lawl

lawl

Member Since 11 years ago

Experience Points
72
follower
Lessons Completed
4
follow
Lessons Completed
16
stars
Best Reply Awards
18
repos

150 contributions in the last year

Pinned
⚡ Real-time microphone noise suppression on Linux.
⚡ Aero like snap feature for openbox.
⚡ devolo configuration file decrypter and 1337 root exploit
Activity
May
20
1 day ago
Activity icon
issue

lawl issue comment noisetorch/NoiseTorch

lawl
lawl

update README.md

Adding information about removal procedure

lawl
lawl

I've moved this to an org and added you, csn you confirm you can merge these yourself now?

Activity icon
issue

lawl issue lawl/NoiseTorch

lawl
lawl

Future of noisetorch

Some people seems to still want to maintain this. I don't know if i still can.

What of we move this project to an org, add some people, and then end me here.

Activity icon
issue

lawl issue comment lawl/NoiseTorch

lawl
lawl

Conduct an Audit

I assume you have regained control of your security keys.

I think this project is large enough to fund an open source audit to alleviate any concerns about security compromises.

These things can happen and there are things the repository owners can do to address it.

Initial research shows an audit taking about US$100/1000 lines of code.

Perhaps consider starting a fundraiser for it @lawl ?

lawl
lawl

Found a very suspicious process in htop. Paniced. Later straced it and it was looking for wallet.dat. The OS itself was fairly fresh (q3 ish?).

Sorry i dont think i have any logs or anything that isnt deleted. As you may see from my history, i paniced fairly hard.

May
19
2 days ago
Activity icon
commit_comment

lawl/NoiseTorch

Activity icon
issue

lawl issue comment lawl/NoiseTorch

lawl
lawl

Delete vendor folder - Go mod allows developers to keep dependencies local

During this audit, it would be helpful to remove unnecessary code from this repository. Currently, the project is storing it's dependencies in git; however, since it's using Go mod this is not necessary.

It's common practice to keep the vendor folder in the .gitignore file to keep repository size down. You can repopulate the vendor folder locally by running go mod vendor.

@lawl you mentioned that the most likely area for unauthorized code would be in the large commits containing dependencies. This change should eliminate that possibility.

lawl
lawl

that depends entirely on what you want to achieve. i don't feel like debating the pros and cons of pushing the vendor folder right now.

Activity icon
issue

lawl issue comment lawl/NoiseTorch

lawl
lawl

Conduct an Audit

I assume you have regained control of your security keys.

I think this project is large enough to fund an open source audit to alleviate any concerns about security compromises.

These things can happen and there are things the repository owners can do to address it.

Initial research shows an audit taking about US$100/1000 lines of code.

Perhaps consider starting a fundraiser for it @lawl ?

lawl
lawl

@fuomag9 as i wrote somewhere else, this is an IPv4 NAT server with like 20 ports per VM, this is entirely expected.

Activity icon
issue

lawl issue comment lawl/NoiseTorch

lawl
lawl

Conduct an Audit

I assume you have regained control of your security keys.

I think this project is large enough to fund an open source audit to alleviate any concerns about security compromises.

These things can happen and there are things the repository owners can do to address it.

Initial research shows an audit taking about US$100/1000 lines of code.

Perhaps consider starting a fundraiser for it @lawl ?

lawl
lawl

since someone asked, my assumption right now is that it was most likely just someone looking for bitcoin wallets. still not sure how they got in exactly, and now sure if we'll ever know, but as i already said, probably nothing. and no bitcoin either.

Activity icon
issue

lawl issue comment lawl/NoiseTorch

lawl
lawl

Conduct an Audit

I assume you have regained control of your security keys.

I think this project is large enough to fund an open source audit to alleviate any concerns about security compromises.

These things can happen and there are things the repository owners can do to address it.

Initial research shows an audit taking about US$100/1000 lines of code.

Perhaps consider starting a fundraiser for it @lawl ?

lawl
lawl

Wouldn't it be good enough to check the latest commits?

i'm now assuming it must likely have occured sometime in the second half 2021.

Activity icon
issue

lawl issue comment lawl/NoiseTorch

lawl
lawl

Conduct an Audit

I assume you have regained control of your security keys.

I think this project is large enough to fund an open source audit to alleviate any concerns about security compromises.

These things can happen and there are things the repository owners can do to address it.

Initial research shows an audit taking about US$100/1000 lines of code.

Perhaps consider starting a fundraiser for it @lawl ?

lawl
lawl

yeah you can remove the remote server that's being pinged by people's builds by... shipping a new binary. otherwise, yeah the whole update code has to be ripped out at some point, but that's easy and not a problem.

pull request

lawl pull request lawl/NoiseTorch

lawl
lawl

Delete vendor folder - Go mod allows developers to keep dependencies local

During this audit, it would be helpful to remove unnecessary code from this repository. Currently, the project is storing it's dependencies in git; however, since it's using Go mod this is not necessary.

It's common practice to keep the vendor folder in the .gitignore file to keep repository size down. You can repopulate the vendor folder locally by running go mod vendor.

@lawl you mentioned that the most likely area for unauthorized code would be in the large commits containing dependencies. This change should eliminate that possibility.

Activity icon
issue

lawl issue comment lawl/NoiseTorch

lawl
lawl

Delete vendor folder - Go mod allows developers to keep dependencies local

During this audit, it would be helpful to remove unnecessary code from this repository. Currently, the project is storing it's dependencies in git; however, since it's using Go mod this is not necessary.

It's common practice to keep the vendor folder in the .gitignore file to keep repository size down. You can repopulate the vendor folder locally by running go mod vendor.

@lawl you mentioned that the most likely area for unauthorized code would be in the large commits containing dependencies. This change should eliminate that possibility.

lawl
lawl

if you can repopulate it the exact same way, why does it matter to you? self contradictory.

Activity icon
issue

lawl issue comment lawl/NoiseTorch

lawl
lawl

Conduct an Audit

I assume you have regained control of your security keys.

I think this project is large enough to fund an open source audit to alleviate any concerns about security compromises.

These things can happen and there are things the repository owners can do to address it.

Initial research shows an audit taking about US$100/1000 lines of code.

Perhaps consider starting a fundraiser for it @lawl ?

lawl
lawl

@Xunjin litterally all of them. These are just where i'd hide as an attacker, probably. As always absence of evidence != evidence of absence.

Activity icon
issue

lawl issue comment lawl/NoiseTorch

lawl
lawl

Conduct an Audit

I assume you have regained control of your security keys.

I think this project is large enough to fund an open source audit to alleviate any concerns about security compromises.

These things can happen and there are things the repository owners can do to address it.

Initial research shows an audit taking about US$100/1000 lines of code.

Perhaps consider starting a fundraiser for it @lawl ?

lawl
lawl

Its a tiny vm with natted ipv4.

May
18
3 days ago
Activity icon
issue

lawl issue comment lawl/NoiseTorch

lawl
lawl

Conduct an Audit

I assume you have regained control of your security keys.

I think this project is large enough to fund an open source audit to alleviate any concerns about security compromises.

These things can happen and there are things the repository owners can do to address it.

Initial research shows an audit taking about US$100/1000 lines of code.

Perhaps consider starting a fundraiser for it @lawl ?

lawl
lawl

Ok ive pointed the readme to this thread. If we can get enough people to check the code, maybe we can work from there.

Activity icon
issue

lawl issue lawl/NoiseTorch

lawl
lawl

Do I have a virus now? :eyes:

I've been running noise torch from source off nixpkgs: https://github.com/NixOS/nixpkgs/blob/master/pkgs/applications/audio/noisetorch/default.nix. Has the source itself been compromised? Or just whichever compiled binaries?

Activity icon
issue

lawl issue comment lawl/NoiseTorch

lawl
lawl

Do I have a virus now? :eyes:

I've been running noise torch from source off nixpkgs: https://github.com/NixOS/nixpkgs/blob/master/pkgs/applications/audio/noisetorch/default.nix. Has the source itself been compromised? Or just whichever compiled binaries?

lawl
lawl

Nobody knows, and absence of evidence isn't evidence of absence. You'll need to use your own risk judgement for now, sorry.

Activity icon
issue

lawl issue comment lawl/NoiseTorch

lawl
lawl

Conduct an Audit

I assume you have regained control of your security keys.

I think this project is large enough to fund an open source audit to alleviate any concerns about security compromises.

These things can happen and there are things the repository owners can do to address it.

Initial research shows an audit taking about US$100/1000 lines of code.

Perhaps consider starting a fundraiser for it @lawl ?

lawl
lawl

82.118.227.155 have you checked this isnt the update server? Does noisetorch.epicgamer.org resolve there?

Activity icon
issue

lawl issue comment lawl/NoiseTorch

lawl
lawl

Conduct an Audit

I assume you have regained control of your security keys.

I think this project is large enough to fund an open source audit to alleviate any concerns about security compromises.

These things can happen and there are things the repository owners can do to address it.

Initial research shows an audit taking about US$100/1000 lines of code.

Perhaps consider starting a fundraiser for it @lawl ?

lawl
lawl

Yes upx was on purpose, but ypu shouldnt trust me when i say hjat because i already said my sytem(s?) were compromised.

Activity icon
issue

lawl issue comment lawl/NoiseTorch

lawl
lawl

This project is not dead. Because is live in our heart

@lawl thank you for this awesome project.

we will always love you and this project. ❤️

lawl
lawl

For speed's sake, I'm going to assume that official GoLang packages are safe to use

yes, i consider golang/org part of my trusted computing base, since well, i'm using their compiler, so....

Activity icon
issue

lawl issue comment lawl/NoiseTorch

lawl
lawl

Alternative / Spiritual Successor https://github.com/werman/noise-suppression-for-voice

https://github.com/werman/noise-suppression-for-voice

lawl
lawl

how can it be a spiritual successor if i contributed the algorithm people seem to like about noisetorch there before actually making noisetorch :thinking: ?

Activity icon
issue

lawl issue comment lawl/NoiseTorch

lawl
lawl

This project is not dead. Because is live in our heart

@lawl thank you for this awesome project.

we will always love you and this project. ❤️

lawl
lawl

https://github.com/lawl/NoiseTorch/commit/8c34658b64f1efeab501bef57d2bfa9579fe34e2 https://github.com/lawl/NoiseTorch/commit/38787e4195f2a34d7ec4421caf17cb99bc31fa2b

are imo the least likely candidates where one would hide a backdoor, i had reviewed the entire diff i vendored. I take dependencies seriously. But who knows, if my system was compromised, was it showing the right things?

How would one trust your review?

Activity icon
issue

lawl issue comment lawl/NoiseTorch

lawl
lawl

This project is not dead. Because is live in our heart

@lawl thank you for this awesome project.

we will always love you and this project. ❤️

lawl
lawl

To move forward, however, I need to know the scope of the breach, including how long this has been going on for. What's the nature of the compromise? I need to know if my systems are still secure, or if I need to delete everything.

I'd like to know that too.

Activity icon
issue

lawl issue comment lawl/NoiseTorch

lawl
lawl

Conduct an Audit

I assume you have regained control of your security keys.

I think this project is large enough to fund an open source audit to alleviate any concerns about security compromises.

These things can happen and there are things the repository owners can do to address it.

Initial research shows an audit taking about US$100/1000 lines of code.

Perhaps consider starting a fundraiser for it @lawl ?

lawl
lawl

No, dont give money. Patreon is scheduled for deletion cant do it instantly.

Activity icon
issue

lawl issue comment lawl/NoiseTorch

lawl
lawl

Conduct an Audit

I assume you have regained control of your security keys.

I think this project is large enough to fund an open source audit to alleviate any concerns about security compromises.

These things can happen and there are things the repository owners can do to address it.

Initial research shows an audit taking about US$100/1000 lines of code.

Perhaps consider starting a fundraiser for it @lawl ?

lawl
lawl

No i havent. I believe its unrelated to noisetorch, but better safe than sorry. I am dead right now and dont have the energy to rebuild and rebuy my compiting devices from scratch.

Activity icon
issue

lawl issue comment lawl/NoiseTorch

lawl
lawl

This project is not dead. Because is live in our heart

@lawl thank you for this awesome project.

we will always love you and this project. ❤️

lawl
lawl

@contraexemplo is correct. Sorry i feel dead right now. I don't have any energy to deal with this right now.

I believe the compromise is unrelated, but again, better safe than sorry.

Activity icon
published release POTENTIAL COMPROMISE

lawl in lawl/NoiseTorch create published release POTENTIAL COMPROMISE

createdAt 2 days ago
Activity icon
created tag

lawl in lawl/NoiseTorch create tag 0.11.6

createdAt 2 days ago
Previous