imported all the foreign technology they can, while simultaneously learning all they can to make things themselves and stop being dependent. After 50 years it's finally paying off. They could not be where they are now had they blocked all foreign imports from the start.
Technology and know-how transfer was exactly the price paid by western companies for outsourcing to China. The companies got increased profits for few years and at the same time trained their future competition.
For example:
"Apple is considered the "Great Teacher" of China for playing a pivotal role in upgrading the nation's industrial, manufacturing, and technological skills over the past 25 year"
This can be said of any human in any context. The juniors that work in your company can become your future competitors. Yet nobody concludes "never hire juniors".
How about you focus on increasing your own cheap production first instead of focusing on whether depency is problematic?
Dependency is only problematic if you lack an alternative, and nobody is developing alternatives.
My gawd, lots of people in Netherlands want to contribute to the green ecosystem but govt can't even get permitting straight and everything is gridlocked. The electric grid is full and new houses and companies can't be connected to the grid, wnd if you want to install a heat pump or an AC then there are thousands of rules and anybody else in the neighborhood can block you for the slightest thing.
Less talking and more doing. The Chinese at least are all do and almost no talk.
I find western obsession with "being able to critique X" very weird because it stops at just that. There's very little attention paid to whether the critique produces useful outcomes. While cost of living, energy scarcity, employment, education, wars, etc are all getting worse, people focus on being able to insult the president as the ultimate freedom, even when that achieves nothing.
Meanwhile in China, you can't change the ruling party but you can change policies. They restrict media and speech freedom, but they also work tirelessly to improve the livelihoods of the people.
If the west chooses the value empty talk over outcomes, fine, you have the right to choose that. But no need to force that value on other societies. China and Chinese society at large has the right value unity and livelihood over speech. They have the right to prefer what westerners call an "authoritarian" government that delivers on those values, without getting demonized. They're not forcing their way on you, no need for you to force your way on them.
Go travel to lower tier cities and rural places in China. The development those places have gotten in the past decade are huge. Go talk to regular people ask them to compare 10 years ago with now.
You can travel to Xinjiang and witness for yourself whether religious people and minorities live in daily fear of concentration camps and organ harvesting. There are no special travel restrictions beyond standard country-wide visa requirements. If you're in a western country then odds are you can enter visa-free.
Go to Russia and ask the average person on the street what they think of Putin. Thing is, the people who had to be afraid are already long gone. The rest just didn't care or tried to stay safe rather than prioritizing their beliefs and principles.
You really think the people who are left on the streets feel free to speak their minds if it would conflict with what the Politburo is enforcing?
I'm not asking you to hear what they say, I'm asking you feel their fear (or lack thereof). If all the allegations are true then they don't need to say anything, you can feel the fear effortlessly, there's no hiding that. Also, nobody is stopping you from interacting with them in a place without cameras and witnesses.
Also, China has got nearly nothing in common with Russia. Don't lazily lump them together just because western popular thought likes to put the same label on them.
I mean, catholic priests do get taken every year in china by the government. Outside reporters do have very significant evidence of organ harvesting. You can say that you wont feel fear from the people in china, but that doesn't really change the truth.
In china they imprison priests for existing. And sure, they have the right to prefer that, but I can demonize them all I want. If you are the type of person to say the government, made up of people like you, should be able to tell you what to do without voting on if they should be in government at all you are foolish. There is one ethical form of government and it is democracy. Also, they regularly attempt to force their inferior ways onto others. Look at North Korea's obsession with South Korea. China's obsession with Taiwan. Russia's obsession with Ukraine (not really too much of a democracy there though o algo). There is no such thing as a country of that type having freedom to vote and freedom to speak because as soon as you give people those freedoms they choose a different system. It is no different than slavery.
You ought to travel to China and tell these things (just the parts about China and Taiwan, Russia/Korea etc irrelevant) to locals. In private, in a place with no cameras and no other onlookers, just to sooth your paranoia. People will laugh in your face. Maybe they'll even tell you where to find a church/mosque so you can attend a sermon or bid in the direction of Mecca or whatever.
While you're at it, go look for elderlies in their 80s or older, who were born before the People's Republic's founding. Maybe they even witnessed the democratic era of the early Republic (not People's Republic). Go tell them your maximalist thoughts about democracy and see how they respond.
You think this window is short? We've been dealing with this for years and years, and to me it seems more like incumbent manufacturers are too comfortable milking cash cows.
That's only for normal RAM. I'm talking about broader aspect: HBM shortage and high prices have been around for longer, and Chinese manufacturers are also climbing up and expanding there.
I've found FTSE5 not useful for serious fuzzy or subword full text search. For example I have documents saying "DaemonSet". But if the user searches for "Daemon" then there will be no results.
I have found this as well, FTSE5 is convenient to have as an option, but it's not as versatile as postgres or sonic or other full-text search solutions.
Does anyone have any other favorite modern bloom-filter-based search solutions that dont need to store copies of all the documents in the search db? Ideally something that can run in WASM too so we can ship a tiny search index to the browser. I found https://github.com/tinysearch/tinysearch but haven't tried it yet.
You are right. I assumed it would be full of junk like most meat substitute products. But I took a look at the ingredients list of the Dutch version, it seems the preservative (potassium lactate) is the only problem, everything else seems acceptable. I'm quite surprised by how decent the ingredients are.
Still, I don't really have a reason to buy it. I don't avoid meat. I specifically eat beef for, for example, creatine and iron. But I guess it is good for people who crave beef yet have an ideological resistance against meat, a niche which I'm not sure how big it is.
Supermarket burger patties all have nitrates to cure/preserve them which turn into nitrosamines when cooked (carcinogenic). Same goes for bacon etc. I'm actually super appalled how the agrolobby with its full-page ads was able to turn something healthy into something being viewed as chemical and unhealthy.
Another worry that I've had recently is that anybody who is able to get Github push access, can push new releases with malicious assets. Even if you have branch protection and environments, it doesn't do anything: the attacker can simply create a new workflow, push to a branch (which runs that workflow), and then the workflow creates a new release. No merge to main needed, pull request reviews bypassed. I want a policy that says "only this environment can create releases" (and "this environment can only be triggered by this workflow from this branch") but that's not possible.
Github, please step up.
reply