Daniel Micay

icon indicating a website link https://daniel.micay.dev/ icon indicating an email [email protected]

icon company @GrapheneOS icon location Toronto, Ontario, Canada icon location Security researcher/engineer working on mobile privacy/security. Founder of @GrapheneOS.

Results 182 issues of Daniel Micay

add check for CONFIG_MAGIC_SYSRQ_DEFAULT_ENABLE=0x0 too

10 comment

Disabling SYSRQ support entirely is nice, but not always possible. For example, Android uses `/proc/sysrq-trigger` from userspace processes for multiple purposes from privileged core system processes and controls access via...

question

add check for UNWIND_PATCH_PAC_INTO_SCS, which reduces security compared to using both PAC + SCS

6 comment

The `UNWIND_PATCH_PAC_INTO_SCS` configuration option disables ShadowCallStack when PAC is supported by the hardware. it does this by removing the SCS instructions and dynamically patches PAC instructions into SCS instructions when...

question

consider including row for accuracy of the Android security patch level field

3 comment

GrapheneOS appears to be the only one of these alternate operating systems which is setting an accurate value for the Android security patch level and downplaying the importance by splitting...

don't create an error notification for jobs being interrupted by JobScheduler

enhancement

use 48-bit address space via 4 level page tables on arm64 by default

4 comment

Linux kernel defaults to 39-bit address space, providing far weaker ASLR entropy than x86_64 and also making it incompatible with hardened_malloc in the default configuration since there's not enough space....

change for bounding mmap range is likely not required anymore

https://github.com/anthraxx/linux-hardened/commit/6cf94a91337558f3fcaaf9cc04815b156051b0a7 No longer seems required to prevent randomization from breaking by forcing exhausting the address space and then targeting a known address based on the lower bound. More testing /...

AdGuard hard-wires rules specifically for this test domain, and it would be best to take the valid subset of the feedback into account

https://github.com/AdguardTeam/AdguardFilters/blob/ad7ba2570a953157c09eb8aed0d1fbac7cf03d44/SpywareFilter/sections/specific.txt#L4168-L4200 As an example, this complaint of theirs could be fixed: ``` ! Google Analytics admin panel. We're blocking what's required on this web site, but more granuralry (i.e. `/collect`...

bug

uBlock Origin hard-wires blocking all third party content on the test domain, which could be detected and shown as testing not being possible

https://github.com/uBlockOrigin/uAssets/blob/master/filters/filters.txt#L14937-L14941 uBlock Origin simply hard-wires blocking all the third party content on your domain. You could set up another domain to detect that all third party content is being blocked...

bug

hotlinked images for bookmark cards are a bad practice with numerous issues

13 comment

Ghost is currently hotlinking images used for bookmark cards: favicons, web manifest icons, Apple touch icons, Open Graph icons, etc. These images break if the site changes the location of...

bug
Editor

rename misleading "Inter-process communications" toggle which is showing low-level namespace naming to end users

2 comment

This "Inter-process communications" toggle controls whether a fresh System V IPC namespace is created, not interprocess communications as a whole. It should be renamed to something like "Legacy inter-process communications"....