CCSDS guides you to reinvent everything from scratch, I doubt memory safety is the biggest attack surface when you implement this stack. I dont know how big players implement networking for their satellites, but personally I would choose to fit something existing and battle-tested like TLS instead of reinventing data encryption, just look at those documents: https://www.google.com/search?client=firefox-b-lm&q=ccsds+en...
Hey dsab! I agree, but CCSDS is what we have today. We need to support it properly first if we ever want to extend or transition away. It also doesn't help that there's no good open-source implementation of the whole stack, especially the SDLS part, which makes the transition even harder.
On the type-safety side, I found typed combinators really useful for describing parsing and serialising (see my earlier post on ocaml-wire[1]), and keeping the protocol logic pure (separate from I/O) makes the whole thing much easier to test and reason about. OCaml's fuzzing support pairs really well with types too. This is basically the nqsb-TLS approach [2], which has held up in ocaml-tls for a decade.
> battle-tested like TLS instead of reinventing data encryption
Working in the industry, CCSDS SDLS is quite battle tested, albeit in a different way than TLS. It's not reinventing everything from scratch; in most cases, companies have common libraries and services that they've been using since the 90's that implement the standards. I found it interesting that a lot of the CCSDS standards sound a lot like internet standards because many were developed alongside the internet standards, just targeting constrained space systems rather than ground systems.
TLS is difficult because it doesn't work well when you get to large latencies (e.g. 700ms in LEO to ~1.5s in GEO). CCSDS standards target general space systems, so they have to account for that latency.
The TL;DR here (https://ccsds.org/Pubs/350x9g2.pdf) seems to be "AES GCM", but with lots of lots of legacy protocols due to older birds in the sky. DTLS or HTTP3 would seem to be a better choice these days...
I had the misfortune of working with the Xilinx Vivado environment, it's a fucking garbage, the software is straight out of the 90s, everything is glued together with shell scripts and the TCL scripting language, the IDE throws thousands of warnings and errors while building a sample project, the documentation is missing or spread over 150 PDFs, if the manufacturer of your evaluation board prepared an example for the previous version of Vivado, you must have two installations, which is probably about 2 * 100GB, if you want to keep anything under version control, you have to use some external tools, it's all absurd.
I was working in space industry and ECSS security guidelines are missleading grant seeking startups to try to reinvent TLS on orbit. There are to mamy bureaucracy. ECSS guidelines for software teams were created by people who never written a Hello World in their life, just look at specs of ECSS Packet Utilisation Service, it's a joke, that's why I prefer to work for VC funded companies than grant funded.
What is waveform? How it is supposed to impact the debugging process. More info is needed to atract general audience, not everyone is desiging own CPU even here.
Not necessarily, no. I've dabbled in VHDL, but not remotely close to being proficient. Is it useful for that kind of thing? I don't recognize the term.
Maybe this project unlocks be getting into it? But as is, I have no idea if this makes it easier, or is even related.
If you don't know, then you aren't the target audience.
But there are two applications: the first is breaking in to a system under some very obscure set of circumstances that you are very unlikely to encounter in the real world. The second is to bump up your karma on HN.
> If you don't know, then you aren't the target audience.
If you do know, then you also know md5 being broken is really really old news.
Seriously. Cryptographers have been warning that md5 seems weak since 1996. There are probably people reading this thread who weren't even alive yet. (It got totally broken in 2004 but the warning signs were way earlier).
> system under some very obscure set of circumstances that you are very unlikely to encounter in the real world.
Is there any way to use HN karma? Like, can I sell my account on some shady exchange like people sell big twitter accounts? And if I can, what's the going rate for internet points these days? Asking for an unscrupulous friend.
It's actually a bit of a scam because karma accumulates and never expires. I've been on the leaderboard for a long time, not because I'm making particularly valuable contributions (I only post a few times a week) but just because I've been on HN since it launched.
After, sometimes, the initial scanning, the security and AV industry deals with file hashes, not actual files. This means that if you wrote a legitimate, harmful program, and a malicious version with the same hash, you would be able to troll the security rolls in many cases. Basically, those two files would look the same to the security program.
The thing that makes this blog post not realistic is:
* Such tricks would make much more sense with normal programs, where you're trying to trick an user to download and execute it. Webshells are downloaded by the attacker knowingly.
* Md5 is not used anymore (although I know security vendors who used it for embarrassingly long time). If this was SHA256, that attack would be devastating for many more severe reasons.
> The answer is likely wordpress, because its default wp_hash algorithm is still MD5.
That's only true if you ignore all the details.
As usual, you cannot make a coherent understanding on just about any subject by reading headlines alone. Life would have taught you by now that the devil is in the details.
WP uses salt and multiple rounds of hashing, fully mitigating the md5 collisions being topic of discussion here.
So no, wp doesn't "use md5" in the sense that they would be vulnerable to this type of attack.
And as I cannot resist quoting you for trying to smartass while literally not having read the source code the PoC was about:
> As usual, you cannot make a coherent understanding on just about any subject by reading headlines alone. Life would have taught you by now that the devil is in the details.
What is "development process" ??? What is "business use case" of this tool? Such a big readme and no introduction to why I should be interested in this tool.
Which is perfectly fine and a fun thing to do. I personally use the terminal but such a little monitoring tool can be quite fun and we should embrace the fun in doing things more. People over here are so soaked up by the Open Source as a business model VC-Pitch that they can't believe it when someone builds a little hobby tool with no business plan for a multi billion dollar exit. You're doing it right buddy. Don't let these Crypto-SaaS-AI-Bros ruin the fun for you.
> Such a big readme and no introduction to why I should be interested in this tool.
This.
Why in the hell would anyone want to kill random processes that open a port in the tange 2000-6000? And why is this need so pressing as to require a full blown monitor integrated in a task bar?
Without context, this sounds like a complete random silly project that makes no sense and serves no purpose at all.
Without context, it sounds like something someone vibe-coded and git push-ed up to the internet. Which is fine, but it's just unusually precise and verbose for something that would end up being a shell alias for most developers.
